Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/OOsei0vzstpBthRRFWo9EHeaXCA.roa
File: OOsei0vzstpBthRRFWo9EHeaXCA.roa (raw, json)
Hash identifier: rFwqjbdfEsv95MGL2WAl6mNXeEttjMk+PGYfmPoNkG8=
Subject key identifier: 38:EB:1E:8B:4B:F3:B2:DA:41:B6:14:51:15:6A:3D:10:77:9A:5C:20
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 0185723A3ADCAA6122C0EF8DBFC92F21B637
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/OOsei0vzstpBthRRFWo9EHeaXCA.roa
Signing time: Mon 02 Jan 2023 11:24:56 +0000
ROA not before: Mon 02 Jan 2023 11:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 178.209.69.0/24 maxlen: 24
178.209.68.0/24 maxlen: 24
178.209.80.0/21 maxlen: 24
178.209.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 20:56:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:3a:dc:aa:61:22:c0:ef:8d:bf:c9:2f:21:b6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Jan 2 11:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38eb1e8b4bf3b2da41b61451156a3d10779a5c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:46:11:d6:8b:45:3f:29:cb:b4:28:ce:eb:
ed:45:d5:b2:e1:06:d7:4b:42:ee:72:ba:55:25:49:
b4:6a:59:07:88:59:6e:66:f2:9d:69:81:91:d5:ac:
3b:fa:4d:0c:ec:91:66:65:73:26:fb:d7:c6:37:69:
dc:45:c5:e8:3b:ff:58:6b:14:0a:70:d5:49:c8:89:
7f:37:3f:9a:b0:83:cc:f9:bb:65:28:da:a7:57:28:
9a:cd:ed:29:cb:2d:93:b9:9f:ca:89:14:ac:ed:e8:
e3:f0:f9:96:f7:c5:98:ea:23:53:04:95:7d:da:35:
4a:f1:ed:3f:5a:c0:bb:c4:a1:a9:d9:95:27:5f:72:
6a:e7:46:6c:19:f2:d2:38:aa:a3:c2:1e:44:db:ef:
37:93:38:7c:b4:48:c9:a2:41:a6:08:5b:8d:57:9d:
d6:32:7c:2d:8f:a1:90:8c:a9:b7:20:e5:15:46:07:
f6:c6:70:a0:58:6c:1e:a4:a0:8f:63:6e:a6:f7:37:
32:72:73:f8:ce:26:bf:17:67:4f:53:d2:3d:2b:10:
e5:34:25:c2:33:de:cf:ff:ae:86:8d:f7:ea:f3:b0:
ed:c4:9f:41:1d:bf:4b:8f:7c:f9:d3:40:ce:2e:47:
25:6a:bc:29:83:d7:d7:b2:d2:cc:a4:38:09:3b:c0:
10:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EB:1E:8B:4B:F3:B2:DA:41:B6:14:51:15:6A:3D:10:77:9A:5C:20
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/OOsei0vzstpBthRRFWo9EHeaXCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.68.0/23
178.209.80.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:88:60:19:50:ec:d1:d9:a5:69:fd:0b:4b:0d:7a:34:30:bd:
24:1a:8d:42:22:6f:f6:71:c6:fe:17:1c:b0:2c:9c:dc:94:a6:
f9:10:46:cb:e2:98:dc:68:89:2c:05:e4:57:ce:48:fd:0d:8a:
28:0e:f0:9a:70:8f:89:65:be:23:5c:16:32:9c:41:5c:b5:ec:
58:4f:4f:5b:ae:c6:9e:fd:c8:23:43:ff:11:d8:89:ea:97:25:
5e:d5:82:ea:5c:23:c9:9a:6f:88:48:5d:ab:b7:fe:0a:49:3d:
1e:0e:48:35:9e:74:a6:b2:91:35:b3:1b:d2:0b:06:a8:52:3a:
3a:3b:2d:a9:98:78:9f:4e:a7:f6:d5:85:77:ff:2b:f0:a3:f3:
e8:bf:b5:25:3a:a9:3d:20:e5:c6:1e:fa:22:01:7a:79:b6:ff:
e5:13:b8:99:2a:15:0f:f0:35:f4:50:6a:40:88:1d:9a:3d:49:
05:d4:47:ea:94:0c:da:5e:75:e3:97:bb:f8:28:49:c0:94:71:
e2:bc:f5:4e:79:50:8f:07:11:59:a7:7e:32:1b:4b:b4:9f:91:
1f:e6:36:ce:b5:ad:54:08:a3:4a:f2:33:d0:38:3b:b4:cb:f4:
7f:3f:40:b8:0a:0c:28:31:62:19:f5:0f:ed:07:ea:3f:32:0f:
d0:d4:72:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyOjrcqmEiwO+Nv8kvIbY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNGYwMGY1YzNhYjNkZjRjNjc0YTQxMGQ4YTBmMDE4MmZi
NWU5MTgwHhcNMjMwMTAyMTEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGViMWU4YjRiZjNiMmRhNDFiNjE0NTExNTZhM2QxMDc3OWE1YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWRGEdaLRT8py7QozuvtRdWy4QbX
S0LucrpVJUm0alkHiFluZvKdaYGR1aw7+k0M7JFmZXMm+9fGN2ncRcXoO/9YaxQK
cNVJyIl/Nz+asIPM+btlKNqnVyiaze0pyy2TuZ/KiRSs7ejj8PmW98WY6iNTBJV9
2jVK8e0/WsC7xKGp2ZUnX3Jq50ZsGfLSOKqjwh5E2+83kzh8tEjJokGmCFuNV53W
Mnwtj6GQjKm3IOUVRgf2xnCgWGwepKCPY26m9zcycnP4zia/F2dPU9I9KxDlNCXC
M97P/66Gjffq87DtxJ9BHb9Lj3z500DOLkclarwpg9fXstLMpDgJO8AQ0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjrHotL87LaQbYUURVqPRB3mlwgMB8GA1UdIwQY
MBaAFKtPAPXDqz30xnSkENig8BgvtekYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUt
Mzg1M2QzNDBjOWE2LzEvT09zZWkwdnpzdHBCdGhSUkZXbzlFSGVhWENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUtMzg1M2QzNDBjOWE2
LzEvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBstFEAwQD
stFQMA0GCSqGSIb3DQEBCwUAA4IBAQAOiGAZUOzR2aVp/QtLDXo0ML0kGo1CIm/2
ccb+FxywLJzclKb5EEbL4pjcaIksBeRXzkj9DYooDvCacI+JZb4jXBYynEFctexY
T09brsae/cgjQ/8R2InqlyVe1YLqXCPJmm+ISF2rt/4KST0eDkg1nnSmspE1sxvS
CwaoUjo6Oy2pmHifTqf21YV3/yvwo/Pov7UlOqk9IOXGHvoiAXp5tv/lE7iZKhUP
8DX0UGpAiB2aPUkF1EfqlAzaXnXjl7v4KEnAlHHivPVOeVCPBxFZp34yG0u0n5Ef
5jbOta1UCKNK8jPQODu0y/R/P0C4CgwoMWIZ9Q/tB+o/Mg/Q1HJJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:20 2024 by rpki-client on console-ams.rpki-client.org