Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/odUbn1lj7iaIJDTKAXTuaW4h4k8.roa
File: odUbn1lj7iaIJDTKAXTuaW4h4k8.roa (raw, json)
Hash identifier: bdMPLcNM7yAGVYowuQukYoFPhyoVpjT0Dk2f5UcFIvM=
Subject key identifier: A1:D5:1B:9F:59:63:EE:26:88:24:34:CA:01:74:EE:69:6E:21:E2:4F
Certificate issuer: /CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Certificate serial: 0185727123FE21B193486489BFF2FF7801ED
Authority key identifier: 26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/odUbn1lj7iaIJDTKAXTuaW4h4k8.roa
Signing time: Mon 02 Jan 2023 12:24:55 +0000
ROA not before: Mon 02 Jan 2023 12:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35615
IP address blocks: 194.39.38.0/24 maxlen: 24
194.39.37.0/24 maxlen: 24
194.39.36.0/23 maxlen: 23
194.39.36.0/22 maxlen: 22
194.39.36.0/24 maxlen: 24
194.39.39.0/24 maxlen: 24
194.39.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 04 Dec 2023 19:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:23:fe:21:b1:93:48:64:89:bf:f2:ff:78:01:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2697ee5bea95b6fca92d7c8005b2531d0d510468
Validity
Not Before: Jan 2 12:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1d51b9f5963ee26882434ca0174ee696e21e24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1a:19:06:e2:6e:5f:25:8c:49:6a:6b:af:aa:
28:8c:44:c3:64:d6:1d:b1:ad:c6:3d:c4:71:c7:40:
20:e8:2d:68:73:e3:5f:e0:87:bd:ca:3f:55:0e:f4:
2c:e5:ee:1e:eb:a9:a3:0b:36:b7:c4:9e:fa:ea:c2:
0a:65:84:75:46:59:ec:91:2f:cd:35:c9:c6:22:5d:
2d:cb:aa:d7:ef:22:de:81:74:1c:d6:f8:42:ad:e0:
65:ec:33:22:9b:cf:98:ef:14:ec:f9:e8:c4:34:9b:
4a:17:00:a2:1b:2b:26:d2:7a:66:cf:a7:b1:e3:98:
78:df:f8:e5:83:10:bb:e2:23:12:0e:cb:2a:d5:8a:
a3:7a:46:df:0c:71:ac:85:7d:11:0d:54:c6:b4:eb:
bc:a0:8b:77:3a:a3:40:e3:54:09:9f:6f:b6:03:17:
4e:5c:32:76:18:54:1e:30:57:ee:3e:e6:d1:b4:13:
56:63:96:dd:1c:21:39:dc:c8:99:cc:7d:7d:f1:2b:
a5:2f:8b:2e:9c:4c:92:57:d6:1c:c7:2b:67:8d:28:
d7:35:90:b9:05:51:6a:48:ce:70:be:62:96:2a:93:
95:54:bf:dd:58:a3:48:cd:e0:c4:68:4f:db:94:34:
ba:27:88:06:96:b6:74:b0:b3:da:7b:52:92:33:60:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D5:1B:9F:59:63:EE:26:88:24:34:CA:01:74:EE:69:6E:21:E2:4F
X509v3 Authority Key Identifier:
keyid:26:97:EE:5B:EA:95:B6:FC:A9:2D:7C:80:05:B2:53:1D:0D:51:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpfuW-qVtvypLXyABbJTHQ1RBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/odUbn1lj7iaIJDTKAXTuaW4h4k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d99af7-e1a0-4b56-b213-87f129dc0ff2/1/JpfuW-qVtvypLXyABbJTHQ1RBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.36.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:47:ab:be:a9:93:94:66:9e:35:47:2a:b6:94:63:cd:51:4b:
