Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/OYjvZY4e3TMnSZyUytq4mytGaN8.roa
File: OYjvZY4e3TMnSZyUytq4mytGaN8.roa (raw, json)
Hash identifier: sYGnQ0v+1Qewjsx4muJ3SMk0DaaAWBuKFVnpnaQZlyk=
Subject key identifier: 39:88:EF:65:8E:1E:DD:33:27:49:9C:94:CA:DA:B8:9B:2B:46:68:DF
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F26D0CF8DAB62C4A8D3DD633492F0
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/OYjvZY4e3TMnSZyUytq4mytGaN8.roa
Signing time: Tue 02 Jan 2024 04:29:36 +0000
ROA not before: Tue 02 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.234.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 15:34:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:26:d0:cf:8d:ab:62:c4:a8:d3:dd:63:34:92:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3988ef658e1edd3327499c94cadab89b2b4668df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:88:f7:e1:7e:d2:d6:e3:f9:a4:7c:12:18:ea:
5f:17:7b:62:4c:68:e1:38:c0:e9:fb:0a:43:af:e2:
b4:24:83:43:9c:54:b4:92:7a:94:bb:ac:f6:ee:61:
f7:20:ad:d0:30:18:f1:ae:79:07:7e:8a:ed:30:8f:
43:46:e3:19:13:f8:af:02:ae:01:55:e5:db:af:27:
3b:a0:0a:81:04:83:0f:83:52:de:37:16:f0:6e:7d:
5a:c8:ce:2c:3b:61:47:cf:26:9f:da:b7:31:d3:d3:
49:40:a0:f6:9c:3c:39:70:d3:09:6c:20:8d:17:8e:
80:d6:06:7e:a8:f9:aa:8b:78:cb:95:bf:fd:f5:5f:
ec:21:65:4b:3f:c4:0a:fe:d9:6a:83:41:cd:f3:2e:
62:19:86:62:99:ed:05:72:a1:e0:cf:72:04:29:66:
3a:f2:b1:07:d5:bf:de:79:3e:2b:a5:65:b7:ac:90:
01:0c:99:91:fa:c1:01:33:5a:e1:ce:9d:eb:19:06:
d3:2b:a0:79:aa:39:70:94:bf:fc:90:20:61:29:12:
0a:1f:0e:0f:96:be:ef:67:e8:af:6a:8f:c0:6b:12:
7d:59:52:37:77:14:c3:97:83:65:ee:5e:98:37:ed:
6e:e8:af:ee:6a:d5:83:f3:51:49:16:04:5a:a7:96:
5a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:88:EF:65:8E:1E:DD:33:27:49:9C:94:CA:DA:B8:9B:2B:46:68:DF
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/OYjvZY4e3TMnSZyUytq4mytGaN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:eb:2e:4e:e7:c4:be:74:a3:91:ef:87:30:30:c8:f3:c9:d3:
b5:20:07:54:c7:a8:36:03:ba:09:4a:c8:c2:ae:d1:eb:be:22:
a5:fa:59:1c:3e:35:6f:d0:13:63:02:d1:81:3e:63:31:ba:fc:
c1:02:83:d6:8e:f3:cf:62:94:ab:0f:a8:92:96:bf:4f:7c:c7:
3e:43:b5:59:04:7f:76:f1:55:72:38:e0:1b:22:e6:36:c3:a4:
a2:3d:1c:2c:88:47:7a:11:1d:ea:9a:56:83:4d:ea:3d:90:a7:
4c:64:82:81:d6:bd:a8:8f:18:f8:f7:9a:0b:e9:27:37:46:3d:
6e:ad:ee:b6:81:13:37:7c:44:b1:be:80:9d:d7:8a:b9:0d:ae:
6c:3e:cb:60:aa:06:b8:8b:a5:c5:de:bb:64:cc:d2:5b:41:17:
c9:3f:8b:6b:7e:c0:4f:b2:be:f7:a5:ab:70:a5:ab:2f:05:e6:
d9:56:65:30:78:1a:26:40:0a:cf:7e:3c:f0:ad:e3:c0:39:98:
83:2e:29:0d:df:36:ca:34:cf:c7:8c:0a:bd:84:35:8d:32:19:
e6:62:9f:47:2b:f4:30:72:b1:0a:07:b3:e5:28:e8:ec:51:4b:
25:3f:cc:35:5f:fa:ba:9c:7d:cd:a9:ab:72:75:b8:ce:9f:94:
f3:52:74:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbybQz42rYsSo091jNJLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTg4ZWY2NThlMWVkZDMzMjc0OTljOTRjYWRhYjg5YjJiNDY2OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoj34X7S1uP5pHwSGOpfF3tiTGjh
OMDp+wpDr+K0JINDnFS0knqUu6z27mH3IK3QMBjxrnkHfortMI9DRuMZE/ivAq4B
VeXbryc7oAqBBIMPg1LeNxbwbn1ayM4sO2FHzyaf2rcx09NJQKD2nDw5cNMJbCCN
F46A1gZ+qPmqi3jLlb/99V/sIWVLP8QK/tlqg0HN8y5iGYZime0FcqHgz3IEKWY6
8rEH1b/eeT4rpWW3rJABDJmR+sEBM1rhzp3rGQbTK6B5qjlwlL/8kCBhKRIKHw4P
lr7vZ+ivao/AaxJ9WVI3dxTDl4Nl7l6YN+1u6K/uatWD81FJFgRap5ZaRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmI72WOHt0zJ0mclMrauJsrRmjfMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvT1lqdlpZNGUzVE1uU1p5VXl0cTRteXRHYU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY3qAwQA
Xr7DMA0GCSqGSIb3DQEBCwUAA4IBAQCi6y5O58S+dKOR74cwMMjzydO1IAdUx6g2
A7oJSsjCrtHrviKl+lkcPjVv0BNjAtGBPmMxuvzBAoPWjvPPYpSrD6iSlr9PfMc+
Q7VZBH928VVyOOAbIuY2w6SiPRwsiEd6ER3qmlaDTeo9kKdMZIKB1r2ojxj495oL
6Sc3Rj1ure62gRM3fESxvoCd14q5Da5sPstgqga4i6XF3rtkzNJbQRfJP4trfsBP
sr73patwpasvBebZVmUweBomQArPfjzwrePAOZiDLikN3zbKNM/HjAq9hDWNMhnm
Yp9HK/QwcrEKB7PlKOjsUUslP8w1X/q6nH3NqatydbjOn5TzUnR5
-----END CERTIFICATE-----
Generated at Mon Jan 22 19:25:31 2024 by rpki-client on console-ams.rpki-client.org