Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dc4c-643a-41b8-a459-2b518acb78f3/1/OB7cnlnjQpKCm6HttB9M9-p8r84.roa
File: OB7cnlnjQpKCm6HttB9M9-p8r84.roa (raw, json)
Hash identifier: lTnDD9oxZS90FJ0bdH5CMyQSAZOcdYOG58qgkQZksXY=
Subject key identifier: 38:1E:DC:9E:59:E3:42:92:82:9B:A1:ED:B4:1F:4C:F7:EA:7C:AF:CE
Certificate issuer: /CN=74f9369c6e23c1bf0dbed301c7d00b4a3fdf0d04
Certificate serial: 01856E6FCDC9231740C3D0B036EA21B503C8
Authority key identifier: 74:F9:36:9C:6E:23:C1:BF:0D:BE:D3:01:C7:D0:0B:4A:3F:DF:0D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPk2nG4jwb8NvtMBx9ALSj_fDQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dc4c-643a-41b8-a459-2b518acb78f3/1/OB7cnlnjQpKCm6HttB9M9-p8r84.roa
Signing time: Sun 01 Jan 2023 17:44:58 +0000
ROA not before: Sun 01 Jan 2023 17:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 130.73.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:cd:c9:23:17:40:c3:d0:b0:36:ea:21:b5:03:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74f9369c6e23c1bf0dbed301c7d00b4a3fdf0d04
Validity
Not Before: Jan 1 17:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=381edc9e59e34292829ba1edb41f4cf7ea7cafce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:51:82:cc:08:7b:d6:11:23:09:59:78:be:59:
40:9b:db:93:94:d6:a2:ef:15:8f:2e:16:91:6e:11:
4c:43:d8:66:cd:05:42:18:1d:06:04:9a:bd:11:8e:
92:ba:1c:88:29:24:a4:bf:81:66:8b:11:59:1d:14:
ca:91:89:fd:83:65:ae:be:c2:97:89:99:f9:d4:68:
2b:61:bf:24:78:34:01:57:a8:cc:84:af:df:aa:a2:
7a:a5:61:ec:4e:0a:df:2b:2c:e8:f5:fa:c8:64:d7:
fc:52:1e:4d:ca:9c:50:c7:04:3e:d5:8c:e9:cd:33:
cd:5e:a7:f0:c4:f6:7b:0e:0c:80:18:b9:ad:9a:5c:
f9:51:d1:91:12:88:41:81:c1:dd:cf:ec:8d:90:cd:
29:4b:91:52:ab:2c:32:89:24:ed:b9:ac:c0:4a:88:
61:5f:a9:39:91:87:f0:fb:7e:3c:28:0b:72:cd:7c:
f9:2e:46:13:74:d1:9e:e8:0c:41:5d:67:59:a6:7c:
f0:12:fd:84:ae:82:96:49:3a:36:39:e0:8c:80:72:
69:b3:4f:f4:db:51:d8:cf:64:d4:76:c8:80:7c:37:
6a:cc:ce:17:e9:f8:71:1f:ac:54:d1:5d:4b:f4:5b:
fe:5d:1f:ba:e2:0b:d9:9f:db:f2:99:d8:27:42:d6:
00:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1E:DC:9E:59:E3:42:92:82:9B:A1:ED:B4:1F:4C:F7:EA:7C:AF:CE
X509v3 Authority Key Identifier:
keyid:74:F9:36:9C:6E:23:C1:BF:0D:BE:D3:01:C7:D0:0B:4A:3F:DF:0D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPk2nG4jwb8NvtMBx9ALSj_fDQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dc4c-643a-41b8-a459-2b518acb78f3/1/OB7cnlnjQpKCm6HttB9M9-p8r84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dc4c-643a-41b8-a459-2b518acb78f3/1/dPk2nG4jwb8NvtMBx9ALSj_fDQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.73.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:ad:7a:bd:d3:bd:60:2d:62:66:d6:41:8c:1c:7a:d4:44:0c:
