Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/oPLhjvy9Po1Z_LRXWVI4Xy-uSaI.roa
File: oPLhjvy9Po1Z_LRXWVI4Xy-uSaI.roa (raw, json)
Hash identifier: +6u5pg/5FKJZNRUvSC/zK/dlUmEKmTRrS6S5YnuBncM=
Subject key identifier: A0:F2:E1:8E:FC:BD:3E:8D:59:FC:B4:57:59:52:38:5F:2F:AE:49:A2
Certificate issuer: /CN=ed457f969c0fec35b926d0f72a47dd44b8b300f5
Certificate serial: 018CCA2A179F7DF4FC81CF77CA2A21AA077F
Authority key identifier: ED:45:7F:96:9C:0F:EC:35:B9:26:D0:F7:2A:47:DD:44:B8:B3:00:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7UV_lpwP7DW5JtD3KkfdRLizAPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/oPLhjvy9Po1Z_LRXWVI4Xy-uSaI.roa
Signing time: Tue 02 Jan 2024 12:33:25 +0000
ROA not before: Tue 02 Jan 2024 12:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34798
IP address blocks: 193.22.104.0/23 maxlen: 32
193.19.120.0/23 maxlen: 32
2a0f:c640::/48 maxlen: 64
Validation: Failed, certificate revoked on Sun 25 Aug 2024 08:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:17:9f:7d:f4:fc:81:cf:77:ca:2a:21:aa:07:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed457f969c0fec35b926d0f72a47dd44b8b300f5
Validity
Not Before: Jan 2 12:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0f2e18efcbd3e8d59fcb4575952385f2fae49a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:32:c0:08:d1:43:dd:52:bf:ef:5a:d9:b5:27:
03:cc:8c:f8:b7:3d:68:4e:d2:91:6a:4c:5d:30:8b:
9b:47:2b:15:62:1f:2e:df:3b:2d:55:04:21:01:91:
58:d5:d5:44:ff:c9:a2:99:7d:67:4c:3e:2a:dc:35:
e6:c5:ba:7e:c0:8b:b7:8b:8d:49:0f:c1:46:22:46:
5a:f2:da:d0:cb:4d:f2:c9:93:34:b0:b4:4b:00:0a:
f1:13:a6:59:f2:89:92:ce:05:49:03:aa:89:36:3d:
dc:a5:3b:35:0e:16:b6:da:02:dc:c3:2d:91:fa:ba:
2f:eb:24:3a:10:de:90:2c:97:10:04:67:68:b7:98:
22:b3:fa:e3:b9:7d:d4:e4:7c:04:47:f8:ee:cb:a8:
3d:73:6b:43:a2:75:0e:b0:59:a3:10:f5:88:90:2a:
80:08:2b:0d:fd:98:92:88:48:b2:76:ab:b2:e3:fe:
cc:69:3f:b9:c5:5b:d3:4d:76:79:2f:0b:40:06:8c:
3e:27:a6:a3:90:47:3a:9f:7a:79:78:fb:b5:73:17:
84:ef:5b:12:d3:87:d9:62:24:77:4a:64:60:df:16:
89:69:ee:cd:fc:c8:fe:1a:84:04:10:85:29:a7:c5:
65:79:b9:89:e0:61:b9:20:1e:a6:e8:22:2a:32:25:
4f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F2:E1:8E:FC:BD:3E:8D:59:FC:B4:57:59:52:38:5F:2F:AE:49:A2
X509v3 Authority Key Identifier:
keyid:ED:45:7F:96:9C:0F:EC:35:B9:26:D0:F7:2A:47:DD:44:B8:B3:00:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7UV_lpwP7DW5JtD3KkfdRLizAPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/oPLhjvy9Po1Z_LRXWVI4Xy-uSaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/7UV_lpwP7DW5JtD3KkfdRLizAPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.120.0/23