ab:97:be:e2:58:8b:39:d4:dd:7f:a0:d8:29:78:1f:fe:80:25:
9d:9f:bb:94:8a:76:40:18:ab:4d:ac:7d:96:d9:fe:e7:cb:00:
d5:c9:6a:f7:5d:40:b4:94:74:69:6f:c1:d4:9a:3b:e1:19:3f:
30:65:f3:97:a7:3e:fd:53:13:ad:9f:bf:32:8b:45:1f:78:0f:
83:01:08:16:d0:ac:70:86:83:72:cc:4d:e2:0f:a7:68:e8:8a:
4f:8a:4b:bf:bf:0c:71:aa:79:2e:fb:3b:b3:af:05:47:54:4b:
cd:5b:d5:f1:bc:66:be:79:16:20:f4:34:ce:17:90:d9:aa:7d:
56:a4:14:52:38:2b:5c:8a:65:b7:3e:ca:d6:4d:d9:13:d8:79:
6d:99:30:f6:15:9b:98:b9:38:aa:87:e3:88:41:65:66:27:9f:
90:d6:55:b8:a4:fe:1b:8d:01:17:8c:80:42:e7:44:16:19:eb:
5f:c5:d8:4b:be:e9:19:f3:60:88:49:d7:82:64:9a:33:d5:9a:
ef:bf:1d:64:19:87:12:cb:74:3c:0a:04:51:4c:6a:31:91:96:
4a:1a:b7:c0:8b:d2:b2:d8:4e:c7:49:92:68:c8:ef:df:d5:47:
52:dd:5a:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycSP+IbGTSGSJv/L/eAHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OTdlZTViZWE5NWI2ZmNhOTJkN2M4MDA1YjI1MzFkMGQ1
MTA0NjgwHhcNMjMwMTAyMTIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ1MWI5ZjU5NjNlZTI2ODgyNDM0Y2EwMTc0ZWU2OTZlMjFlMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRoZBuJuXyWMSWprr6oojETDZNYd
sa3GPcRxx0Ag6C1oc+Nf4Ie9yj9VDvQs5e4e66mjCza3xJ766sIKZYR1RlnskS/N
NcnGIl0ty6rX7yLegXQc1vhCreBl7DMim8+Y7xTs+ejENJtKFwCiGysm0npmz6ex
45h43/jlgxC74iMSDssq1YqjekbfDHGshX0RDVTGtOu8oIt3OqNA41QJn2+2AxdO
XDJ2GFQeMFfuPubRtBNWY5bdHCE53MiZzH198SulL4sunEySV9YcxytnjSjXNZC5
BVFqSM5wvmKWKpOVVL/dWKNIzeDEaE/blDS6J4gGlrZ0sLPae1KSM2AAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHVG59ZY+4miCQ0ygF07mluIeJPMB8GA1UdIwQY
MBaAFCaX7lvqlbb8qS18gAWyUx0NUQRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMt
ODdmMTI5ZGMwZmYyLzEvb2RVYm4xbGo3aWFJSkRUS0FYVHVhVzRoNGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kOTlhZjctZTFhMC00YjU2LWIyMTMtODdmMTI5ZGMwZmYy
LzEvSnBmdVctcVZ0dnlwTFh5QUJiSlRIUTFSQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwickMA0G
CSqGSIb3DQEBCwUAA4IBAQAcR6u+qZOUZp41Ryq2lGPNUUurl77iWIs51N1/oNgp
eB/+gCWdn7uUinZAGKtNrH2W2f7nywDVyWr3XUC0lHRpb8HUmjvhGT8wZfOXpz79
UxOtn78yi0UfeA+DAQgW0KxwhoNyzE3iD6do6IpPiku/vwxxqnku+zuzrwVHVEvN
W9XxvGa+eRYg9DTOF5DZqn1WpBRSOCtcimW3PsrWTdkT2HltmTD2FZuYuTiqh+OI
QWVmJ5+Q1lW4pP4bjQEXjIBC50QWGetfxdhLvukZ82CISdeCZJoz1Zrvvx1kGYcS
y3Q8CgRRTGoxkZZKGrfAi9Ky2E7HSZJoyO/f1UdS3Vp4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:03 2024 by rpki-client on console-ams.rpki-client.org