Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OzD9xGE6UBA7y1vLtxv48kVv5_c.roa
File: OzD9xGE6UBA7y1vLtxv48kVv5_c.roa (raw, json)
Hash identifier: mSLcEVri92KREEMl2eLow/sTnFVuLaaTbqy3HRxrG+M=
Subject key identifier: 3B:30:FD:C4:61:3A:50:10:3B:CB:5B:CB:B7:1B:F8:F2:45:6F:E7:F7
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018A16CFFFAC3609B4C1BC9823B98AF58D65
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OzD9xGE6UBA7y1vLtxv48kVv5_c.roa
Signing time: Mon 21 Aug 2023 06:37:24 +0000
ROA not before: Mon 21 Aug 2023 06:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
31.193.240.0/22 maxlen: 24
45.84.114.0/23 maxlen: 24
185.74.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 06:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:16:cf:ff:ac:36:09:b4:c1:bc:98:23:b9:8a:f5:8d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Aug 21 06:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b30fdc4613a50103bcb5bcbb71bf8f2456fe7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:08:58:22:9c:3f:82:32:a7:70:10:af:96:99:
71:fd:52:dc:4e:4d:64:29:7e:a6:6f:15:1e:ca:5a:
13:39:14:d4:43:b7:2b:ae:2d:57:c3:c3:42:b1:8f:
e2:6d:de:7e:a3:ff:cd:bf:2d:dc:ee:98:ad:63:65:
94:59:76:d3:44:78:8e:61:6e:08:3e:33:9f:3e:bc:
c3:da:43:49:03:9a:32:3b:89:69:2e:46:48:ce:05:
3a:e5:4f:86:c3:aa:d6:06:c1:7d:d7:52:76:1c:b2:
e5:6d:2c:b9:8b:8c:b5:a8:fc:21:bd:0a:3f:79:39:
6c:dc:d4:76:45:a1:03:10:6d:97:c4:34:67:e7:91:
b5:79:5a:2d:fd:61:79:4b:44:4c:7c:47:05:1e:d0:
30:af:ac:0c:22:35:84:7f:ab:4c:46:17:e9:02:7d:
61:ee:70:af:3f:d5:d2:91:6e:5e:76:d7:97:15:8d:
41:3a:2f:b5:2d:fd:11:4c:13:d4:8a:c2:ac:3e:37:
9a:46:ec:26:cd:29:98:96:52:98:74:42:6a:d8:a1:
fe:df:8a:f8:f6:19:a5:03:25:3c:6b:e8:27:ab:98:
7f:ca:7e:86:19:5b:82:45:7d:fb:13:fa:85:79:66:
4f:2c:e3:ed:42:c7:14:31:50:2f:11:81:04:8c:1c:
af:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:30:FD:C4:61:3A:50:10:3B:CB:5B:CB:B7:1B:F8:F2:45:6F:E7:F7
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/OzD9xGE6UBA7y1vLtxv48kVv5_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/22
45.84.112.0/22
185.74.54.0/23
Signature Algorithm: sha256WithRSAEncryption
83:59:65:85:cd:97:b0:5f:e2:e2:85:34:48:10:c3:de:1b:22:
4f:80:7f:85:e3:7c:b5:c9:28:98:e2:0c:c8:4b:f0:69:2d:74:
5d:04:58:93:37:88:f4:7f:65:95:87:ca:ed:9c:d4:4a:b1:01:
df:ee:d7:ee:ae:0a:65:e3:e3:82:c4:f2:50:b6:80:d8:9d:4a:
a2:1d:80:74:97:40:a7:af:55:05:95:1b:47:3c:e1:d8:29:f2:
d8:41:a0:96:e6:44:2d:de:4d:91:e2:9c:aa:a7:56:41:4c:38:
7b:80:41:a2:a4:7b:58:a1:db:fd:d6:e7:ff:4f:ae:c4:51:d7:
2b:4d:f4:b5:f0:a3:61:4d:e6:a3:93:12:5c:94:c3:e5:60:f5:
08:12:94:1a:68:27:82:26:3c:61:c1:98:cf:ed:5e:06:59:b1:
a9:86:c0:83:fc:84:98:3d:10:fe:9c:7c:00:87:b5:60:1f:3c:
75:97:48:25:51:1c:f7:b1:86:65:2d:72:04:73:1e:93:f5:08:
fa:0a:89:b0:4e:8f:28:fb:b5:14:7c:c0:2d:56:0e:8e:5c:43:
8a:fd:a9:b3:32:a9:5a:1f:b1:dd:84:37:1e:df:a7:11:45:e2:
40:c5:26:0f:6d:06:44:b9:32:78:09:05:ab:c5:98:3f:27:32:
7d:4d:3e:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoWz/+sNgm0wbyYI7mK9Y1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjMwODIxMDYzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjMwZmRjNDYxM2E1MDEwM2JjYjViY2JiNzFiZjhmMjQ1NmZlN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAhYIpw/gjKncBCvlplx/VLcTk1k
KX6mbxUeyloTORTUQ7crri1Xw8NCsY/ibd5+o//Nvy3c7pitY2WUWXbTRHiOYW4I
PjOfPrzD2kNJA5oyO4lpLkZIzgU65U+Gw6rWBsF911J2HLLlbSy5i4y1qPwhvQo/
eTls3NR2RaEDEG2XxDRn55G1eVot/WF5S0RMfEcFHtAwr6wMIjWEf6tMRhfpAn1h
7nCvP9XSkW5edteXFY1BOi+1Lf0RTBPUisKsPjeaRuwmzSmYllKYdEJq2KH+34r4
9hmlAyU8a+gnq5h/yn6GGVuCRX37E/qFeWZPLOPtQscUMVAvEYEEjByvVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDsw/cRhOlAQO8tby7cb+PJFb+f3MB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvT3pEOXhHRTZVQkE3eTF2THR4djQ4a1Z2NV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH8HwAwQC
LVRwAwQBuUo2MA0GCSqGSIb3DQEBCwUAA4IBAQCDWWWFzZewX+LihTRIEMPeGyJP
gH+F43y1ySiY4gzIS/BpLXRdBFiTN4j0f2WVh8rtnNRKsQHf7tfurgpl4+OCxPJQ
toDYnUqiHYB0l0Cnr1UFlRtHPOHYKfLYQaCW5kQt3k2R4pyqp1ZBTDh7gEGipHtY
odv91uf/T67EUdcrTfS18KNhTeajkxJclMPlYPUIEpQaaCeCJjxhwZjP7V4GWbGp
hsCD/ISYPRD+nHwAh7VgHzx1l0glURz3sYZlLXIEcx6T9Qj6ComwTo8o+7UUfMAt
Vg6OXEOK/amzMqlaH7HdhDce36cRReJAxSYPbQZEuTJ4CQWrxZg/JzJ9TT5z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org