Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/36b098-e9ac-4910-a6f5-8e5d9eefaf91/1/8oogrWuK-mr4pVatwKe6W3GlyE8.roa
File: 8oogrWuK-mr4pVatwKe6W3GlyE8.roa (raw, json)
Hash identifier: CdyrUFr9GTFhGwG4sLM/Vu6vioxcwohvTcPWIdyral8=
Subject key identifier: F2:8A:20:AD:6B:8A:FA:6A:F8:A5:56:AD:C0:A7:BA:5B:71:A5:C8:4F
Certificate issuer: /CN=339e0f5e654393ceda22db44978f273e789e2341
Certificate serial: 01856BCA2B1BE1FE01FFFD221F87EB1AF44C
Authority key identifier: 33:9E:0F:5E:65:43:93:CE:DA:22:DB:44:97:8F:27:3E:78:9E:23:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M54PXmVDk87aIttEl48nPnieI0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/36b098-e9ac-4910-a6f5-8e5d9eefaf91/1/8oogrWuK-mr4pVatwKe6W3GlyE8.roa
Signing time: Sun 01 Jan 2023 05:24:49 +0000
ROA not before: Sun 01 Jan 2023 05:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48019
IP address blocks: 194.105.136.0/23 maxlen: 23
91.207.66.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:2b:1b:e1:fe:01:ff:fd:22:1f:87:eb:1a:f4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=339e0f5e654393ceda22db44978f273e789e2341
Validity
Not Before: Jan 1 05:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f28a20ad6b8afa6af8a556adc0a7ba5b71a5c84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:ac:33:35:dd:2a:d3:f9:ec:ad:26:de:26:
4c:d4:9d:d5:e3:dc:f7:aa:7a:b5:3a:f6:6e:d3:37:
d1:55:4a:b2:bb:b7:07:8c:a9:36:56:db:fc:fe:00:
f3:12:ec:22:48:a4:e6:39:6c:94:c1:af:c0:e6:c5:
d2:0d:ee:64:18:f3:89:d4:61:53:ca:da:fd:6c:6e:
e4:d3:92:f6:36:7b:1d:76:c0:9c:cc:40:4f:7c:67:
45:87:6c:32:a5:e4:49:e7:cb:88:e8:37:fb:9c:e3:
d0:54:c0:83:ce:c8:ff:15:51:ad:33:87:ad:d3:90:
b8:e3:19:b5:4a:cf:bc:6d:08:f8:f4:b6:d3:ec:28:
65:8d:d9:eb:70:d1:06:a3:1c:6c:89:15:c0:8d:c3:
55:ea:6f:a4:49:0e:8c:4d:dc:38:c6:bc:6e:c4:4d:
c2:90:6a:b3:e8:8d:06:3a:f6:c4:e3:77:71:ad:32:
4e:f6:71:8f:33:51:53:38:25:33:b9:1a:44:14:06:
f0:51:08:ff:60:d7:7c:c4:5e:1d:d9:c1:9a:05:b2:
d4:5c:bd:e4:5e:33:14:2f:c9:5d:97:d0:95:67:cb:
4f:d6:92:ea:98:3b:91:f4:eb:9c:e8:c0:af:46:fa:
02:7b:16:c8:b3:14:9c:4d:4a:1e:99:69:7d:e3:6c:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8A:20:AD:6B:8A:FA:6A:F8:A5:56:AD:C0:A7:BA:5B:71:A5:C8:4F
X509v3 Authority Key Identifier:
keyid:33:9E:0F:5E:65:43:93:CE:DA:22:DB:44:97:8F:27:3E:78:9E:23:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M54PXmVDk87aIttEl48nPnieI0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/36b098-e9ac-4910-a6f5-8e5d9eefaf91/1/8oogrWuK-mr4pVatwKe6W3GlyE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/36b098-e9ac-4910-a6f5-8e5d9eefaf91/1/M54PXmVDk87aIttEl48nPnieI0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.66.0/23
