Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/_ohJLHBGFU1qW5vvcbH88dZG8LE.roa
File: _ohJLHBGFU1qW5vvcbH88dZG8LE.roa (raw, json)
Hash identifier: 3cV2XGZPzokZygAyuXLUm4byHdhzLhJeaYyduSnZHwo=
Subject key identifier: FE:88:49:2C:70:46:15:4D:6A:5B:9B:EF:71:B1:FC:F1:D6:46:F0:B1
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018B8F1D7E003FD7C1EEB245F9C192026CDC
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/_ohJLHBGFU1qW5vvcbH88dZG8LE.roa
Signing time: Thu 02 Nov 2023 08:19:16 +0000
ROA not before: Thu 02 Nov 2023 08:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42675
IP address blocks: 194.26.217.0/24 maxlen: 24
45.15.16.0/24 maxlen: 24
62.204.40.0/24 maxlen: 24
2a0e:1c80:8::/48 maxlen: 48
2a0e:1c80:6::/48 maxlen: 48
2a12:7800::/32 maxlen: 32
2a0e:1c80:1::/48 maxlen: 48
2a0e:1c80:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1d:7e:00:3f:d7:c1:ee:b2:45:f9:c1:92:02:6c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Nov 2 08:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe88492c7046154d6a5b9bef71b1fcf1d646f0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:11:30:d2:7d:8a:11:4a:d8:a7:c0:5f:ab:
b2:83:e5:1c:43:8f:e2:b3:74:d2:2f:28:20:07:27:
0d:2b:26:8e:e4:72:a8:2e:80:03:fa:52:24:8d:9d:
c2:26:40:2e:d6:89:26:87:60:9a:fb:85:05:ad:9b:
38:14:ec:d6:0c:d9:1c:70:fe:36:35:34:e3:cc:49:
35:b8:75:1a:f9:20:7b:e1:87:17:b0:c4:49:7e:76:
b8:cc:67:57:8b:90:5c:3b:5e:dc:c7:ad:45:1d:75:
9c:06:60:8f:66:d4:62:f3:d0:6e:27:81:f9:63:fb:
d5:ca:ee:43:f7:d4:9d:d8:a1:dd:24:5b:ad:59:9b:
40:c9:9c:8d:12:49:43:27:9b:31:e8:f7:15:11:05:
d5:3c:05:e9:9a:ed:d8:c9:60:4a:d0:15:65:d5:b1:
c2:04:f3:9f:8c:ba:2c:ce:c7:6c:96:43:31:39:ac:
5e:2f:84:0c:53:43:37:de:5a:33:1f:cd:59:f4:67:
6a:71:38:40:fe:19:29:ae:a6:dd:59:26:b8:26:79:
83:ed:16:1e:db:0a:b5:e1:bf:6d:70:49:dd:8d:ff:
1b:b6:fc:21:e7:c9:17:a0:99:b8:e2:0b:df:81:e6:
b0:93:12:15:96:a3:a1:6e:59:ea:47:c6:1b:b8:db:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:88:49:2C:70:46:15:4D:6A:5B:9B:EF:71:B1:FC:F1:D6:46:F0:B1
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/_ohJLHBGFU1qW5vvcbH88dZG8LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.16.0/24
62.204.40.0/24
194.26.217.0/24
IPv6:
2a0e:1c80:1::/48
2a0e:1c80:6::/48
2a0e:1c80:8::/48
2a0e:1c80:f::/48
2a12:7800::/32
Signature Algorithm: sha256WithRSAEncryption
11:84:f2:a7:f4:33:49:5d:38:7e:de:a3:0f:ec:eb:78:47:5e:
8c:fe:49:da:cd:4f:db:c6:e5:8f:0a:08:54:4d:7b:93:dc:8a:
75:82:cf:2e:d5:19:63:a7:73:cf:c1:01:fd:e4:6b:ea:a1:a7:
33:8f:d5:e4:aa:f2:2b:9f:3e:f5:06:58:aa:6f:ff:e7:b0:4a:
d3:a5:27:ca:ac:8d:51:88:cd:ff:24:8e:b6:19:41:49:4b:4d:
55:e7:e9:4c:b7:b5:30:39:b2:ab:6b:2e:c8:04:13:7a:cf:16:
7a:1b:9a:5e:3d:33:73:71:2a:dd:74:5f:3a:ed:1c:6a:07:b2:
97:f3:d6:97:f9:fd:1c:89:b6:7a:2e:25:dd:1a:10:e9:33:45:
05:11:e3:7e:f9:3b:6b:39:40:5c:a1:b2:95:95:f4:23:0f:e6:
40:d3:fd:12:e4:b1:47:e6:b5:95:cd:63:17:2c:d7:ef:35:06:
8c:59:5a:8d:d7:c3:39:d4:e8:ad:01:cd:eb:33:e2:25:eb:fd:
4a:f0:90:a2:3c:c8:26:fa:41:0d:32:64:40:e9:4f:5f:e7:c4:
28:85:8a:39:7f:a8:18:6f:48:e4:e1:6c:78:3c:b8:d4:a6:0c:
c3:e5:14:49:c5:09:c7:1c:b9:c9:d2:9f:66:44:e7:bf:99:2c:
f9:0c:d9:cb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYuPHX4AP9fB7rJF+cGSAmzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjMxMTAyMDgxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg4NDkyYzcwNDYxNTRkNmE1YjliZWY3MWIxZmNmMWQ2NDZmMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0gRMNJ9ihFK2KfAX6uyg+UcQ4/i
s3TSLyggBycNKyaO5HKoLoAD+lIkjZ3CJkAu1okmh2Ca+4UFrZs4FOzWDNkccP42
NTTjzEk1uHUa+SB74YcXsMRJfna4zGdXi5BcO17cx61FHXWcBmCPZtRi89BuJ4H5
Y/vVyu5D99Sd2KHdJFutWZtAyZyNEklDJ5sx6PcVEQXVPAXpmu3YyWBK0BVl1bHC
BPOfjLoszsdslkMxOaxeL4QMU0M33lozH81Z9GdqcThA/hkprqbdWSa4JnmD7RYe
2wq14b9tcEndjf8btvwh58kXoJm44gvfgeawkxIVlqOhblnqR8YbuNtzLwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFP6ISSxwRhVNalub73Gx/PHWRvCxMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvX29oSkxIQkdGVTFxVzV2dmNiSDg4ZFpHOExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALQ8QAwQA
PswoAwQAwhrZMDEEAgACMCsDBwAqDhyAAAEDBwAqDhyAAAYDBwAqDhyAAAgDBwAq
DhyAAA8DBQAqEngAMA0GCSqGSIb3DQEBCwUAA4IBAQARhPKn9DNJXTh+3qMP7Ot4
R16M/knazU/bxuWPCghUTXuT3Ip1gs8u1Rljp3PPwQH95Gvqoaczj9XkqvIrnz71
Bliqb//nsErTpSfKrI1RiM3/JI62GUFJS01V5+lMt7UwObKray7IBBN6zxZ6G5pe
PTNzcSrddF867RxqB7KX89aX+f0cibZ6LiXdGhDpM0UFEeN++TtrOUBcobKVlfQj
D+ZA0/0S5LFH5rWVzWMXLNfvNQaMWVqN18M51OitAc3rM+Il6/1K8JCiPMgm+kEN
MmRA6U9f58QohYo5f6gYb0jk4Wx4PLjUpgzD5RRJxQnHHLnJ0p9mROe/mSz5DNnL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:01 2024 by rpki-client on console-ams.rpki-client.org