Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/oaJNoZqa_YEVOrClIreB6IMxw0I.roa
File: oaJNoZqa_YEVOrClIreB6IMxw0I.roa (raw, json)
Hash identifier: ZQh7oseuW2lLm80/zRjvM2KpvQ7u/7fJ7j6cB+eVskg=
Subject key identifier: A1:A2:4D:A1:9A:9A:FD:81:15:3A:B0:A5:22:B7:81:E8:83:31:C3:42
Certificate issuer: /CN=1ba5167888397ff9caa844f554ff837cfdbf9722
Certificate serial: 01857395EC675B46837720B556CA42BD437E
Authority key identifier: 1B:A5:16:78:88:39:7F:F9:CA:A8:44:F5:54:FF:83:7C:FD:BF:97:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UWeIg5f_nKqET1VP-DfP2_lyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/oaJNoZqa_YEVOrClIreB6IMxw0I.roa
Signing time: Mon 02 Jan 2023 17:44:43 +0000
ROA not before: Mon 02 Jan 2023 17:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 185.44.200.0/22 maxlen: 22
2a01:7820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:95:ec:67:5b:46:83:77:20:b5:56:ca:42:bd:43:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba5167888397ff9caa844f554ff837cfdbf9722
Validity
Not Before: Jan 2 17:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1a24da19a9afd81153ab0a522b781e88331c342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c4:40:a4:c1:39:69:0e:58:9d:99:8d:a0:9f:
8f:a6:2e:f3:28:84:9d:45:57:6e:9a:5a:71:f2:87:
88:29:33:88:30:32:ac:f4:bf:d1:a6:9b:a5:ce:af:
5e:17:32:65:74:c6:85:2f:0f:0b:d6:81:1b:a8:e4:
b2:3b:75:ec:77:4f:f1:02:c1:f6:7a:52:ca:18:1a:
ba:21:20:be:c1:13:d3:36:a7:40:08:9e:67:b8:16:
cd:f6:33:8b:67:df:b1:3a:cb:bb:e3:0b:33:06:48:
60:6f:02:73:70:d4:61:25:fc:87:9a:91:93:19:47:
48:69:ea:0e:36:79:ff:90:e5:73:81:17:08:6e:bc:
21:e7:9c:b6:4d:77:32:4e:b3:d0:62:f7:11:f9:1f:
ea:f0:37:b0:ed:e5:3c:18:26:11:fb:8c:6c:08:47:
94:0a:3f:24:f0:08:ea:06:3b:b5:fe:84:70:12:33:
3e:0b:b9:f6:27:dd:7c:66:ab:7b:bb:91:45:d2:f4:
d8:8f:e8:7a:10:40:85:e5:a6:e1:13:f8:ef:b9:a6:
57:74:f2:4d:33:77:b5:34:ee:82:d5:52:32:9e:74:
47:74:02:11:e6:92:bd:10:34:d6:08:2d:1d:a9:4d:
0b:65:3d:d6:5f:be:a8:ad:a0:9c:ba:90:eb:27:35:
30:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A2:4D:A1:9A:9A:FD:81:15:3A:B0:A5:22:B7:81:E8:83:31:C3:42
X509v3 Authority Key Identifier:
keyid:1B:A5:16:78:88:39:7F:F9:CA:A8:44:F5:54:FF:83:7C:FD:BF:97:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UWeIg5f_nKqET1VP-DfP2_lyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/oaJNoZqa_YEVOrClIreB6IMxw0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/G6UWeIg5f_nKqET1VP-DfP2_lyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.200.0/22
IPv6:
2a01:7820::/32
Signature Algorithm: sha256WithRSAEncryption
