Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oT5NAqMOSMOfttZCoIXpi0eyqMU.roa
File: oT5NAqMOSMOfttZCoIXpi0eyqMU.roa (raw, json)
Hash identifier: /0IzZmOGXOa+OMsycMlUEzPQ481AaN7iYXhLObES48w=
Subject key identifier: A1:3E:4D:02:A3:0E:48:C3:9F:B6:D6:42:A0:85:E9:8B:47:B2:A8:C5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01892B0E99154AA8AB7C843379FCA3292C3F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oT5NAqMOSMOfttZCoIXpi0eyqMU.roa
Signing time: Thu 06 Jul 2023 11:55:24 +0000
ROA not before: Thu 06 Jul 2023 11:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 84.54.33.0/24 maxlen: 24
193.218.34.0/24 maxlen: 24
45.83.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 06:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:0e:99:15:4a:a8:ab:7c:84:33:79:fc:a3:29:2c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 6 11:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a13e4d02a30e48c39fb6d642a085e98b47b2a8c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8f:52:86:c2:ba:a4:61:d1:35:3d:0f:3c:e6:
1b:6f:a1:e5:83:2d:4d:9a:89:ba:d6:f4:74:8f:4f:
ef:39:6a:a9:6d:47:e0:3d:46:a3:6f:6b:f8:9e:a2:
e8:16:31:57:22:f6:75:fc:96:c8:32:10:b3:42:39:
40:ce:5c:69:7d:73:cb:72:aa:75:b9:be:37:f4:8e:
0f:ff:0c:5d:3b:b4:14:c9:3b:72:06:13:f9:a0:5d:
eb:bf:37:88:00:e6:10:b7:a6:48:ab:37:ad:a3:b3:
a4:24:3c:a1:5e:15:e6:5c:fb:32:91:f5:00:ca:ed:
33:01:0f:29:b4:84:33:eb:5c:75:d9:0c:d1:4e:7c:
22:bc:bd:56:fb:fb:ea:fc:15:1f:54:94:00:cf:b7:
ad:50:83:b6:df:38:72:00:e5:ce:94:92:a5:d6:7d:
98:d8:83:f7:e1:77:8c:f2:40:67:a1:a7:39:2e:75:
b7:7a:08:92:8b:f4:99:63:38:56:2a:d6:c7:da:8a:
0c:e3:34:3c:63:95:7a:0d:78:f1:23:a7:83:f4:e4:
a1:3c:73:57:e3:0a:91:23:3f:4c:96:c6:72:26:37:
e5:33:d8:59:c2:a9:31:60:61:23:79:e4:34:c6:b2:
c8:c6:0c:9e:75:4b:f2:62:60:a9:55:df:1d:32:03:
be:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3E:4D:02:A3:0E:48:C3:9F:B6:D6:42:A0:85:E9:8B:47:B2:A8:C5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oT5NAqMOSMOfttZCoIXpi0eyqMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
84.54.33.0/24
193.218.34.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ff:fb:60:de:10:17:07:3c:60:72:72:de:a5:b7:b4:26:0a:
8f:6e:cc:17:02:15:7a:d3:31:c4:f5:84:72:08:b7:33:c9:7a:
93:6d:e9:41:b8:54:ca:fc:d9:40:ab:a2:c4:0a:d6:52:46:be:
e0:cd:24:03:77:19:7a:9d:21:b8:9e:93:ad:84:3f:fd:60:fa:
21:34:e8:99:8a:94:a4:a0:80:88:b7:31:28:8c:48:3f:94:91:
f1:42:b6:ed:83:0f:40:e2:3f:94:d3:2e:2c:43:50:5a:46:84:
26:d1:01:08:23:5e:0b:71:ac:f2:7c:08:c8:af:66:69:ed:6f:
4e:56:ff:35:e1:23:33:a2:af:39:6f:a3:6d:bf:12:4a:fd:fc:
b0:96:0e:91:94:d7:af:74:5d:9a:91:a1:43:32:45:a4:29:c6:
d7:6a:50:9c:ba:e8:d7:b2:26:0d:8f:c8:7b:cb:19:14:67:31:
f9:fa:23:32:74:40:82:b7:0f:99:67:d3:ea:62:c9:20:56:6a:
41:f1:53:ad:b4:66:7b:11:8b:62:64:94:76:3c:61:b6:6a:15:
c2:07:07:f7:92:83:07:42:b2:c4:1f:8b:29:7e:77:e4:9f:d2:
88:63:dc:e6:82:39:4b:a8:2e:05:d3:1e:26:ff:bc:29:9d:d3:
55:79:40:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkrDpkVSqirfIQzefyjKSw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA2MTE1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTNlNGQwMmEzMGU0OGMzOWZiNmQ2NDJhMDg1ZTk4YjQ3YjJhOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg49ShsK6pGHRNT0PPOYbb6Hlgy1N
mom61vR0j0/vOWqpbUfgPUajb2v4nqLoFjFXIvZ1/JbIMhCzQjlAzlxpfXPLcqp1
ub439I4P/wxdO7QUyTtyBhP5oF3rvzeIAOYQt6ZIqzeto7OkJDyhXhXmXPsykfUA
yu0zAQ8ptIQz61x12QzRTnwivL1W+/vq/BUfVJQAz7etUIO23zhyAOXOlJKl1n2Y
2IP34XeM8kBnoac5LnW3egiSi/SZYzhWKtbH2ooM4zQ8Y5V6DXjxI6eD9OShPHNX
4wqRIz9MlsZyJjflM9hZwqkxYGEjeeQ0xrLIxgyedUvyYmCpVd8dMgO+zwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKE+TQKjDkjDn7bWQqCF6YtHsqjFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb1Q1TkFxTU9TTU9mdHRaQ29JWHBpMGV5cU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMA0GCSqGSIb3DQEBCwUAA4IBAQA9//tg3hAXBzxgcnLepbe0JgqP
bswXAhV60zHE9YRyCLczyXqTbelBuFTK/NlAq6LECtZSRr7gzSQDdxl6nSG4npOt
hD/9YPohNOiZipSkoICItzEojEg/lJHxQrbtgw9A4j+U0y4sQ1BaRoQm0QEII14L
cazyfAjIr2Zp7W9OVv814SMzoq85b6NtvxJK/fywlg6RlNevdF2akaFDMkWkKcbX
alCcuujXsiYNj8h7yxkUZzH5+iMydECCtw+ZZ9PqYskgVmpB8VOttGZ7EYtiZJR2
PGG2ahXCBwf3koMHQrLEH4spfnfkn9KIY9zmgjlLqC4F0x4m/7wpndNVeUB/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org