193.22.104.0/23
IPv6:
2a0f:c640::/48
Signature Algorithm: sha256WithRSAEncryption
0d:cd:92:fa:ec:5f:20:b5:44:ea:29:3e:3b:54:1b:98:a3:74:
40:fa:aa:75:1e:73:cf:ff:6f:63:5f:d3:a9:81:14:e2:2d:ff:
42:c5:29:30:c3:1c:96:6e:26:d2:a9:2b:a9:c3:02:0c:40:0a:
bb:78:a1:a5:f9:89:8f:8d:b4:d8:de:fb:4f:db:ca:6c:0f:d8:
ef:d7:61:03:f9:6d:7c:29:f9:3d:5a:a8:db:da:ea:55:5f:8c:
23:b0:04:5b:3f:4d:4f:f0:64:2e:b6:da:7f:77:8e:2e:d9:c2:
01:6b:12:9d:ae:a1:af:9b:a5:49:db:7c:58:cc:b7:b3:86:f1:
15:74:aa:01:f3:c0:41:21:0f:66:12:c9:41:fd:76:0d:d9:54:
97:a3:0c:10:8c:8d:6b:e4:d6:28:e3:b5:63:f4:5c:d0:55:da:
63:4c:16:cc:18:43:e1:0c:5e:8b:7a:41:70:31:dc:b5:b8:4d:
02:f7:f4:bb:cd:6c:6b:06:41:00:bb:7d:d2:a8:a6:db:cd:62:
cf:61:be:e0:e2:98:aa:b1:5c:f5:0e:7a:16:59:0c:f4:4d:1c:
7d:c1:4f:82:4f:54:6b:13:cb:eb:72:38:af:5d:41:00:b1:0b:
fc:62:cf:ee:d2:0b:20:2e:48:3d:88:dd:3a:8f:17:c7:af:0b:
d9:13:0f:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKKhefffT8gc93yiohqgd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNDU3Zjk2OWMwZmVjMzViOTI2ZDBmNzJhNDdkZDQ0Yjhi
MzAwZjUwHhcNMjQwMTAyMTIzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYyZTE4ZWZjYmQzZThkNTlmY2I0NTc1OTUyMzg1ZjJmYWU0OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjLACNFD3VK/71rZtScDzIz4tz1o
TtKRakxdMIubRysVYh8u3zstVQQhAZFY1dVE/8mimX1nTD4q3DXmxbp+wIu3i41J
D8FGIkZa8trQy03yyZM0sLRLAArxE6ZZ8omSzgVJA6qJNj3cpTs1Dha22gLcwy2R
+rov6yQ6EN6QLJcQBGdot5gis/rjuX3U5HwER/juy6g9c2tDonUOsFmjEPWIkCqA
CCsN/ZiSiEiydquy4/7MaT+5xVvTTXZ5LwtABow+J6ajkEc6n3p5ePu1cxeE71sS
04fZYiR3SmRg3xaJae7N/Mj+GoQEEIUpp8VlebmJ4GG5IB6m6CIqMiVPpQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKDy4Y78vT6NWfy0V1lSOF8vrkmiMB8GA1UdIwQY
MBaAFO1Ff5acD+w1uSbQ9ypH3US4swD1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1VWX2xwd1A3RFc1SnREM0trZmRSTGl6QVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85MjY4YmYtMjVlOS00YzM4LWJhZjct
ZTQ3ZWJlZTJjMDIwLzEvb1BMaGp2eTlQbzFaX0xSWFdWSTRYeS11U2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85MjY4YmYtMjVlOS00YzM4LWJhZjctZTQ3ZWJlZTJjMDIw
LzEvN1VWX2xwd1A3RFc1SnREM0trZmRSTGl6QVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwRN4AwQB
wRZoMA8EAgACMAkDBwAqD8ZAAAAwDQYJKoZIhvcNAQELBQADggEBAA3NkvrsXyC1
ROopPjtUG5ijdED6qnUec8//b2Nf06mBFOIt/0LFKTDDHJZuJtKpK6nDAgxACrt4
oaX5iY+NtNje+0/bymwP2O/XYQP5bXwp+T1aqNva6lVfjCOwBFs/TU/wZC622n93
ji7ZwgFrEp2uoa+bpUnbfFjMt7OG8RV0qgHzwEEhD2YSyUH9dg3ZVJejDBCMjWvk
1ijjtWP0XNBV2mNMFswYQ+EMXot6QXAx3LW4TQL39LvNbGsGQQC7fdKoptvNYs9h
vuDimKqxXPUOehZZDPRNHH3BT4JPVGsTy+tyOK9dQQCxC/xiz+7SCyAuSD2I3TqP
F8evC9kTDzI=
-----END CERTIFICATE-----
Generated at Sun Aug 25 11:46:20 2024 by rpki-client on console-fra.rpki-client.org