Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/OOKtSDJbNwi5LonWIYAAvXUwVrc.roa
File: OOKtSDJbNwi5LonWIYAAvXUwVrc.roa (raw, json)
Hash identifier: hMNSP4a3xXhD20s4hIk3bgycFvE/pCePEn0b9tjfBhA=
Subject key identifier: 38:E2:AD:48:32:5B:37:08:B9:2E:89:D6:21:80:00:BD:75:30:56:B7
Certificate issuer: /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial: 018CC4244E51639809B1BEEC55EE2C3992D4
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/OOKtSDJbNwi5LonWIYAAvXUwVrc.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6697
IP address blocks: 178.159.240.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 19 Feb 2024 09:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4e:51:63:98:09:b1:be:ec:55:ee:2c:39:92:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e2ad48325b3708b92e89d6218000bd753056b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e1:f1:61:08:64:9f:b7:1f:93:b2:50:5a:c3:
28:2b:b4:e1:06:7e:ee:83:6a:1b:52:ed:06:ad:b7:
1c:fd:47:38:39:85:0b:da:c7:f9:98:f8:b1:66:69:
4e:66:e8:fa:4c:30:08:ac:b6:ef:8b:68:72:db:b7:
0d:59:fc:b2:2e:00:61:16:14:a6:3d:6d:21:b4:8b:
71:7b:2e:6e:39:94:20:72:54:c3:22:6c:a0:59:05:
8a:92:25:43:ba:68:08:39:cd:e8:92:a9:c9:b2:b5:
5f:0e:d9:1a:9c:f3:78:42:fb:b6:eb:03:31:7f:16:
50:19:73:4a:66:4f:46:e0:38:a1:5e:29:0d:e7:e1:
93:75:74:20:c7:eb:f8:22:0c:bb:65:00:e2:51:75:
e0:62:13:9f:02:44:8a:88:41:0e:30:33:59:ac:cf:
ab:72:7c:41:8f:0a:1f:cb:92:c4:86:f0:c8:eb:73:
b7:d0:71:77:af:4f:62:6d:43:73:2b:0e:7f:5e:48:
0e:59:0a:c5:5e:a2:a8:1f:ef:4f:4c:36:f5:a3:67:
e9:9a:b3:e2:5c:9f:67:89:3c:7e:a1:eb:f3:18:1e:
d6:f1:2b:02:ab:cc:fd:11:57:e9:23:20:24:06:e4:
a8:c1:b5:16:35:dd:30:fb:12:9c:fc:fa:05:58:d8:
e2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E2:AD:48:32:5B:37:08:B9:2E:89:D6:21:80:00:BD:75:30:56:B7
X509v3 Authority Key Identifier:
keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/OOKtSDJbNwi5LonWIYAAvXUwVrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.159.240.0/21
Signature Algorithm: sha256WithRSAEncryption
67:a6:a2:06:49:7b:1c:d7:91:56:d0:32:92:a8:c8:84:ae:91:
1e:50:83:23:83:92:8e:83:50:ba:61:11:68:21:f0:16:32:74:
47:a3:67:b5:d1:be:3f:cd:76:a3:ba:98:d8:62:1e:e4:f4:0a:
0f:4f:ca:e5:56:42:10:6e:69:f7:23:b0:95:3f:f5:8c:a5:a2:
01:9d:19:3a:99:92:5f:4b:9b:b7:a4:6b:e1:44:53:2b:96:e3:
04:58:5e:56:48:79:42:47:b5:61:24:fe:8c:ba:7a:04:12:3a:
ca:a0:85:aa:1a:f6:58:08:0b:f4:5d:35:8f:be:fc:ac:a6:22:
9b:4a:e3:95:e6:cd:83:75:35:bc:19:e4:be:3a:18:ca:f7:9c:
fa:3f:73:f9:63:d6:42:cd:67:3a:26:6f:7a:48:dc:52:47:db:
ad:95:d2:f2:53:0c:66:ea:ff:e7:9b:b3:1d:f3:b2:10:27:d9:
1b:0b:d0:36:7e:e1:5c:78:b8:11:3b:7b:bf:6a:92:2d:b7:b1:
b9:2e:da:10:d0:d2:3b:d3:e1:7d:b9:ae:78:67:c9:d8:6e:82:
c0:97:21:ba:2f:5d:99:9a:dc:64:e1:77:1d:0f:02:2b:6d:f4:
0e:a4:4a:7f:7e:8c:f1:44:21:08:31:70:66:ec:a0:fa:53:7d:
25:8b:a3:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJE5RY5gJsb7sVe4sOZLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWVmYjU4NzhkM2IzNjM0ZGMxY2NiOTBhYzQ4ZTBiODlk
MWM4NzkwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGUyYWQ0ODMyNWIzNzA4YjkyZTg5ZDYyMTgwMDBiZDc1MzA1NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+HxYQhkn7cfk7JQWsMoK7ThBn7u
g2obUu0Grbcc/Uc4OYUL2sf5mPixZmlOZuj6TDAIrLbvi2hy27cNWfyyLgBhFhSm
PW0htItxey5uOZQgclTDImygWQWKkiVDumgIOc3okqnJsrVfDtkanPN4Qvu26wMx
fxZQGXNKZk9G4DihXikN5+GTdXQgx+v4Igy7ZQDiUXXgYhOfAkSKiEEOMDNZrM+r
cnxBjwofy5LEhvDI63O30HF3r09ibUNzKw5/XkgOWQrFXqKoH+9PTDb1o2fpmrPi
XJ9niTx+oevzGB7W8SsCq8z9EVfpIyAkBuSowbUWNd0w+xKc/PoFWNjiCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjirUgyWzcIuS6J1iGAAL11MFa3MB8GA1UdIwQY
MBaAFCue+1h407NjTcHMuQrEjguJ0ch5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQt
NGJjZDNkNTg0NjNhLzEvT09LdFNESmJOd2k1TG9uV0lZQUF2WFV3VnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQtNGJjZDNkNTg0NjNh
LzEvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsp/wMA0G
CSqGSIb3DQEBCwUAA4IBAQBnpqIGSXsc15FW0DKSqMiErpEeUIMjg5KOg1C6YRFo
IfAWMnRHo2e10b4/zXajupjYYh7k9AoPT8rlVkIQbmn3I7CVP/WMpaIBnRk6mZJf
S5u3pGvhRFMrluMEWF5WSHlCR7VhJP6MunoEEjrKoIWqGvZYCAv0XTWPvvyspiKb
SuOV5s2DdTW8GeS+OhjK95z6P3P5Y9ZCzWc6Jm96SNxSR9utldLyUwxm6v/nm7Md
87IQJ9kbC9A2fuFceLgRO3u/apItt7G5LtoQ0NI70+F9ua54Z8nYboLAlyG6L12Z
mtxk4XcdDwIrbfQOpEp/fozxRCEIMXBm7KD6U30li6Pm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:33 2024 by rpki-client on console-fra.rpki-client.org