Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/onwWV2xwyD6lPjGyFYOp6i39uAE.roa
File: onwWV2xwyD6lPjGyFYOp6i39uAE.roa (raw, json)
Hash identifier: XS0ix3SOShdAhMLOWMgPJK8Sd7cySXDFghkMSE0nWZQ=
Subject key identifier: A2:7C:16:57:6C:70:C8:3E:A5:3E:31:B2:15:83:A9:EA:2D:FD:B8:01
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01856ED4D7BA4B6F0C6FC2C51AE2FE7F201C
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/onwWV2xwyD6lPjGyFYOp6i39uAE.roa
Signing time: Sun 01 Jan 2023 19:35:20 +0000
ROA not before: Sun 01 Jan 2023 19:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212567
IP address blocks: 141.98.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d7:ba:4b:6f:0c:6f:c2:c5:1a:e2:fe:7f:20:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jan 1 19:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27c16576c70c83ea53e31b21583a9ea2dfdb801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:f5:cb:f8:86:c9:8d:d1:78:bb:3b:3e:25:
e4:dc:71:99:a5:58:89:df:09:ff:4e:7f:d4:13:2d:
33:e1:18:bd:b9:f6:9b:ea:8c:f0:73:3b:5d:74:cc:
0e:fb:a9:4e:36:e7:e9:c1:51:03:4d:de:82:c9:5f:
f2:3f:2e:88:a6:e6:71:1f:c2:a4:2a:49:8a:d0:8f:
8c:1d:aa:bb:0d:a6:91:2c:ac:f6:2d:7c:d1:58:f8:
4f:8d:37:5f:1a:b9:f9:43:7a:ed:11:fc:50:c2:54:
3d:6d:30:28:62:55:f4:ae:d6:43:00:59:46:70:95:
62:17:99:66:76:53:05:aa:74:24:d8:40:9d:1b:68:
99:9b:89:9e:11:18:86:2f:01:ce:8a:74:35:cd:bc:
ef:74:16:db:43:6c:1f:23:c6:ea:22:a1:60:83:ea:
c0:7f:8e:cc:b2:1f:54:02:42:dc:28:5e:91:94:ad:
f2:07:4b:a1:fc:fb:c1:73:1b:7a:94:e0:da:54:68:
e5:d2:36:86:c2:6b:0d:b4:94:b3:36:4c:09:c3:fe:
82:91:8f:2f:67:ce:7a:ba:e6:4d:2d:0c:8e:9b:4d:
d7:88:41:c6:35:21:41:de:35:06:d9:e0:46:a3:fb:
75:b0:8e:50:1d:05:a7:dd:2b:16:9f:e6:db:1f:ac:
53:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7C:16:57:6C:70:C8:3E:A5:3E:31:B2:15:83:A9:EA:2D:FD:B8:01
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/onwWV2xwyD6lPjGyFYOp6i39uAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.138.0/24
Signature Algorithm: sha256WithRSAEncryption
04:f7:a5:a5:84:cc:54:0a:c8:0a:6e:a7:24:44:94:e1:5a:2e:
cd:ca:b8:0a:a3:7f:86:7d:67:c0:66:26:cb:03:25:1c:ef:61:
75:ef:af:cb:e4:28:85:c5:db:88:b2:7e:d6:55:ba:cb:0f:51:
dc:cf:cd:04:df:96:90:f3:88:a5:05:b5:01:d1:5b:fd:ae:28:
e5:50:e1:6d:81:47:19:f0:47:61:e1:63:f9:6d:7e:39:a4:f1:
d0:b9:91:7d:57:eb:a7:6d:15:f4:15:bf:49:08:03:07:b4:d9:
0b:cb:b2:7f:d8:97:44:24:e0:62:93:af:d7:09:09:e1:ee:aa:
be:29:38:b0:c6:7c:ca:6b:4f:b5:7f:d1:57:1c:17:74:e6:bf:
a7:3f:ca:2e:07:44:23:0d:b8:1b:64:d8:01:be:11:ae:91:7f:
15:2a:55:6b:9d:a7:be:71:58:20:12:47:90:fa:07:95:fd:0a:
fc:d9:84:66:8e:ec:9a:48:c5:34:90:cc:ed:2f:cb:ca:55:6d:
94:69:43:55:ac:4d:ff:91:ba:0e:ca:e4:e5:a5:b7:da:30:c2:
7b:43:79:36:c9:b9:6a:df:b3:33:36:71:4b:04:59:76:c8:f9:
de:47:10:ad:70:dc:76:c0:c1:f7:44:6f:c0:07:44:82:73:0f:
aa:dc:6d:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1Ne6S28Mb8LFGuL+fyAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwMTAxMTkzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdjMTY1NzZjNzBjODNlYTUzZTMxYjIxNTgzYTllYTJkZmRiODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLf1y/iGyY3ReLs7PiXk3HGZpViJ
3wn/Tn/UEy0z4Ri9ufab6ozwcztddMwO+6lONufpwVEDTd6CyV/yPy6IpuZxH8Kk
KkmK0I+MHaq7DaaRLKz2LXzRWPhPjTdfGrn5Q3rtEfxQwlQ9bTAoYlX0rtZDAFlG
cJViF5lmdlMFqnQk2ECdG2iZm4meERiGLwHOinQ1zbzvdBbbQ2wfI8bqIqFgg+rA
f47Msh9UAkLcKF6RlK3yB0uh/PvBcxt6lODaVGjl0jaGwmsNtJSzNkwJw/6CkY8v
Z856uuZNLQyOm03XiEHGNSFB3jUG2eBGo/t1sI5QHQWn3SsWn+bbH6xTCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ8FldscMg+pT4xshWDqeot/bgBMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvb253V1YyeHd5RDZsUGpHeUZZT3A2aTM5dUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWKKMA0G
CSqGSIb3DQEBCwUAA4IBAQAE96WlhMxUCsgKbqckRJThWi7NyrgKo3+GfWfAZibL
AyUc72F176/L5CiFxduIsn7WVbrLD1Hcz80E35aQ84ilBbUB0Vv9rijlUOFtgUcZ
8Edh4WP5bX45pPHQuZF9V+unbRX0Fb9JCAMHtNkLy7J/2JdEJOBik6/XCQnh7qq+
KTiwxnzKa0+1f9FXHBd05r+nP8ouB0QjDbgbZNgBvhGukX8VKlVrnae+cVggEkeQ
+geV/Qr82YRmjuyaSMU0kMztL8vKVW2UaUNVrE3/kboOyuTlpbfaMMJ7Q3k2yblq
37MzNnFLBFl2yPneRxCtcNx2wMH3RG/AB0SCcw+q3G0g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org