Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/ocmv2GwpcrURsQ1rGS5OSIwCauk.roa
File: ocmv2GwpcrURsQ1rGS5OSIwCauk.roa (raw, json)
Hash identifier: Dl6gjSOh/xiP3gg8DBBGtW/g8CLGluIbNTymrWX2LtY=
Subject key identifier: A1:C9:AF:D8:6C:29:72:B5:11:B1:0D:6B:19:2E:4E:48:8C:02:6A:E9
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 0188E882F3D0AA2D88DEA7085E5F31BA8766
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/ocmv2GwpcrURsQ1rGS5OSIwCauk.roa
Signing time: Fri 23 Jun 2023 13:47:56 +0000
ROA not before: Fri 23 Jun 2023 13:47:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55933
IP address blocks: 45.150.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:82:f3:d0:aa:2d:88:de:a7:08:5e:5f:31:ba:87:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jun 23 13:47:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c9afd86c2972b511b10d6b192e4e488c026ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0c:40:46:02:71:c6:d2:30:37:77:d8:35:40:
4e:64:77:2d:55:46:4b:17:4e:17:2e:01:0f:7d:89:
72:28:92:b8:36:f1:90:a8:fe:d8:10:6d:d1:26:a2:
2b:f7:d2:c6:af:dd:45:17:17:11:56:b5:c4:03:06:
f6:1b:bc:4e:69:49:79:3a:d3:34:d5:5d:11:39:e9:
78:16:67:a5:c3:8d:5e:d9:29:f1:72:26:b1:fa:6a:
68:01:3f:55:e4:36:32:33:ce:48:cf:96:e1:ef:b4:
ba:cb:10:78:0a:47:7f:c5:a9:c8:02:c1:17:d3:0c:
57:6e:d1:1f:0e:ce:10:23:46:bd:d4:fc:46:24:54:
38:fb:f8:17:e6:05:c4:4e:f4:46:1b:c4:9b:05:90:
0c:47:fc:6f:00:a0:8c:a4:ca:46:4c:b6:e1:93:5c:
89:21:16:74:20:36:93:c5:d1:80:1e:4c:9f:7d:27:
ae:4c:17:88:4e:5c:6b:27:cd:d8:42:bf:8c:aa:36:
fe:69:2a:8a:17:e6:6b:c0:23:6b:03:b0:9b:de:bf:
2f:f4:ac:cf:ba:05:1a:d0:4c:55:61:7a:42:e2:55:
75:26:23:27:02:d3:b3:c7:32:3d:b6:44:89:c6:4c:
aa:6c:8a:8a:86:1c:fc:e6:88:78:61:6a:c6:cb:4f:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C9:AF:D8:6C:29:72:B5:11:B1:0D:6B:19:2E:4E:48:8C:02:6A:E9
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/ocmv2GwpcrURsQ1rGS5OSIwCauk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.236.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:60:0a:f4:a9:4b:62:56:3e:17:d7:2f:5a:ac:67:b8:81:0f:
9b:53:12:51:e6:14:25:5d:e1:3d:e5:9e:3a:df:28:fd:10:19:
ff:c8:66:18:f6:b9:02:4b:2a:03:eb:63:69:ff:d7:61:ad:64:
04:4f:06:27:1d:7b:bd:4f:38:08:ed:a2:af:36:74:64:f0:82:
72:93:7a:d3:79:35:e8:7b:98:b4:2d:f9:93:6a:ea:90:26:45:
09:23:11:dd:da:fd:39:96:af:0c:8f:98:6b:0c:57:8f:bd:67:
01:4a:23:d3:82:02:b9:3c:64:35:0e:f7:09:61:93:ab:9a:4d:
ee:47:70:bc:7a:4a:26:a7:6e:db:06:19:d3:58:20:79:79:88:
f6:07:06:25:a7:d9:20:71:02:99:c1:d2:83:89:5d:e8:9b:51:
16:f9:3a:0e:7a:0e:d3:bf:3a:e9:11:aa:2e:15:e1:8d:a8:af:
3b:0a:a1:31:c8:e8:e5:63:08:d3:1f:c0:ce:cc:e0:51:39:7e:
ad:c6:99:ad:52:20:5e:f9:c4:10:9b:5d:41:8e:ac:90:d2:c6:
ea:d1:da:9d:d4:e0:05:76:32:dc:cf:a4:50:90:bd:be:aa:65:
7d:24:16:b5:4e:f4:92:08:95:f5:fb:83:d1:bf:ff:9f:83:41:
16:e1:96:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjogvPQqi2I3qcIXl8xuodmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjMwNjIzMTM0NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM5YWZkODZjMjk3MmI1MTFiMTBkNmIxOTJlNGU0ODhjMDI2YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QxARgJxxtIwN3fYNUBOZHctVUZL
F04XLgEPfYlyKJK4NvGQqP7YEG3RJqIr99LGr91FFxcRVrXEAwb2G7xOaUl5OtM0
1V0ROel4Fmelw41e2Snxciax+mpoAT9V5DYyM85Iz5bh77S6yxB4Ckd/xanIAsEX
0wxXbtEfDs4QI0a91PxGJFQ4+/gX5gXETvRGG8SbBZAMR/xvAKCMpMpGTLbhk1yJ
IRZ0IDaTxdGAHkyffSeuTBeITlxrJ83YQr+Mqjb+aSqKF+ZrwCNrA7Cb3r8v9KzP
ugUa0ExVYXpC4lV1JiMnAtOzxzI9tkSJxkyqbIqKhhz85oh4YWrGy0+IgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHJr9hsKXK1EbENaxkuTkiMAmrpMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvb2NtdjJHd3BjclVSc1ExckdTNU9TSXdDYXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZbsMA0G
CSqGSIb3DQEBCwUAA4IBAQBvYAr0qUtiVj4X1y9arGe4gQ+bUxJR5hQlXeE95Z46
3yj9EBn/yGYY9rkCSyoD62Np/9dhrWQETwYnHXu9TzgI7aKvNnRk8IJyk3rTeTXo
e5i0LfmTauqQJkUJIxHd2v05lq8Mj5hrDFePvWcBSiPTggK5PGQ1DvcJYZOrmk3u
R3C8ekomp27bBhnTWCB5eYj2BwYlp9kgcQKZwdKDiV3om1EW+ToOeg7TvzrpEaou
FeGNqK87CqExyOjlYwjTH8DOzOBROX6txpmtUiBe+cQQm11BjqyQ0sbq0dqd1OAF
djLcz6RQkL2+qmV9JBa1TvSSCJX1+4PRv/+fg0EW4Zau
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:26 2024 by rpki-client on console-fra.rpki-client.org