Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/D-oFns5bMl6kPLGcKIWJeuuBupw.roa
File: D-oFns5bMl6kPLGcKIWJeuuBupw.roa (raw, json)
Hash identifier: 8ScYjtZq72S2Dsr5g7XcvtRVd21c48ghbfkBxaMDHmc=
Subject key identifier: 0F:EA:05:9E:CE:5B:32:5E:A4:3C:B1:9C:28:85:89:7A:EB:81:BA:9C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ACF4F2805E275A18C3CC060E64C74
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/D-oFns5bMl6kPLGcKIWJeuuBupw.roa
Signing time: Mon 02 Jan 2023 17:15:06 +0000
ROA not before: Mon 02 Jan 2023 17:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202147
IP address blocks: 91.245.200.0/21 maxlen: 24
88.98.112.0/20 maxlen: 24
185.51.108.0/22 maxlen: 24
188.241.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:cf:4f:28:05:e2:75:a1:8c:3c:c0:60:e6:4c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fea059ece5b325ea43cb19c2885897aeb81ba9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:66:7f:43:35:8a:4b:18:fe:6d:4f:fa:de:d3:
81:30:c7:b1:c8:8f:0c:61:51:e8:ac:d6:cd:82:00:
6f:e2:41:ca:52:9b:0d:9e:59:53:1c:6d:5c:39:02:
11:61:04:70:eb:05:00:6a:f4:e5:e5:a7:de:f5:ad:
29:6d:6c:65:79:87:03:5c:b5:ce:7e:01:d3:74:04:
79:c7:1b:14:ab:23:fa:71:bb:66:ea:fc:27:8c:8e:
57:bc:12:0e:b2:1f:fc:6d:d2:32:98:db:b7:6b:c6:
ab:c2:38:90:af:16:f0:fd:11:7a:3f:de:da:f3:d9:
46:89:4c:8c:fb:83:f5:ca:c8:82:b5:cd:11:c7:99:
b7:27:f8:31:16:51:f3:44:d7:20:a4:69:51:dd:b7:
cf:96:b8:f3:ea:ae:46:e7:aa:95:9b:7c:21:55:61:
20:d2:27:4e:2c:3b:b2:77:2b:1c:ed:ab:dd:a1:2d:
cc:60:70:71:8f:7d:c0:52:47:e8:71:d1:12:1a:62:
a8:db:1b:05:c6:92:15:a0:44:26:db:1b:41:75:f8:
16:18:f0:de:2f:60:7c:64:69:ae:b7:97:9b:bd:78:
2f:c8:93:aa:d5:4b:ab:fb:e2:27:8c:0b:e4:6a:0b:
e1:00:34:07:8a:e5:da:63:a8:7f:e6:6e:4c:e6:fa:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EA:05:9E:CE:5B:32:5E:A4:3C:B1:9C:28:85:89:7A:EB:81:BA:9C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/D-oFns5bMl6kPLGcKIWJeuuBupw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.98.112.0/20
91.245.200.0/21
185.51.108.0/22
188.241.96.0/21
Signature Algorithm: sha256WithRSAEncryption
52:06:f6:8c:7e:b1:7c:27:7c:9d:b2:21:20:07:0d:97:df:a6:
8b:46:78:87:48:9c:e0:b3:76:3a:01:07:c0:b3:87:05:8d:08:
fd:3f:e3:82:11:d2:cb:3f:71:0d:fe:12:14:0c:bb:89:e9:3d:
cf:e8:97:26:b6:ce:37:74:93:34:e4:a8:5f:5c:d8:84:26:93:
21:c5:50:70:1e:dc:7d:7c:1a:79:d9:b7:74:7f:fa:61:e6:73:
ae:8d:f5:c2:23:82:6f:bc:59:2e:0a:9b:db:5f:8d:dc:96:56:
b9:4f:b4:00:a0:f3:e6:34:46:30:18:87:d2:12:f2:dd:ee:3c:
ec:48:59:96:6e:84:5d:d1:7c:c6:79:db:27:5d:64:88:ee:ab:
52:1f:de:c9:3b:db:76:63:03:a8:af:6b:63:46:9c:4d:62:68:
fd:30:d7:4c:fb:fd:bb:fc:18:cc:38:e1:ed:00:2a:42:cb:d6:
95:80:64:b8:7f:81:ab:9a:73:e4:6c:26:d1:09:4f:e6:e2:0c:
12:8d:be:0b:15:8a:ba:35:bb:df:60:6b:e1:0b:65:ec:72:ec:
bb:24:5d:e6:6c:31:df:ca:2f:b3:d4:24:e2:b1:77:05:bf:ad:
07:d8:48:5f:6c:c8:53:83:9c:01:12:97:ad:47:82:e5:df:e6:
28:b2:3a:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzes9PKAXidaGMPMBg5kx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVhMDU5ZWNlNWIzMjVlYTQzY2IxOWMyODg1ODk3YWViODFiYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWZ/QzWKSxj+bU/63tOBMMexyI8M
YVHorNbNggBv4kHKUpsNnllTHG1cOQIRYQRw6wUAavTl5afe9a0pbWxleYcDXLXO
fgHTdAR5xxsUqyP6cbtm6vwnjI5XvBIOsh/8bdIymNu3a8arwjiQrxbw/RF6P97a
89lGiUyM+4P1ysiCtc0Rx5m3J/gxFlHzRNcgpGlR3bfPlrjz6q5G56qVm3whVWEg
0idOLDuydysc7avdoS3MYHBxj33AUkfocdESGmKo2xsFxpIVoEQm2xtBdfgWGPDe
L2B8ZGmut5ebvXgvyJOq1Uur++InjAvkagvhADQHiuXaY6h/5m5M5vpMqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA/qBZ7OWzJepDyxnCiFiXrrgbqcMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvRC1vRm5zNWJNbDZrUExHY0tJV0pldXVCdXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEWGJwAwQD
W/XIAwQCuTNsAwQDvPFgMA0GCSqGSIb3DQEBCwUAA4IBAQBSBvaMfrF8J3ydsiEg
Bw2X36aLRniHSJzgs3Y6AQfAs4cFjQj9P+OCEdLLP3EN/hIUDLuJ6T3P6Jcmts43
dJM05KhfXNiEJpMhxVBwHtx9fBp52bd0f/ph5nOujfXCI4JvvFkuCpvbX43clla5
T7QAoPPmNEYwGIfSEvLd7jzsSFmWboRd0XzGedsnXWSI7qtSH97JO9t2YwOor2tj
RpxNYmj9MNdM+/27/BjMOOHtACpCy9aVgGS4f4GrmnPkbCbRCU/m4gwSjb4LFYq6
NbvfYGvhC2Xscuy7JF3mbDHfyi+z1CTisXcFv60H2EhfbMhTg5wBEpetR4Ll3+Yo
sjpD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org