Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oUWSth46nFXLi6vXFdfsdhY8SX4.roa
File: oUWSth46nFXLi6vXFdfsdhY8SX4.roa (raw, json)
Hash identifier: JzM8Y2RvvyHBPyCRZ+cRN4BypVNN2NPasymeNVieH2E=
Subject key identifier: A1:45:92:B6:1E:3A:9C:55:CB:8B:AB:D7:15:D7:EC:76:16:3C:49:7E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0191B25A8734C5E09C8287A90120EA9048FC
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oUWSth46nFXLi6vXFdfsdhY8SX4.roa
Signing time: Mon 02 Sep 2024 10:49:22 +0000
ROA not before: Mon 02 Sep 2024 10:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214927
IP address blocks: 82.115.223.0/24 maxlen: 24
185.106.92.0/24 maxlen: 24
193.124.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 09:12:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:5a:87:34:c5:e0:9c:82:87:a9:01:20:ea:90:48:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 2 10:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a14592b61e3a9c55cb8babd715d7ec76163c497e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:51:90:ab:85:13:7a:6d:30:dc:34:12:3a:c8:
10:06:03:29:f8:b1:34:5e:de:07:0c:84:a4:18:0a:
7e:27:94:7d:9a:98:33:fa:d5:22:17:c8:65:f9:50:
d2:89:fe:5b:b5:42:5f:ae:b1:4f:18:97:d6:a1:d3:
57:67:be:91:e4:23:02:43:fb:fb:b6:4b:52:e4:c8:
46:93:e6:7b:70:1a:d1:ce:5a:e8:80:9a:c7:d7:83:
6c:28:50:a7:57:aa:82:c7:91:e5:f5:a4:bb:16:af:
43:ca:b6:70:1a:08:73:46:64:d7:70:63:14:73:3b:
c5:29:74:9e:b7:22:54:7e:b6:7b:46:94:4a:8c:75:
e3:3d:cf:f8:21:04:9f:38:5d:47:38:64:9d:b2:cd:
17:72:7c:1e:60:ab:67:5f:91:ae:0f:67:18:a1:fc:
64:c4:51:7c:46:a6:b8:4b:ab:fb:9f:da:62:0c:a7:
e6:b3:54:e7:27:01:85:58:af:b6:9b:d4:a5:2c:f5:
02:aa:92:78:f3:fb:e3:3b:7b:84:4c:c0:70:aa:b1:
28:04:90:1f:eb:6f:63:29:9c:ac:f9:06:aa:7e:16:
e8:d8:a4:4d:3c:fd:59:a0:37:b2:b3:fa:b9:54:71:
88:14:50:d5:ea:bf:01:be:c4:79:5d:45:c9:db:8f:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:45:92:B6:1E:3A:9C:55:CB:8B:AB:D7:15:D7:EC:76:16:3C:49:7E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oUWSth46nFXLi6vXFdfsdhY8SX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.223.0/24
185.106.92.0/24
193.124.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:97:b9:a6:8a:ff:7a:36:04:92:2b:4c:4b:89:59:31:05:1f:
40:b4:ad:98:39:43:a2:3c:09:b5:db:0c:a6:f7:5c:07:87:e2:
54:7b:85:90:6e:bc:17:19:9a:71:b7:1f:dd:d5:6a:32:59:7f:
8e:d0:6e:62:21:2a:1d:98:83:b5:60:18:21:6d:5a:76:3e:0b:
a5:7c:b4:04:8a:cc:95:4a:ce:53:27:8c:4c:3e:c3:bd:75:cc:
8f:4c:45:c9:01:d2:fb:80:24:03:8c:a3:82:2a:db:e3:e2:a3:
b0:5c:4d:ec:ee:76:57:a1:d0:49:40:13:6e:49:00:01:cf:bc:
b1:d2:ed:cf:15:3d:cb:19:f1:8b:0c:ef:bb:9a:4c:19:2f:a3:
ac:63:51:fe:a2:16:a8:d7:17:05:8e:f0:e6:4a:83:f7:46:98:
fc:a7:f6:46:41:47:a4:45:94:25:fd:fc:14:5f:6b:e3:57:84:
57:64:ce:20:2d:6a:72:2d:9c:9f:d5:25:87:c1:78:da:fe:1c:
e8:b7:fe:57:22:92:6d:c0:e8:38:08:5d:64:4b:46:94:e2:4e:
fc:92:b1:98:99:30:0a:5b:e6:27:c7:d8:be:b4:a8:35:9b:77:
fb:34:2a:3e:e6:9b:c5:62:62:9d:58:d1:00:49:e8:d1:50:18:
4d:bb:b1:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGyWoc0xeCcgoepASDqkEj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwOTAyMTA0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ1OTJiNjFlM2E5YzU1Y2I4YmFiZDcxNWQ3ZWM3NjE2M2M0OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FGQq4UTem0w3DQSOsgQBgMp+LE0
Xt4HDISkGAp+J5R9mpgz+tUiF8hl+VDSif5btUJfrrFPGJfWodNXZ76R5CMCQ/v7
tktS5MhGk+Z7cBrRzlrogJrH14NsKFCnV6qCx5Hl9aS7Fq9DyrZwGghzRmTXcGMU
czvFKXSetyJUfrZ7RpRKjHXjPc/4IQSfOF1HOGSdss0XcnweYKtnX5GuD2cYofxk
xFF8Rqa4S6v7n9piDKfms1TnJwGFWK+2m9SlLPUCqpJ48/vjO3uETMBwqrEoBJAf
629jKZys+Qaqfhbo2KRNPP1ZoDeys/q5VHGIFFDV6r8BvsR5XUXJ248vxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKFFkrYeOpxVy4ur1xXX7HYWPEl+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvb1VXU3RoNDZuRlhMaTZ2WEZkZnNkaFk4U1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUnPfAwQA
uWpcAwQAwXy5MA0GCSqGSIb3DQEBCwUAA4IBAQCbl7mmiv96NgSSK0xLiVkxBR9A
tK2YOUOiPAm12wym91wHh+JUe4WQbrwXGZpxtx/d1WoyWX+O0G5iISodmIO1YBgh
bVp2PgulfLQEisyVSs5TJ4xMPsO9dcyPTEXJAdL7gCQDjKOCKtvj4qOwXE3s7nZX
odBJQBNuSQABz7yx0u3PFT3LGfGLDO+7mkwZL6OsY1H+ohao1xcFjvDmSoP3Rpj8
p/ZGQUekRZQl/fwUX2vjV4RXZM4gLWpyLZyf1SWHwXja/hzot/5XIpJtwOg4CF1k
S0aU4k78krGYmTAKW+Ynx9i+tKg1m3f7NCo+5pvFYmKdWNEASejRUBhNu7G5
-----END CERTIFICATE-----
Generated at Wed Sep 4 10:11:23 2024 by rpki-client on console-fra.rpki-client.org