Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OMCeKdvaKru71iHid93FipRB9tQ.roa
File: OMCeKdvaKru71iHid93FipRB9tQ.roa (raw, json)
Hash identifier: cYqZ0lTYbr5bDNRkUcu7cDfG6rwD61EUEUr44FJddUg=
Subject key identifier: 38:C0:9E:29:DB:DA:2A:BB:BB:D6:21:E2:77:DD:C5:8A:94:41:F6:D4
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0189DEBEE24A1E23D762C337709D8C2BB87F
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OMCeKdvaKru71iHid93FipRB9tQ.roa
Signing time: Thu 10 Aug 2023 09:19:59 +0000
ROA not before: Thu 10 Aug 2023 09:19:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34661
IP address blocks: 45.152.164.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:be:e2:4a:1e:23:d7:62:c3:37:70:9d:8c:2b:b8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Aug 10 09:19:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38c09e29dbda2abbbbd621e277ddc58a9441f6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:34:07:f0:43:2a:4a:45:a4:ba:a3:30:3a:ff:
28:37:3b:31:a9:69:12:5c:2f:15:79:02:09:1d:82:
17:90:cc:32:5b:f5:e7:85:82:13:40:f9:b6:2b:da:
2f:34:06:dd:e9:aa:04:f1:60:aa:11:7f:42:d7:95:
f1:c9:41:dc:d6:f6:ac:c1:a1:74:e1:db:60:11:16:
f3:fc:15:1c:f5:63:f7:02:80:bb:15:b9:c8:a6:81:
c2:1f:c8:6b:33:5b:d2:c8:15:d5:3f:d8:f4:ca:61:
8c:61:b2:a9:6e:97:b9:ed:d0:b2:01:0c:21:94:dd:
00:c0:99:2e:b7:9a:4c:48:2c:1b:94:61:88:75:8d:
29:b1:9e:15:b6:bf:bd:85:df:53:33:d9:c8:d6:33:
5f:53:9e:55:40:1b:ff:e1:94:03:c4:c3:4e:ba:a7:
80:7c:67:db:bc:84:02:71:3a:94:37:a1:05:9b:43:
92:f6:27:be:3e:b5:c9:a6:ea:21:fa:e8:40:8c:5e:
54:05:0c:05:d5:4c:90:e1:06:e3:c5:2b:4d:d1:8b:
78:26:86:b9:e3:f5:72:c9:ff:8e:12:82:a3:2e:99:
b7:b1:b0:ca:c3:b0:64:7d:ec:fe:57:9a:72:e9:12:
7b:77:ba:88:8b:20:31:86:90:77:35:23:6e:15:a1:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C0:9E:29:DB:DA:2A:BB:BB:D6:21:E2:77:DD:C5:8A:94:41:F6:D4
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/OMCeKdvaKru71iHid93FipRB9tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:2b:3f:74:92:cd:c4:45:53:42:9d:6a:6f:65:cd:8f:46:ba:
c7:f0:8b:73:c7:1e:69:57:9a:8c:28:09:f2:37:f9:03:49:1a:
e2:7a:62:a8:32:54:09:f4:92:2a:b5:33:28:97:3b:55:bb:bd:
0a:d2:75:a4:50:1a:78:66:c0:b7:c9:d8:c2:89:76:c4:50:88:
76:03:ff:71:19:8a:77:96:42:4c:a8:fd:9a:2f:26:b5:9c:51:
ca:9c:80:4f:a0:98:f6:1d:d0:0e:41:dc:ed:77:2e:a0:8b:bd:
b4:68:8c:bc:0c:a9:db:dd:8b:68:1b:a1:ad:f2:d9:95:88:60:
6c:0c:fe:c0:44:97:e1:21:c6:08:b7:48:17:5f:af:af:0b:d3:
cb:d3:01:7a:d4:dc:e4:e6:72:3d:d0:e8:b8:13:eb:d5:2a:7a:
74:4f:47:5a:4a:e5:bb:e0:a0:d7:37:6a:dc:9b:1c:f5:f6:38:
2a:92:0c:98:a3:bc:af:ff:be:cc:99:5a:35:64:d6:ef:56:4d:
44:b4:1d:39:8c:46:5d:99:f1:12:ae:c1:f0:a8:64:e9:e6:d3:
4e:cb:b3:39:c1:7e:2e:72:94:a9:a1:59:8f:68:72:53:fa:ad:
84:33:e5:1b:0c:72:59:30:a2:88:41:4e:a4:2d:33:38:d7:82:
a7:8d:84:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnevuJKHiPXYsM3cJ2MK7h/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwODEwMDkxOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMwOWUyOWRiZGEyYWJiYmJkNjIxZTI3N2RkYzU4YTk0NDFmNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTQH8EMqSkWkuqMwOv8oNzsxqWkS
XC8VeQIJHYIXkMwyW/XnhYITQPm2K9ovNAbd6aoE8WCqEX9C15XxyUHc1vaswaF0
4dtgERbz/BUc9WP3AoC7FbnIpoHCH8hrM1vSyBXVP9j0ymGMYbKpbpe57dCyAQwh
lN0AwJkut5pMSCwblGGIdY0psZ4Vtr+9hd9TM9nI1jNfU55VQBv/4ZQDxMNOuqeA
fGfbvIQCcTqUN6EFm0OS9ie+PrXJpuoh+uhAjF5UBQwF1UyQ4QbjxStN0Yt4Joa5
4/Vyyf+OEoKjLpm3sbDKw7Bkfez+V5py6RJ7d7qIiyAxhpB3NSNuFaGl3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjAninb2iq7u9Yh4nfdxYqUQfbUMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvT01DZUtkdmFLcnU3MWlIaWQ5M0ZpcFJCOXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZikMA0G
CSqGSIb3DQEBCwUAA4IBAQC4Kz90ks3ERVNCnWpvZc2PRrrH8Itzxx5pV5qMKAny
N/kDSRriemKoMlQJ9JIqtTMolztVu70K0nWkUBp4ZsC3ydjCiXbEUIh2A/9xGYp3
lkJMqP2aLya1nFHKnIBPoJj2HdAOQdztdy6gi720aIy8DKnb3YtoG6Gt8tmViGBs
DP7ARJfhIcYIt0gXX6+vC9PL0wF61Nzk5nI90Oi4E+vVKnp0T0daSuW74KDXN2rc
mxz19jgqkgyYo7yv/77MmVo1ZNbvVk1EtB05jEZdmfESrsHwqGTp5tNOy7M5wX4u
cpSpoVmPaHJT+q2EM+UbDHJZMKKIQU6kLTM414KnjYQI
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:13 2024 by rpki-client on console-ams.rpki-client.org