Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/OcxM-9_pKOUEZJSCW6ofgEJC7dc.roa
File: OcxM-9_pKOUEZJSCW6ofgEJC7dc.roa (raw, json)
Hash identifier: EWc5tt6Re1Zowvo8vZvPTsbFuIvNNxPE2v9gGdh2GAE=
Subject key identifier: 39:CC:4C:FB:DF:E9:28:E5:04:64:94:82:5B:AA:1F:80:42:42:ED:D7
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 01856F14CA8EE727EE0A94270AB73222297E
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/OcxM-9_pKOUEZJSCW6ofgEJC7dc.roa
Signing time: Sun 01 Jan 2023 20:45:11 +0000
ROA not before: Sun 01 Jan 2023 20:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25234
IP address blocks: 213.188.152.0/22 maxlen: 22
185.71.159.0/24 maxlen: 24
2a02:250:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ca:8e:e7:27:ee:0a:94:27:0a:b7:32:22:29:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 1 20:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39cc4cfbdfe928e5046494825baa1f804242edd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:87:94:65:43:0a:5c:3e:67:d4:d6:83:29:
8b:cc:2c:dc:20:58:75:32:d7:b6:1e:89:1c:67:71:
59:fe:14:c5:3a:82:3d:66:95:57:b6:45:47:78:45:
7c:f8:24:b9:66:17:97:bb:73:dd:ff:e7:0a:cb:17:
d7:2a:32:b2:e4:d4:13:6f:50:36:00:a1:5c:d1:4f:
bd:a6:c0:2e:a6:41:1f:fb:14:67:31:67:58:d6:f3:
df:c9:1c:32:99:9d:31:ff:21:91:2d:7f:b2:ea:10:
1a:9d:05:2b:64:6d:ad:74:01:d4:a6:ff:7e:8b:e6:
b7:50:df:ee:8d:a6:3f:60:28:11:38:d1:d0:c3:90:
17:f6:99:c8:14:7c:03:c6:e6:80:58:81:ea:19:26:
5f:36:f0:ef:d1:91:e5:a1:46:69:7b:df:1f:26:f7:
4a:59:43:cb:6c:f8:31:84:63:6d:c8:f7:14:9b:f5:
01:15:f3:77:b6:dd:f3:38:7b:22:1c:e7:04:7c:41:
3b:9e:30:3f:ed:72:cf:37:59:0c:dc:43:dc:3d:c0:
64:3e:ac:c2:ef:5a:bd:46:d9:f1:11:04:91:4c:52:
37:ed:c1:dc:9c:c5:69:04:7a:06:4a:a2:31:7a:36:
f3:2e:b5:d6:68:3a:76:31:b7:5b:29:db:24:cf:87:
fc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CC:4C:FB:DF:E9:28:E5:04:64:94:82:5B:AA:1F:80:42:42:ED:D7
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/OcxM-9_pKOUEZJSCW6ofgEJC7dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.159.0/24
213.188.152.0/22
IPv6:
2a02:250:3::/48
Signature Algorithm: sha256WithRSAEncryption
4d:1f:6e:b3:2b:47:82:d5:2b:e3:56:eb:e7:5d:03:a2:2d:a7:
28:12:b3:22:c4:8e:20:67:d7:c8:ea:be:70:e5:3b:71:81:6a:
6d:fd:a2:e0:6d:ef:6d:b7:31:ed:a8:5b:2f:bf:e2:6d:e7:f8:
a3:a1:32:5e:a9:fe:78:84:78:8c:a4:5e:32:d4:6f:98:56:90:
bd:5f:93:2d:bf:be:3c:81:4e:78:3b:95:ec:f4:cf:77:d6:0e:
9b:da:a4:a3:2d:d2:c8:db:01:6c:70:16:f9:17:41:2a:b7:a8:
8a:47:7d:47:a0:dc:d8:b3:f9:2a:05:9b:d3:64:37:b8:3e:c3:
49:a1:fd:6b:fd:ec:99:ac:bc:40:e2:80:27:ec:50:b1:f7:60:
82:20:68:71:37:71:9c:08:60:c4:79:57:8a:af:16:66:d6:35:
76:01:50:85:3a:f4:c9:2d:02:63:77:fe:1c:ac:c3:cd:cb:54:
cb:af:95:8c:85:19:3c:2b:ed:c8:66:45:13:a3:21:9b:77:04:
63:59:30:62:87:0d:10:dc:44:c6:77:c6:00:35:37:38:63:cb:
23:3d:64:f6:65:9c:8d:e9:d5:5a:e9:35:cb:4d:92:fc:f4:1d:
4c:37:ea:09:f8:2b:4e:c7:f7:26:fb:47:7c:1b:0b:2f:26:52:
ce:d8:9e:14
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvFMqO5yfuCpQnCrcyIil+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjMwMTAxMjA0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNjNGNmYmRmZTkyOGU1MDQ2NDk0ODI1YmFhMWY4MDQyNDJlZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljOHlGVDClw+Z9TWgymLzCzcIFh1
Mte2HokcZ3FZ/hTFOoI9ZpVXtkVHeEV8+CS5ZheXu3Pd/+cKyxfXKjKy5NQTb1A2
AKFc0U+9psAupkEf+xRnMWdY1vPfyRwymZ0x/yGRLX+y6hAanQUrZG2tdAHUpv9+
i+a3UN/ujaY/YCgRONHQw5AX9pnIFHwDxuaAWIHqGSZfNvDv0ZHloUZpe98fJvdK
WUPLbPgxhGNtyPcUm/UBFfN3tt3zOHsiHOcEfEE7njA/7XLPN1kM3EPcPcBkPqzC
71q9RtnxEQSRTFI37cHcnMVpBHoGSqIxejbzLrXWaDp2MbdbKdskz4f8EwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDnMTPvf6SjlBGSUgluqH4BCQu3XMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvT2N4TS05X3BLT1VFWkpTQ1c2b2ZnRUpDN2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuUefAwQC
1byYMA8EAgACMAkDBwAqAgJQAAMwDQYJKoZIhvcNAQELBQADggEBAE0fbrMrR4LV
K+NW6+ddA6ItpygSsyLEjiBn18jqvnDlO3GBam39ouBt7223Me2oWy+/4m3n+KOh
Ml6p/niEeIykXjLUb5hWkL1fky2/vjyBTng7lez0z3fWDpvapKMt0sjbAWxwFvkX
QSq3qIpHfUeg3Niz+SoFm9NkN7g+w0mh/Wv97JmsvEDigCfsULH3YIIgaHE3cZwI
YMR5V4qvFmbWNXYBUIU69MktAmN3/hysw83LVMuvlYyFGTwr7chmRROjIZt3BGNZ
MGKHDRDcRMZ3xgA1NzhjyyM9ZPZlnI3p1VrpNctNkvz0HUw36gn4K07H9yb7R3wb
Cy8mUs7YnhQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:45 2024 by rpki-client on console-ams.rpki-client.org