16:0e:a7:31:81:94:dc:00:b9:9c:62:be:26:68:ac:d3:11:88:
b3:e2:09:9d:e6:f8:3d:60:be:bf:b0:9c:06:e4:28:6e:41:01:
11:d5:76:09:5b:3a:2c:7c:64:04:9a:b3:6a:b4:f2:51:2f:ae:
25:6d:e1:e8:15:0f:62:47:4c:d7:c9:9b:76:bc:30:2a:70:44:
23:1c:e7:8e:b6:26:5f:b7:06:67:c7:e2:42:22:5f:ab:c6:a2:
99:9d:9b:ef:ce:cf:da:fb:a8:fc:57:3b:40:8a:8e:ea:d6:13:
db:9c:f4:57:cc:50:79:6b:ca:45:b4:c1:9c:06:dd:d0:6b:98:
db:df:a9:f1:16:3a:a8:d7:d5:66:9a:a4:4f:f7:e1:f2:ab:d7:
a7:a2:88:29:6a:c2:c7:a9:5e:ec:b6:b0:f4:06:24:2f:e1:a7:
f8:8e:07:95:c1:4f:a6:92:f7:9e:59:69:ab:5a:d8:9b:36:c2:
4b:8c:27:cc:c7:fe:9f:77:af:9d:ca:2f:25:7d:88:f6:f5:d2:
f0:f0:b8:be:99:2b:4f:ab:8a:c1:d4:f2:aa:e6:94:38:9a:21:
cf:5c:e5:46:e4:21:95:22:7b:8b:13:7b:d5:2a:40:cf:f2:cf:
c0:13:2b:4f:f4:25:80:2d:27:96:26:00:48:be:d3:e0:e5:8c:
6e:10:34:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzlexnW0aDdyC1VspCvUN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxNjc4ODgzOTdmZjljYWE4NDRmNTU0ZmY4MzdjZmRi
Zjk3MjIwHhcNMjMwMTAyMTc0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEyNGRhMTlhOWFmZDgxMTUzYWIwYTUyMmI3ODFlODgzMzFjMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8RApME5aQ5YnZmNoJ+Ppi7zKISd
RVdumlpx8oeIKTOIMDKs9L/Rppulzq9eFzJldMaFLw8L1oEbqOSyO3Xsd0/xAsH2
elLKGBq6ISC+wRPTNqdACJ5nuBbN9jOLZ9+xOsu74wszBkhgbwJzcNRhJfyHmpGT
GUdIaeoONnn/kOVzgRcIbrwh55y2TXcyTrPQYvcR+R/q8Dew7eU8GCYR+4xsCEeU
Cj8k8AjqBju1/oRwEjM+C7n2J918Zqt7u5FF0vTYj+h6EECF5abhE/jvuaZXdPJN
M3e1NO6C1VIynnRHdAIR5pK9EDTWCC0dqU0LZT3WX76oraCcupDrJzUwqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGiTaGamv2BFTqwpSK3geiDMcNCMB8GA1UdIwQY
MBaAFBulFniIOX/5yqhE9VT/g3z9v5ciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVV2VJZzVmX25LcUVUMVZQLURmUDJfbHlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wNjY0NzgtYjA2Ni00NzM2LWFkOWYt
NTNmNDFkZmU0MDdmLzEvb2FKTm9acWFfWUVWT3JDbElyZUI2SU14dzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wNjY0NzgtYjA2Ni00NzM2LWFkOWYtNTNmNDFkZmU0MDdm
LzEvRzZVV2VJZzVmX25LcUVUMVZQLURmUDJfbHlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSzIMA0E
AgACMAcDBQAqAXggMA0GCSqGSIb3DQEBCwUAA4IBAQAWDqcxgZTcALmcYr4maKzT
EYiz4gmd5vg9YL6/sJwG5ChuQQER1XYJWzosfGQEmrNqtPJRL64lbeHoFQ9iR0zX
yZt2vDAqcEQjHOeOtiZftwZnx+JCIl+rxqKZnZvvzs/a+6j8VztAio7q1hPbnPRX
zFB5a8pFtMGcBt3Qa5jb36nxFjqo19VmmqRP9+Hyq9enoogpasLHqV7strD0BiQv
4af4jgeVwU+mkveeWWmrWtibNsJLjCfMx/6fd6+dyi8lfYj29dLw8Li+mStPq4rB
1PKq5pQ4miHPXOVG5CGVInuLE3vVKkDP8s/AEytP9CWALSeWJgBIvtPg5YxuEDT/
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:43 2024 by rpki-client on console-fra.rpki-client.org