Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/oa9SIbEqbrONCD7O6nRiwRVu66w.roa
File: oa9SIbEqbrONCD7O6nRiwRVu66w.roa (raw, json)
Hash identifier: KggelK0n+Mrd8/AfzhSEsKQ2ViMnrhGSX7dT/NqUJcI=
Subject key identifier: A1:AF:52:21:B1:2A:6E:B3:8D:08:3E:CE:EA:74:62:C1:15:6E:EB:AC
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 018CC3494BA06AF8E84B83C41AF08EFC3DA1
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/oa9SIbEqbrONCD7O6nRiwRVu66w.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4b:a0:6a:f8:e8:4b:83:c4:1a:f0:8e:fc:3d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1af5221b12a6eb38d083eceea7462c1156eebac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0a:75:1d:43:84:e6:9b:30:a2:80:d4:04:2a:
65:c1:f9:fd:65:9e:e9:9e:93:72:e5:09:d9:96:a2:
df:df:10:02:ec:6c:8c:3f:8f:dc:b3:22:f3:7f:4c:
95:98:e3:e6:80:6d:60:4b:bc:32:5e:45:40:b4:67:
41:c6:74:67:7d:e9:87:4c:e7:ac:0b:4c:ea:64:21:
fa:50:8e:18:41:68:d0:a1:f1:bf:87:1e:a6:88:83:
77:7f:b7:b5:1a:c1:47:33:5a:f1:05:12:91:aa:2e:
ed:fd:5d:04:4f:4c:5e:b2:01:f7:cc:49:87:b1:be:
e9:59:98:2c:59:5b:36:b9:3f:06:52:57:fb:1c:d1:
08:e4:23:31:68:cf:85:42:35:46:82:8e:bf:79:9a:
f8:14:27:7c:c5:94:6c:72:12:81:f2:92:4b:ae:17:
9d:2c:7d:bf:b4:04:83:4f:1e:c7:6b:78:e4:de:4c:
56:f5:63:0a:da:99:8d:25:65:24:66:ab:32:85:c6:
87:8a:1d:40:b6:70:c5:33:38:17:2c:fe:79:af:a1:
d6:89:21:4a:9a:65:2a:36:7d:5a:cd:6b:84:7a:93:
b7:b7:e1:eb:ab:e2:06:ec:49:96:0c:45:c8:b5:36:
30:00:63:e5:07:6a:41:23:78:be:a3:a8:f4:67:20:
34:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AF:52:21:B1:2A:6E:B3:8D:08:3E:CE:EA:74:62:C1:15:6E:EB:AC
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/oa9SIbEqbrONCD7O6nRiwRVu66w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:fe:2f:62:75:32:88:4f:9c:a1:01:c8:a5:55:4d:db:ff:d9:
e7:a0:04:35:38:ee:13:07:27:59:f5:3a:6a:45:1d:5a:a9:88:
ff:d6:95:f2:0c:e4:f4:16:dd:53:9c:54:3c:52:1a:d7:ac:95:
53:e0:b9:bb:cc:7a:af:25:db:46:15:3a:8a:4a:ce:c5:a1:e9:
f3:98:c0:0d:ac:04:1c:e4:7d:4f:d2:32:78:ac:ea:f3:e7:ff:
06:86:a7:37:ad:c2:44:19:c9:07:68:ea:0e:93:25:f2:26:27:
37:34:a6:63:69:c8:da:4d:2a:7a:ce:6f:a8:f6:ed:18:31:b8:
9a:6b:cc:6b:1a:c7:cc:e4:49:7e:a3:7a:df:05:d2:1e:4b:58:
fa:1c:65:96:42:7b:22:c1:56:7e:22:12:85:23:e6:3a:92:82:
e6:00:cc:1f:5e:ac:0e:9d:c0:69:3b:cb:a7:49:21:60:02:be:
7b:1a:5a:08:23:fe:de:3c:c7:45:e0:2e:54:f0:41:fb:71:79:
e4:12:1e:91:ff:71:15:f5:66:17:06:87:8e:88:e8:25:6f:e4:
a8:49:a9:4b:ea:63:cb:5f:ea:88:49:d4:13:38:1d:14:bd:e6:
dd:ad:8f:19:b4:85:13:e3:94:c2:bd:f3:4b:21:dd:ff:85:31:
20:cf:8d:37
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSUugavjoS4PEGvCO/D2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFmNTIyMWIxMmE2ZWIzOGQwODNlY2VlYTc0NjJjMTE1NmVlYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAp1HUOE5pswooDUBCplwfn9ZZ7p
npNy5QnZlqLf3xAC7GyMP4/csyLzf0yVmOPmgG1gS7wyXkVAtGdBxnRnfemHTOes
C0zqZCH6UI4YQWjQofG/hx6miIN3f7e1GsFHM1rxBRKRqi7t/V0ET0xesgH3zEmH
sb7pWZgsWVs2uT8GUlf7HNEI5CMxaM+FQjVGgo6/eZr4FCd8xZRschKB8pJLrhed
LH2/tASDTx7Ha3jk3kxW9WMK2pmNJWUkZqsyhcaHih1AtnDFMzgXLP55r6HWiSFK
mmUqNn1azWuEepO3t+Hrq+IG7EmWDEXItTYwAGPlB2pBI3i+o6j0ZyA0fQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKGvUiGxKm6zjQg+zup0YsEVbuusMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvb2E5U0liRXFick9OQ0Q3TzZuUml3UlZ1NjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuYEQMBgE
AgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEBAJX+L2J1
MohPnKEByKVVTdv/2eegBDU47hMHJ1n1OmpFHVqpiP/WlfIM5PQW3VOcVDxSGtes
lVPgubvMeq8l20YVOopKzsWh6fOYwA2sBBzkfU/SMnis6vPn/waGpzetwkQZyQdo
6g6TJfImJzc0pmNpyNpNKnrOb6j27RgxuJprzGsax8zkSX6jet8F0h5LWPocZZZC
eyLBVn4iEoUj5jqSguYAzB9erA6dwGk7y6dJIWACvnsaWggj/t48x0XgLlTwQftx
eeQSHpH/cRX1ZhcGh46I6CVv5KhJqUvqY8tf6ohJ1BM4HRS95t2tjxm0hRPjlMK9
80sh3f+FMSDPjTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org