Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/Oho6YMSSHydeFkL8bsgVt0J18GY.roa
File: Oho6YMSSHydeFkL8bsgVt0J18GY.roa (raw, json)
Hash identifier: 3KGAr9UilZHcVTJrN7QtxMzF6qfEI0kvJsem8fBtYys=
Subject key identifier: 3A:1A:3A:60:C4:92:1F:27:5E:16:42:FC:6E:C8:15:B7:42:75:F0:66
Certificate issuer: /CN=bbc264b5a6494f890fa314f61fd7d27587e35830
Certificate serial: 018571D7B29EB9D9CE52F3808F031093CB80
Authority key identifier: BB:C2:64:B5:A6:49:4F:89:0F:A3:14:F6:1F:D7:D2:75:87:E3:58:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8JktaZJT4kPoxT2H9fSdYfjWDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/Oho6YMSSHydeFkL8bsgVt0J18GY.roa
Signing time: Mon 02 Jan 2023 09:37:19 +0000
ROA not before: Mon 02 Jan 2023 09:37:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200026
IP address blocks: 185.40.52.0/22 maxlen: 22
145.14.248.0/21 maxlen: 21
153.92.112.0/21 maxlen: 21
2a00:f120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b2:9e:b9:d9:ce:52:f3:80:8f:03:10:93:cb:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbc264b5a6494f890fa314f61fd7d27587e35830
Validity
Not Before: Jan 2 09:37:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a1a3a60c4921f275e1642fc6ec815b74275f066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:3a:ff:ab:22:d1:4a:fb:ce:b9:2e:9c:ee:
a4:00:6a:02:48:fb:96:16:f7:fd:96:64:65:36:6a:
df:59:45:82:b4:68:32:13:9b:11:10:5d:60:ed:55:
56:e8:56:ed:94:68:b4:7f:7b:1f:35:41:12:eb:bd:
b2:9f:88:5b:67:c9:ae:5f:09:79:b6:50:de:3e:e8:
41:d8:78:74:3a:84:17:64:b8:7f:6e:ba:77:d1:53:
7f:24:df:1c:1f:27:3d:25:da:f2:1e:f1:e5:28:e6:
c5:da:d1:91:7d:03:8c:98:23:67:25:0a:38:0a:ee:
98:8c:78:dd:0a:ed:1c:e6:8c:fc:6a:35:b3:91:06:
1b:6e:27:df:b6:b7:95:78:48:d8:a9:dc:e5:e7:e7:
ae:1f:e7:63:20:fd:eb:c0:0c:29:53:a5:4a:85:ef:
5a:03:de:be:f1:01:fc:b1:c4:ff:6f:65:71:23:fa:
f2:c6:1c:37:6c:79:88:7e:78:bd:4c:8c:1a:2e:8d:
df:ed:29:97:ba:05:ff:21:42:12:40:3b:37:4d:a2:
3e:f3:9e:59:79:3a:2e:03:c1:d0:23:6c:f3:a3:ad:
55:06:44:b6:66:f7:fd:e6:a4:d0:4d:90:f9:c4:e1:
24:da:fe:d3:f6:83:f9:4f:8d:e6:12:44:dd:0d:1f:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1A:3A:60:C4:92:1F:27:5E:16:42:FC:6E:C8:15:B7:42:75:F0:66
X509v3 Authority Key Identifier:
keyid:BB:C2:64:B5:A6:49:4F:89:0F:A3:14:F6:1F:D7:D2:75:87:E3:58:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8JktaZJT4kPoxT2H9fSdYfjWDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/Oho6YMSSHydeFkL8bsgVt0J18GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/ea4e64-6d70-4bfd-909d-f0546cfab061/1/u8JktaZJT4kPoxT2H9fSdYfjWDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.248.0/21
153.92.112.0/21
185.40.52.0/22
