Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/OJfDlwnocmHSkM23YkcH5YgTiRE.roa
File: OJfDlwnocmHSkM23YkcH5YgTiRE.roa (raw, json)
Hash identifier: Um7mTzCpnyDZHXziLeMXZen7Ad6gKl8QfNzo03DH8fU=
Subject key identifier: 38:97:C3:97:09:E8:72:61:D2:90:CD:B7:62:47:07:E5:88:13:89:11
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018A502A00A537A5765874CDC469DF75D79B
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/OJfDlwnocmHSkM23YkcH5YgTiRE.roa
Signing time: Fri 01 Sep 2023 09:54:04 +0000
ROA not before: Fri 01 Sep 2023 09:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 45.143.202.0/24 maxlen: 24
92.63.202.0/24 maxlen: 24
92.63.200.0/24 maxlen: 24
185.156.75.0/24 maxlen: 24
2a0e:e5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:2a:00:a5:37:a5:76:58:74:cd:c4:69:df:75:d7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Sep 1 09:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3897c39709e87261d290cdb7624707e588138911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ad:bf:a7:b3:f8:49:7c:27:76:ec:99:42:47:
d6:d4:5e:3b:9d:d1:86:d7:ff:9f:7c:4b:d1:a2:78:
33:b2:fa:f8:9f:7e:78:e9:75:36:dd:96:7f:ef:09:
6e:51:c5:b7:cc:19:d0:02:88:a5:4f:02:72:2e:50:
42:66:b2:f5:82:a8:4c:75:42:39:e8:73:0b:d0:c7:
bc:06:14:30:e3:4c:fd:d8:c4:be:bf:71:88:4c:0b:
a9:71:f4:10:31:35:ca:c5:b3:01:fb:b6:b1:1d:17:
51:20:9c:cc:c8:c6:f9:ba:e4:f8:1b:10:03:e5:b6:
b7:77:5e:65:0e:0c:9b:00:58:58:7f:75:17:3e:df:
f3:7a:34:46:86:47:b6:4e:16:3a:46:e0:29:86:3c:
51:78:3b:95:4c:50:de:11:de:f6:fb:d0:4d:a6:77:
9d:2c:35:fe:f6:87:74:93:58:4f:a6:93:1b:a4:7e:
1c:54:d3:5e:c5:e3:16:5e:a3:be:4a:73:98:e9:0c:
a1:f1:13:a9:3b:cc:5e:71:2a:a6:43:16:bd:51:f0:
8b:c1:bc:00:af:65:bc:a3:74:34:5a:f1:c9:7b:3c:
be:cd:2b:90:61:42:95:bd:8a:3f:5a:37:5d:48:69:
d8:d3:d8:c1:09:bd:3b:57:ef:7f:0a:45:09:36:59:
94:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:97:C3:97:09:E8:72:61:D2:90:CD:B7:62:47:07:E5:88:13:89:11
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/OJfDlwnocmHSkM23YkcH5YgTiRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.202.0/24
92.63.200.0/24
92.63.202.0/24
185.156.75.0/24
IPv6:
2a0e:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:d8:f0:17:9c:d1:50:3c:7a:31:5d:88:f6:bd:1a:8e:2b:b2:
5a:b2:78:e3:2c:6a:4e:52:1c:4b:1d:10:20:c4:a4:56:57:eb:
74:cc:48:cc:e6:2a:6d:55:34:78:a7:e4:54:7e:18:12:be:98:
cb:19:72:33:fa:92:4c:75:80:70:71:4f:bc:8d:3f:d8:2c:d2:
c3:4b:2d:77:3a:19:06:c9:82:ca:37:0e:3a:4a:16:01:14:02:
a0:dc:17:0c:a7:14:fb:39:7f:9b:ab:0c:a5:a9:a6:30:6d:40:
20:b4:e6:5d:e7:e2:37:d8:43:a8:f1:db:43:26:30:ff:45:f9:
58:9e:8c:5e:93:a0:92:ff:40:81:d1:b3:a1:0c:5d:1d:0f:a6:
2a:52:be:a5:30:7b:f9:42:c8:cb:a4:b2:14:20:a5:8e:cc:60:
3a:7a:ce:31:59:b7:af:bd:9a:9a:96:18:b0:b3:1d:be:8e:ab:
68:76:b4:33:1a:62:f9:7e:d0:d7:45:64:68:33:48:a3:6c:d2:
91:eb:a1:ca:39:7e:57:d2:4f:c1:74:91:9d:d7:43:b2:c7:7a:
20:a4:6c:3b:e3:37:85:40:9c:bb:51:64:1c:e4:16:2d:32:62:
18:6f:5c:fd:de:eb:27:82:38:71:02:92:5c:85:de:28:bd:24:
c2:c3:b0:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYpQKgClN6V2WHTNxGnfddebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjMwOTAxMDk1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk3YzM5NzA5ZTg3MjYxZDI5MGNkYjc2MjQ3MDdlNTg4MTM4OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiK2/p7P4SXwnduyZQkfW1F47ndGG
1/+ffEvRongzsvr4n3546XU23ZZ/7wluUcW3zBnQAoilTwJyLlBCZrL1gqhMdUI5
6HML0Me8BhQw40z92MS+v3GITAupcfQQMTXKxbMB+7axHRdRIJzMyMb5uuT4GxAD
5ba3d15lDgybAFhYf3UXPt/zejRGhke2ThY6RuAphjxReDuVTFDeEd72+9BNpned
LDX+9od0k1hPppMbpH4cVNNexeMWXqO+SnOY6Qyh8ROpO8xecSqmQxa9UfCLwbwA
r2W8o3Q0WvHJezy+zSuQYUKVvYo/WjddSGnY09jBCb07V+9/CkUJNlmUaQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDiXw5cJ6HJh0pDNt2JHB+WIE4kRMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvT0pmRGx3bm9jbUhTa00yM1lrY0g1WWdUaVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALY/KAwQA
XD/IAwQAXD/KAwQAuZxLMA0EAgACMAcDBQMqDuXAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+2PAXnNFQPHoxXYj2vRqOK7JasnjjLGpOUhxLHRAgxKRWV+t0zEjM5iptVTR4
p+RUfhgSvpjLGXIz+pJMdYBwcU+8jT/YLNLDSy13OhkGyYLKNw46ShYBFAKg3BcM
pxT7OX+bqwylqaYwbUAgtOZd5+I32EOo8dtDJjD/RflYnoxek6CS/0CB0bOhDF0d
D6YqUr6lMHv5QsjLpLIUIKWOzGA6es4xWbevvZqalhiwsx2+jqtodrQzGmL5ftDX
RWRoM0ijbNKR66HKOX5X0k/BdJGd10Oyx3ogpGw74zeFQJy7UWQc5BYtMmIYb1z9
3usngjhxApJchd4ovSTCw7Bv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org