Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/ofSeB1pzw_XzbmbG6gcXvhz_GNY.roa
File: ofSeB1pzw_XzbmbG6gcXvhz_GNY.roa (raw, json)
Hash identifier: 47YQ7UpUsr4yxxJuMToB3AA3JB9fhxTivO20/5SYBC0=
Subject key identifier: A1:F4:9E:07:5A:73:C3:F5:F3:6E:66:C6:EA:07:17:BE:1C:FF:18:D6
Certificate issuer: /CN=83f5bd23bec5d0639833a9141985cc5753886e16
Certificate serial: 018CC7270329E7D1A058FB136044B301E140
Authority key identifier: 83:F5:BD:23:BE:C5:D0:63:98:33:A9:14:19:85:CC:57:53:88:6E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_W9I77F0GOYM6kUGYXMV1OIbhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/ofSeB1pzw_XzbmbG6gcXvhz_GNY.roa
Signing time: Mon 01 Jan 2024 22:31:11 +0000
ROA not before: Mon 01 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12344
IP address blocks: 185.119.96.0/22 maxlen: 22
2a04:f310::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:03:29:e7:d1:a0:58:fb:13:60:44:b3:01:e1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f5bd23bec5d0639833a9141985cc5753886e16
Validity
Not Before: Jan 1 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1f49e075a73c3f5f36e66c6ea0717be1cff18d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:de:95:9c:74:1e:12:3b:f6:78:c7:eb:9e:
70:2d:2e:5f:98:64:b0:46:30:81:25:92:b6:34:12:
1e:4c:e7:f7:80:1e:0e:f3:46:be:2f:7a:c2:99:81:
55:da:9f:54:fd:19:7f:de:4f:b8:09:91:47:4e:7b:
32:ff:78:03:94:1b:c5:0d:77:e9:ba:87:b7:10:a3:
36:a0:d9:15:a1:cc:0e:a6:d1:d1:42:8b:d6:f7:47:
96:eb:65:6b:7b:cb:ed:5e:2e:55:00:22:b1:f1:68:
39:18:5f:d8:68:37:38:28:2f:0e:eb:f4:5f:29:37:
78:ee:bb:79:9a:84:c8:05:fc:a4:61:41:46:c5:b2:
51:49:93:90:a0:62:76:6c:34:49:c4:d8:70:09:28:
bf:c7:d2:1b:4e:ba:48:18:2f:d8:2a:38:d1:6c:96:
e3:4e:8e:38:f8:a4:52:a6:91:4a:7b:0e:23:54:b0:
e2:e1:3b:b4:9f:13:da:a9:ad:79:b2:42:72:33:44:
11:ee:49:83:51:59:0d:cd:ed:6e:47:c7:10:25:82:
61:09:de:91:3a:18:6c:36:4d:4b:41:bc:07:45:ae:
c7:af:5b:40:0e:3a:8e:b5:98:f0:3f:85:35:33:fe:
94:9f:6f:07:bc:a6:79:87:ec:05:c9:0e:e7:8e:5d:
45:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F4:9E:07:5A:73:C3:F5:F3:6E:66:C6:EA:07:17:BE:1C:FF:18:D6
X509v3 Authority Key Identifier:
keyid:83:F5:BD:23:BE:C5:D0:63:98:33:A9:14:19:85:CC:57:53:88:6E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_W9I77F0GOYM6kUGYXMV1OIbhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/ofSeB1pzw_XzbmbG6gcXvhz_GNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b2397c-b36d-46a3-a240-1d9a19f1295b/1/g_W9I77F0GOYM6kUGYXMV1OIbhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.96.0/22
IPv6:
2a04:f310::/31