194.105.136.0/23
Signature Algorithm: sha256WithRSAEncryption
75:21:e4:34:91:3d:d3:74:a1:b6:43:a9:3b:14:88:1a:95:cd:
71:90:8f:81:63:25:b8:74:a9:8e:23:56:be:f2:35:27:a2:63:
12:64:8a:64:e8:d1:51:43:79:79:f0:ca:b1:97:69:24:7c:b2:
8a:a3:dd:4d:09:2f:7e:94:b6:3b:8d:e1:4c:40:f0:d2:d7:13:
4a:f9:49:6e:59:00:b0:14:48:f0:81:64:54:9b:a0:b7:7f:bd:
5f:35:f5:6a:4c:5a:63:0d:dd:75:21:a3:58:43:63:06:71:36:
aa:12:f0:5d:98:71:90:d4:c2:3d:dd:20:c3:62:78:3c:08:aa:
f9:68:f0:93:f4:7a:6a:95:11:f4:f9:5d:ad:81:66:5b:0d:99:
a0:70:43:fc:08:b5:b3:d3:6a:70:25:01:8f:0e:4a:92:28:27:
bc:e6:3f:f3:2d:7b:a4:5c:56:35:71:b5:f7:1b:13:a4:12:0d:
8e:76:3f:87:26:b4:4a:8d:87:43:3c:26:ab:a6:4c:0c:d1:d3:
01:c1:de:c8:65:c9:cd:42:f8:80:90:da:b9:89:36:c0:5a:7f:
cc:f4:a8:cf:d9:12:fc:07:56:9f:af:02:90:f7:f2:c0:0b:78:
a5:9b:c5:6c:2a:95:16:18:a6:af:6e:4d:e1:10:2d:a1:b8:1c:
b4:a6:52:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryisb4f4B//0iH4frGvRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOWUwZjVlNjU0MzkzY2VkYTIyZGI0NDk3OGYyNzNlNzg5
ZTIzNDEwHhcNMjMwMTAxMDUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjhhMjBhZDZiOGFmYTZhZjhhNTU2YWRjMGE3YmE1YjcxYTVjODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6sMzXdKtP57K0m3iZM1J3V49z3
qnq1OvZu0zfRVUqyu7cHjKk2Vtv8/gDzEuwiSKTmOWyUwa/A5sXSDe5kGPOJ1GFT
ytr9bG7k05L2NnsddsCczEBPfGdFh2wypeRJ58uI6Df7nOPQVMCDzsj/FVGtM4et
05C44xm1Ss+8bQj49LbT7ChljdnrcNEGoxxsiRXAjcNV6m+kSQ6MTdw4xrxuxE3C
kGqz6I0GOvbE43dxrTJO9nGPM1FTOCUzuRpEFAbwUQj/YNd8xF4d2cGaBbLUXL3k
XjMUL8ldl9CVZ8tP1pLqmDuR9Ouc6MCvRvoCexbIsxScTUoemWl942yLOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPKKIK1rivpq+KVWrcCnultxpchPMB8GA1UdIwQY
MBaAFDOeD15lQ5PO2iLbRJePJz54niNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTU0UFhtVkRrODdhSXR0RWw0OG5QbmllSTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zNmIwOTgtZTlhYy00OTEwLWE2ZjUt
OGU1ZDllZWZhZjkxLzEvOG9vZ3JXdUstbXI0cFZhdHdLZTZXM0dseUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zNmIwOTgtZTlhYy00OTEwLWE2ZjUtOGU1ZDllZWZhZjkx
LzEvTTU0UFhtVkRrODdhSXR0RWw0OG5QbmllSTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW89CAwQB
wmmIMA0GCSqGSIb3DQEBCwUAA4IBAQB1IeQ0kT3TdKG2Q6k7FIgalc1xkI+BYyW4
dKmOI1a+8jUnomMSZIpk6NFRQ3l58Mqxl2kkfLKKo91NCS9+lLY7jeFMQPDS1xNK
+UluWQCwFEjwgWRUm6C3f71fNfVqTFpjDd11IaNYQ2MGcTaqEvBdmHGQ1MI93SDD
Yng8CKr5aPCT9HpqlRH0+V2tgWZbDZmgcEP8CLWz02pwJQGPDkqSKCe85j/zLXuk
XFY1cbX3GxOkEg2Odj+HJrRKjYdDPCarpkwM0dMBwd7IZcnNQviAkNq5iTbAWn/M
9KjP2RL8B1afrwKQ9/LAC3ilm8VsKpUWGKavbk3hEC2huBy0plKg
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:43 2024 by rpki-client on console-ams.rpki-client.org