b0:07:9b:8c:30:ed:db:2b:93:8b:cd:4f:27:b7:59:ad:96:b2:
0b:b5:32:6c:25:04:30:49:86:37:c1:ed:14:4f:cc:6d:f0:17:
b5:b8:a7:fc:21:39:6b:41:5e:96:83:19:92:cf:84:54:e1:f4:
e3:b7:53:2a:43:1b:47:c5:bc:d6:93:33:1d:ff:0e:fd:f3:ce:
15:47:da:7a:3d:a2:78:dc:a5:a2:55:b0:ed:a3:97:7c:d0:73:
a7:76:a2:57:18:cf:c2:98:c7:c3:ac:f5:14:c0:be:ea:4b:ab:
e4:dc:eb:b5:7f:b2:fc:93:68:37:06:ef:a3:43:fc:33:7d:8a:
f6:85:5c:0b:48:d9:16:6a:7a:34:e4:4a:e5:64:0c:94:74:a1:
62:64:7e:76:89:ed:d5:92:7d:21:9c:36:fb:da:2a:20:01:ee:
e3:24:bc:f6:8d:73:5b:00:71:75:35:40:36:7d:3c:3a:af:37:
e7:7e:18:4c:84:b4:1d:08:45:6e:f7:8a:2e:cd:6d:ec:5c:41:
59:11:5c:74:f6:b3:e7:b4:92:34:33:9b:b3:ab:70:e0:3d:65:
74:fb:60:e8:6e:5c:40:09:8a:4e:ef:8d:c5:85:ec:81:90:b6:
e6:11:38:84
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVub83JIxdAw9CwNuohtQPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjkzNjljNmUyM2MxYmYwZGJlZDMwMWM3ZDAwYjRhM2Zk
ZjBkMDQwHhcNMjMwMTAxMTc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFlZGM5ZTU5ZTM0MjkyODI5YmExZWRiNDFmNGNmN2VhN2NhZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1GCzAh71hEjCVl4vllAm9uTlNai
7xWPLhaRbhFMQ9hmzQVCGB0GBJq9EY6SuhyIKSSkv4FmixFZHRTKkYn9g2WuvsKX
iZn51GgrYb8keDQBV6jMhK/fqqJ6pWHsTgrfKyzo9frIZNf8Uh5NypxQxwQ+1Yzp
zTPNXqfwxPZ7DgyAGLmtmlz5UdGREohBgcHdz+yNkM0pS5FSqywyiSTtuazASohh
X6k5kYfw+348KAtyzXz5LkYTdNGe6AxBXWdZpnzwEv2EroKWSTo2OeCMgHJps0/0
21HYz2TUdsiAfDdqzM4X6fhxH6xU0V1L9Fv+XR+64gvZn9vymdgnQtYARwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDge3J5Z40KSgpuh7bQfTPfqfK/OMB8GA1UdIwQY
MBaAFHT5NpxuI8G/Db7TAcfQC0o/3w0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBrMm5HNGp3YjhOdnRNQng5QUxTal9mRFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iOWRjNGMtNjQzYS00MWI4LWE0NTkt
MmI1MThhY2I3OGYzLzEvT0I3Y25sbmpRcEtDbTZIdHRCOU05LXA4cjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iOWRjNGMtNjQzYS00MWI4LWE0NTktMmI1MThhY2I3OGYz
LzEvZFBrMm5HNGp3YjhOdnRNQng5QUxTal9mRFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgkkwDQYJ
KoZIhvcNAQELBQADggEBACCter3TvWAtYmbWQYwcetREDLAHm4ww7dsrk4vNTye3
Wa2Wsgu1MmwlBDBJhjfB7RRPzG3wF7W4p/whOWtBXpaDGZLPhFTh9OO3UypDG0fF
vNaTMx3/Dv3zzhVH2no9onjcpaJVsO2jl3zQc6d2olcYz8KYx8Os9RTAvupLq+Tc
67V/svyTaDcG76ND/DN9ivaFXAtI2RZqejTkSuVkDJR0oWJkfnaJ7dWSfSGcNvva
KiAB7uMkvPaNc1sAcXU1QDZ9PDqvN+d+GEyEtB0IRW73ii7NbexcQVkRXHT2s+e0
kjQzm7OrcOA9ZXT7YOhuXEAJik7vjcWF7IGQtuYROIQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:45 2024 by rpki-client on console-fra.rpki-client.org