Signature Algorithm: sha256WithRSAEncryption
4f:7c:c6:90:f8:1e:ee:88:ba:68:5e:07:ad:4b:fe:79:17:4c:
da:d5:14:a7:c4:f4:03:f2:76:18:ee:65:94:c9:52:56:65:c0:
b9:62:0a:e6:45:dc:40:41:53:eb:84:6d:a8:aa:12:1c:1b:18:
e1:94:cf:a7:41:55:cf:82:73:8a:82:81:c9:12:45:52:f5:ac:
78:44:0e:9f:f4:29:97:6e:f1:2c:92:48:35:80:26:da:42:60:
37:ee:9d:eb:d4:9b:8b:64:81:1c:c6:46:92:2e:82:58:e5:9e:
0c:e7:0a:86:0c:27:56:1f:db:27:68:50:53:87:08:01:02:2c:
8e:56:f4:1f:cf:03:30:a5:57:03:0a:65:c4:5b:67:bf:24:a0:
2f:5d:9f:f7:76:04:49:64:54:0d:04:6b:f9:fe:49:a6:fe:85:
12:44:1c:2d:e1:87:31:bf:75:35:61:0b:34:fa:7f:3e:cb:d2:
81:5e:56:03:cf:7e:e4:b3:b0:20:35:7b:d3:5b:e1:59:7e:6f:
39:8d:c5:7a:98:42:75:15:20:14:cb:67:30:03:54:ed:60:bd:
86:b6:ab:56:f8:7f:29:ef:a6:0e:0d:66:7a:7d:0d:f9:70:c9:
8b:2f:7d:94:12:1b:51:7c:d4:d2:d0:22:09:f0:61:c6:5b:8c:
6e:84:7c:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJwMp59GgWPsTYESzAeFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjViZDIzYmVjNWQwNjM5ODMzYTkxNDE5ODVjYzU3NTM4
ODZlMTYwHhcNMjQwMTAxMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY0OWUwNzVhNzNjM2Y1ZjM2ZTY2YzZlYTA3MTdiZTFjZmYxOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTrelZx0HhI79njH655wLS5fmGSw
RjCBJZK2NBIeTOf3gB4O80a+L3rCmYFV2p9U/Rl/3k+4CZFHTnsy/3gDlBvFDXfp
uoe3EKM2oNkVocwOptHRQovW90eW62Vre8vtXi5VACKx8Wg5GF/YaDc4KC8O6/Rf
KTd47rt5moTIBfykYUFGxbJRSZOQoGJ2bDRJxNhwCSi/x9IbTrpIGC/YKjjRbJbj
To44+KRSppFKew4jVLDi4Tu0nxPaqa15skJyM0QR7kmDUVkNze1uR8cQJYJhCd6R
OhhsNk1LQbwHRa7Hr1tADjqOtZjwP4U1M/6Un28HvKZ5h+wFyQ7njl1FMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKH0ngdac8P1825mxuoHF74c/xjWMB8GA1UdIwQY
MBaAFIP1vSO+xdBjmDOpFBmFzFdTiG4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19XOUk3N0YwR09ZTTZrVUdZWE1WMU9JYmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iMjM5N2MtYjM2ZC00NmEzLWEyNDAt
MWQ5YTE5ZjEyOTViLzEvb2ZTZUIxcHp3X1h6Ym1iRzZnY1h2aHpfR05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iMjM5N2MtYjM2ZC00NmEzLWEyNDAtMWQ5YTE5ZjEyOTVi
LzEvZ19XOUk3N0YwR09ZTTZrVUdZWE1WMU9JYmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXdgMA0E
AgACMAcDBQEqBPMQMA0GCSqGSIb3DQEBCwUAA4IBAQBPfMaQ+B7uiLpoXgetS/55
F0za1RSnxPQD8nYY7mWUyVJWZcC5YgrmRdxAQVPrhG2oqhIcGxjhlM+nQVXPgnOK
goHJEkVS9ax4RA6f9CmXbvEskkg1gCbaQmA37p3r1JuLZIEcxkaSLoJY5Z4M5wqG
DCdWH9snaFBThwgBAiyOVvQfzwMwpVcDCmXEW2e/JKAvXZ/3dgRJZFQNBGv5/kmm
/oUSRBwt4Ycxv3U1YQs0+n8+y9KBXlYDz37ks7AgNXvTW+FZfm85jcV6mEJ1FSAU
y2cwA1TtYL2GtqtW+H8p76YODWZ6fQ35cMmLL32UEhtRfNTS0CIJ8GHGW4xuhHyt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:42 2025 by rpki-client