IPv6:
2a00:f120::/32
Signature Algorithm: sha256WithRSAEncryption
a5:0a:08:9a:7e:01:3c:36:c4:5c:12:f6:ef:b6:a5:1a:e4:02:
81:90:38:0e:05:07:6f:6d:42:69:b3:fb:a2:14:0d:86:c8:ed:
c6:c1:20:5f:95:b4:0d:fe:74:07:dc:a7:74:dd:22:5a:71:e3:
c5:b9:59:4e:04:30:f3:61:0f:d2:d2:68:62:ee:84:2a:ff:0c:
79:03:1e:df:c6:d7:ce:a5:65:cb:80:e9:b6:f5:b8:1c:27:a4:
bb:19:f3:01:2b:ae:34:eb:8a:39:ed:30:ac:12:95:0e:bf:15:
03:4d:05:48:00:8b:17:31:87:f7:07:7a:27:0e:fe:d6:3b:63:
e6:19:2d:68:de:79:7c:d3:b0:87:e8:01:9d:ce:70:41:11:7b:
88:b0:7e:b2:d7:b4:af:54:c3:91:49:e6:0a:6e:49:54:68:66:
31:f0:4c:f8:3e:8e:89:60:11:b9:c7:b4:86:d5:02:a0:f0:49:
8f:68:08:77:f7:70:ae:f2:19:e9:b7:da:71:1d:09:75:62:2f:
96:ae:05:03:b1:aa:ed:fe:cc:6b:e2:b8:07:92:0a:ce:ff:29:
38:b7:dd:6d:cd:85:1f:75:35:ab:ae:67:c6:d8:75:db:00:f5:
77:56:41:70:c7:ae:6f:6a:dd:c3:e5:f8:6d:d9:c9:af:00:90:
0b:7e:db:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVx17KeudnOUvOAjwMQk8uAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzI2NGI1YTY0OTRmODkwZmEzMTRmNjFmZDdkMjc1ODdl
MzU4MzAwHhcNMjMwMTAyMDkzNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFhM2E2MGM0OTIxZjI3NWUxNjQyZmM2ZWM4MTViNzQyNzVmMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy386/6si0Ur7zrkunO6kAGoCSPuW
Fvf9lmRlNmrfWUWCtGgyE5sREF1g7VVW6FbtlGi0f3sfNUES672yn4hbZ8muXwl5
tlDePuhB2Hh0OoQXZLh/brp30VN/JN8cHyc9JdryHvHlKObF2tGRfQOMmCNnJQo4
Cu6YjHjdCu0c5oz8ajWzkQYbbifftreVeEjYqdzl5+euH+djIP3rwAwpU6VKhe9a
A96+8QH8scT/b2VxI/ryxhw3bHmIfni9TIwaLo3f7SmXugX/IUISQDs3TaI+855Z
eTouA8HQI2zzo61VBkS2Zvf95qTQTZD5xOEk2v7T9oP5T43mEkTdDR/eLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDoaOmDEkh8nXhZC/G7IFbdCdfBmMB8GA1UdIwQY
MBaAFLvCZLWmSU+JD6MU9h/X0nWH41gwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThKa3RhWkpUNGtQb3hUMkg5ZlNkWWZqV0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lYTRlNjQtNmQ3MC00YmZkLTkwOWQt
ZjA1NDZjZmFiMDYxLzEvT2hvNllNU1NIeWRlRmtMOGJzZ1Z0MEoxOEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lYTRlNjQtNmQ3MC00YmZkLTkwOWQtZjA1NDZjZmFiMDYx
LzEvdThKa3RhWkpUNGtQb3hUMkg5ZlNkWWZqV0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDkQ74AwQD
mVxwAwQCuSg0MA0EAgACMAcDBQAqAPEgMA0GCSqGSIb3DQEBCwUAA4IBAQClCgia
fgE8NsRcEvbvtqUa5AKBkDgOBQdvbUJps/uiFA2GyO3GwSBflbQN/nQH3Kd03SJa
cePFuVlOBDDzYQ/S0mhi7oQq/wx5Ax7fxtfOpWXLgOm29bgcJ6S7GfMBK64064o5
7TCsEpUOvxUDTQVIAIsXMYf3B3onDv7WO2PmGS1o3nl807CH6AGdznBBEXuIsH6y
17SvVMORSeYKbklUaGYx8Ez4Po6JYBG5x7SG1QKg8EmPaAh393Cu8hnpt9pxHQl1
Yi+WrgUDsart/sxr4rgHkgrO/yk4t91tzYUfdTWrrmfG2HXbAPV3VkFwx65vat3D
5fht2cmvAJALftsx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:55 2024 by rpki-client on console-fra.rpki-client.org