Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/OZvkpz0BCIEjHIklra8omDUqF6w.roa
File: OZvkpz0BCIEjHIklra8omDUqF6w.roa (raw, json)
Hash identifier: HIgm8tiKZsANA9GETxkaOeNEPVxYWMPKruWMFIWcfYQ=
Subject key identifier: 39:9B:E4:A7:3D:01:08:81:23:1C:89:25:AD:AF:28:98:35:2A:17:AC
Certificate issuer: /CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Certificate serial: 0185723123315282302310FE2160A612BB9D
Authority key identifier: CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/OZvkpz0BCIEjHIklra8omDUqF6w.roa
Signing time: Mon 02 Jan 2023 11:15:00 +0000
ROA not before: Mon 02 Jan 2023 11:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 185.9.53.0/24 maxlen: 24
185.203.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:23:31:52:82:30:23:10:fe:21:60:a6:12:bb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Validity
Not Before: Jan 2 11:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=399be4a73d010881231c8925adaf2898352a17ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5b:73:7f:f6:13:46:82:67:dd:37:5a:cc:70:
c2:72:4b:bc:0d:28:bd:b8:36:6d:d4:86:2c:1d:0b:
3a:f7:47:a1:12:da:40:23:c4:58:28:67:e3:5e:3e:
9a:be:cd:bb:02:80:4e:8a:57:0a:f1:dc:bf:9f:5d:
de:fd:49:88:46:66:07:0b:55:c8:fb:05:99:59:15:
52:bb:1a:cd:6d:e2:17:fb:54:dd:c4:b4:dd:43:76:
49:5f:ad:3e:86:c7:f2:32:72:a3:ff:11:79:d9:15:
bb:30:79:bd:3d:b9:0b:bd:4e:ae:fb:67:7f:bb:ea:
92:95:6c:5a:3d:6c:42:67:05:3f:80:7c:ec:ea:cf:
71:94:7f:3f:de:82:0d:62:68:d3:cc:ff:a5:19:96:
aa:be:9f:d6:e1:a5:a7:07:1a:f8:0f:5e:54:be:d0:
da:da:62:1c:ed:88:b2:9c:cf:da:86:23:b4:2b:d8:
1f:a8:41:19:27:88:5b:f0:41:7c:a7:e2:3c:fe:09:
d2:49:9a:0f:b4:ae:dd:e4:a0:fd:e3:85:67:89:85:
a8:ae:81:0f:08:c4:b5:ea:a6:a1:5f:a7:ac:9f:b4:
af:6c:88:bd:e3:4a:7e:06:a6:bf:43:07:c1:7a:cf:
68:4f:56:db:29:b1:72:65:d9:38:19:f0:ff:f6:88:
ce:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9B:E4:A7:3D:01:08:81:23:1C:89:25:AD:AF:28:98:35:2A:17:AC
X509v3 Authority Key Identifier:
keyid:CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/OZvkpz0BCIEjHIklra8omDUqF6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.53.0/24
185.203.88.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4b:54:90:08:91:2e:2b:df:ff:0f:bb:54:09:3c:e5:be:aa:
d9:40:05:24:6a:eb:45:02:7f:9e:58:f2:0c:63:f9:c1:8d:a5:
4e:1d:fe:f7:c9:75:3a:b9:e2:c6:b9:67:71:56:30:80:d0:3b:
aa:46:65:80:1e:0d:fc:38:6d:7d:00:30:3e:28:b8:ae:b4:80:
7e:1d:d0:3f:0c:36:28:2d:cb:2e:43:78:1c:1e:8b:7d:46:1b:
52:12:71:ba:e3:23:d0:7c:9f:98:76:6e:6d:eb:d8:b5:86:ac:
14:fb:d4:73:40:bb:6d:26:c8:df:49:b8:5d:9e:d8:42:cd:5e:
85:12:59:d2:cd:6b:f8:97:11:cc:58:51:cb:3b:3f:51:aa:cc:
33:95:6a:81:d2:f8:b0:11:4c:9e:40:58:01:e9:09:f3:87:34:
f5:d3:71:05:f5:0a:f4:e3:8a:1b:96:41:94:ec:ab:93:00:67:
72:9b:5d:99:81:41:8f:de:e3:a5:8c:97:87:e5:d5:01:c5:32:
a0:71:6a:8a:5e:e7:ff:ca:b5:fd:35:a5:3b:47:ef:aa:aa:c3:
cc:9c:e5:d8:b1:1d:bd:27:c0:78:8a:80:19:41:02:44:29:3c:
e4:20:db:32:91:21:4b:a1:4d:2e:78:16:5d:f1:c7:21:39:ce:
23:f1:cf:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyMSMxUoIwIxD+IWCmErudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzQxZTdkZTY1N2U0YTEwZjkzY2E5MmM1MTdhODFiMmMw
YjI1MWUwHhcNMjMwMTAyMTExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTliZTRhNzNkMDEwODgxMjMxYzg5MjVhZGFmMjg5ODM1MmExN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmltzf/YTRoJn3TdazHDCcku8DSi9
uDZt1IYsHQs690ehEtpAI8RYKGfjXj6avs27AoBOilcK8dy/n13e/UmIRmYHC1XI
+wWZWRVSuxrNbeIX+1TdxLTdQ3ZJX60+hsfyMnKj/xF52RW7MHm9PbkLvU6u+2d/
u+qSlWxaPWxCZwU/gHzs6s9xlH8/3oINYmjTzP+lGZaqvp/W4aWnBxr4D15UvtDa
2mIc7YiynM/ahiO0K9gfqEEZJ4hb8EF8p+I8/gnSSZoPtK7d5KD944VniYWoroEP
CMS16qahX6esn7SvbIi940p+Bqa/QwfBes9oT1bbKbFyZdk4GfD/9ojOwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmb5Kc9AQiBIxyJJa2vKJg1KhesMB8GA1UdIwQY
MBaAFM50Hn3mV+ShD5PKksUXqBssCyUeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMt
ZDEyYTM3MmY1MTczLzEvT1p2a3B6MEJDSUVqSElrbHJhOG9tRFVxRjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMtZDEyYTM3MmY1MTcz
LzEvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQk1AwQA
uctYMA0GCSqGSIb3DQEBCwUAA4IBAQBvS1SQCJEuK9//D7tUCTzlvqrZQAUkautF
An+eWPIMY/nBjaVOHf73yXU6ueLGuWdxVjCA0DuqRmWAHg38OG19ADA+KLiutIB+
HdA/DDYoLcsuQ3gcHot9RhtSEnG64yPQfJ+Ydm5t69i1hqwU+9RzQLttJsjfSbhd
nthCzV6FElnSzWv4lxHMWFHLOz9RqswzlWqB0viwEUyeQFgB6QnzhzT103EF9Qr0
44oblkGU7KuTAGdym12ZgUGP3uOljJeH5dUBxTKgcWqKXuf/yrX9NaU7R++qqsPM
nOXYsR29J8B4ioAZQQJEKTzkINsykSFLoU0ueBZd8cchOc4j8c8X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:20 2024 by rpki-client on console-fra.rpki-client.org