Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/oL3HpKxyrH1_Fc6HVi7amYpVn4g.roa
File: oL3HpKxyrH1_Fc6HVi7amYpVn4g.roa (raw, json)
Hash identifier: tkEQGNnAkZH2jOFmEGxyswoQjsQ0nqCeBFWLIkwWe8s=
Subject key identifier: A0:BD:C7:A4:AC:72:AC:7D:7F:15:CE:87:56:2E:DA:99:8A:55:9F:88
Certificate issuer: /CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Certificate serial: 01856CEF4D262981C99276A28D18AAAED6C4
Authority key identifier: 0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/oL3HpKxyrH1_Fc6HVi7amYpVn4g.roa
Signing time: Sun 01 Jan 2023 10:45:00 +0000
ROA not before: Sun 01 Jan 2023 10:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2586
IP address blocks: 176.124.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:4d:26:29:81:c9:92:76:a2:8d:18:aa:ae:d6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Validity
Not Before: Jan 1 10:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0bdc7a4ac72ac7d7f15ce87562eda998a559f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:61:83:31:05:f9:3a:28:33:92:c2:89:18:
36:ba:74:d5:4c:76:38:e4:aa:b0:dd:dd:03:d9:5d:
fd:7c:40:a4:b2:bf:79:b3:1e:16:c2:f7:7a:cd:93:
a4:92:a2:a8:3f:53:93:89:30:07:b9:e8:2b:07:f9:
7a:64:57:43:72:4f:a7:34:65:dc:5f:6a:c7:85:30:
00:c0:bc:ab:ee:68:9e:8b:39:2d:f6:a4:53:ab:3b:
43:7f:46:8d:c4:d8:7e:c8:14:b2:39:24:6f:51:f4:
41:7b:cd:eb:8a:73:3a:63:50:b5:e3:a1:a7:fe:c4:
5b:4b:80:e1:4e:49:91:32:37:83:58:fb:fb:be:40:
d5:4e:ed:c6:f9:d1:14:60:71:72:8f:70:a3:4f:17:
13:44:36:f2:e4:69:a4:5b:7d:01:be:da:99:f5:8c:
e6:28:dc:45:c5:b0:35:a4:46:75:bc:d3:2d:43:4f:
28:55:0a:75:fa:07:b8:ad:41:48:f9:13:c0:69:f0:
9a:09:94:e1:0a:c6:c6:cf:e5:71:95:e6:2e:b5:f0:
bc:0c:36:20:19:f2:90:34:24:f0:c8:dd:86:87:3c:
95:ab:0f:6c:cd:99:1e:6b:08:1d:69:a5:ea:64:6c:
9a:22:fb:5d:35:1f:74:1e:43:1a:7c:26:62:9d:6d:
9c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BD:C7:A4:AC:72:AC:7D:7F:15:CE:87:56:2E:DA:99:8A:55:9F:88
X509v3 Authority Key Identifier:
keyid:0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/oL3HpKxyrH1_Fc6HVi7amYpVn4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/DQSRPQQ9uxF89rkyPIqyR8tS4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.247.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b7:8f:5a:8a:f2:c4:3a:ad:66:bb:43:d2:4b:43:67:6c:b3:
87:0f:38:19:cc:c5:3a:7e:ea:36:73:29:cd:c8:40:14:4b:24:
ba:9e:40:52:6a:db:80:e1:c5:c6:a3:c1:4e:59:ce:06:5f:5a:
49:d9:33:9a:50:b3:eb:62:26:28:7e:86:4a:a4:d0:b4:43:e3:
43:0a:18:06:ec:d3:4b:12:fd:6c:5b:75:ec:55:87:ff:23:51:
6b:b8:a3:40:f9:55:52:a9:38:a8:01:97:63:c5:6c:7e:24:cf:
7f:06:ec:69:ff:32:a3:13:66:23:cd:18:84:d1:00:e2:18:c9:
e4:d9:89:83:d8:b6:ed:14:82:ae:ce:fd:38:b2:92:00:69:d9:
66:fc:91:ea:da:30:02:7b:ad:49:01:f2:ac:51:f9:4c:31:3d:
3a:8a:d1:09:4c:2f:77:6b:14:81:d6:a1:1a:c1:ee:32:7a:de:
c2:5d:e5:40:8a:7e:f6:6a:43:11:fa:dd:d1:fd:d0:f0:2d:d9:
17:24:8e:f8:cf:82:d8:a1:04:2b:a4:09:87:cd:95:ca:a6:bd:
70:2c:0d:10:23:c1:ca:25:0a:f8:37:44:6b:3d:56:0d:0a:fc:
31:87:4f:4c:46:a1:f8:be:85:d4:e3:a7:08:28:b0:1e:c4:e1:
19:07:b7:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs700mKYHJknaijRiqrtbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDQ5MTNkMDQzZGJiMTE3Y2Y2YjkzMjNjOGFiMjQ3Y2I1
MmUyNTEwHhcNMjMwMTAxMTA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJkYzdhNGFjNzJhYzdkN2YxNWNlODc1NjJlZGE5OThhNTU5Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTphgzEF+TooM5LCiRg2unTVTHY4
5Kqw3d0D2V39fECksr95sx4Wwvd6zZOkkqKoP1OTiTAHuegrB/l6ZFdDck+nNGXc
X2rHhTAAwLyr7mieizkt9qRTqztDf0aNxNh+yBSyOSRvUfRBe83rinM6Y1C146Gn
/sRbS4DhTkmRMjeDWPv7vkDVTu3G+dEUYHFyj3CjTxcTRDby5GmkW30BvtqZ9Yzm
KNxFxbA1pEZ1vNMtQ08oVQp1+ge4rUFI+RPAafCaCZThCsbGz+VxleYutfC8DDYg
GfKQNCTwyN2GhzyVqw9szZkeawgdaaXqZGyaIvtdNR90HkMafCZinW2c4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC9x6Sscqx9fxXOh1Yu2pmKVZ+IMB8GA1UdIwQY
MBaAFA0EkT0EPbsRfPa5MjyKskfLUuJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFTUlBRUTl1eEY4OXJreVBJcXlSOHRTNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80N2RmZjAtMmIxMS00NGJjLWI3MjEt
OTZjODFmYjY1MWEwLzEvb0wzSHBLeHlySDFfRmM2SFZpN2FtWXBWbjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80N2RmZjAtMmIxMS00NGJjLWI3MjEtOTZjODFmYjY1MWEw
LzEvRFFTUlBRUTl1eEY4OXJreVBJcXlSOHRTNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHz3MA0G
CSqGSIb3DQEBCwUAA4IBAQCJt49aivLEOq1mu0PSS0NnbLOHDzgZzMU6fuo2cynN
yEAUSyS6nkBSatuA4cXGo8FOWc4GX1pJ2TOaULPrYiYofoZKpNC0Q+NDChgG7NNL
Ev1sW3XsVYf/I1FruKNA+VVSqTioAZdjxWx+JM9/Buxp/zKjE2YjzRiE0QDiGMnk
2YmD2LbtFIKuzv04spIAadlm/JHq2jACe61JAfKsUflMMT06itEJTC93axSB1qEa
we4yet7CXeVAin72akMR+t3R/dDwLdkXJI74z4LYoQQrpAmHzZXKpr1wLA0QI8HK
JQr4N0RrPVYNCvwxh09MRqH4voXU46cIKLAexOEZB7cu
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:30 2024 by rpki-client on console-fra.rpki-client.org