Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/AokSMaT5M-q6facNFA3L-OXqqZw.roa
File: AokSMaT5M-q6facNFA3L-OXqqZw.roa (raw, json)
Hash identifier: LD8TnxQHs4c0ZhFOjNpogGMM5hLAt7rv/FHzSft0DtA=
Subject key identifier: 02:89:12:31:A4:F9:33:EA:BA:7D:A7:0D:14:0D:CB:F8:E5:EA:A9:9C
Certificate issuer: /CN=ca5e3ec5a90623ccb97784d3cef24212a31cbaf1
Certificate serial: 01856D0187782737D7B32130E10F6E8E42A8
Authority key identifier: CA:5E:3E:C5:A9:06:23:CC:B9:77:84:D3:CE:F2:42:12:A3:1C:BA:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yl4-xakGI8y5d4TTzvJCEqMcuvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/AokSMaT5M-q6facNFA3L-OXqqZw.roa
Signing time: Sun 01 Jan 2023 11:04:54 +0000
ROA not before: Sun 01 Jan 2023 11:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 185.114.216.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:87:78:27:37:d7:b3:21:30:e1:0f:6e:8e:42:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca5e3ec5a90623ccb97784d3cef24212a31cbaf1
Validity
Not Before: Jan 1 11:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02891231a4f933eaba7da70d140dcbf8e5eaa99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:6f:03:45:60:1c:b9:26:b3:e8:68:ad:3f:
84:2b:58:ec:3a:fa:4b:b1:6d:08:9c:d1:d9:61:cd:
f5:34:4f:3e:16:ff:cd:f8:fa:af:96:d1:6c:ff:5b:
04:51:b2:1b:89:b0:6a:e2:2b:5b:8f:08:e7:ac:4d:
fb:c7:a5:82:81:bd:0b:44:8d:b4:3d:33:e7:49:ca:
84:99:e6:e3:61:b2:de:f6:5b:b8:8c:a9:e4:1d:44:
c0:8f:c9:c9:47:71:94:38:4d:2a:b4:b4:37:97:17:
c0:33:3b:20:b8:ab:65:2c:87:3a:d3:4f:ea:d0:b9:
67:0a:42:bb:42:f5:93:33:e6:92:e0:5a:bb:7c:23:
1f:c8:d8:40:57:ad:a0:dc:63:2e:fb:77:f1:53:a8:
d3:89:61:74:a7:6d:11:86:a7:68:6a:2e:fb:5c:c8:
0e:b3:63:a0:57:f6:98:cc:66:ae:7a:5d:7b:10:68:
72:fa:86:60:0c:a6:64:41:93:c2:12:bc:b9:c9:08:
b6:f2:32:62:6c:63:3a:73:d4:65:0e:0e:94:c6:74:
8a:f3:86:b1:9a:3b:47:1e:14:26:68:b0:36:50:8b:
4a:72:02:f8:7d:94:1b:c2:0b:94:e7:16:1e:98:a2:
4e:95:f8:dd:30:1c:ac:4f:5c:ab:ae:03:8d:e0:57:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:89:12:31:A4:F9:33:EA:BA:7D:A7:0D:14:0D:CB:F8:E5:EA:A9:9C
X509v3 Authority Key Identifier:
keyid:CA:5E:3E:C5:A9:06:23:CC:B9:77:84:D3:CE:F2:42:12:A3:1C:BA:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yl4-xakGI8y5d4TTzvJCEqMcuvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/AokSMaT5M-q6facNFA3L-OXqqZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/yl4-xakGI8y5d4TTzvJCEqMcuvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.216.0/23
Signature Algorithm: sha256WithRSAEncryption
69:92:6c:85:25:17:97:30:2d:e1:d6:09:8f:ea:e0:50:62:04:
d8:cb:ff:53:6e:cc:eb:3f:95:db:12:25:05:0d:da:27:4f:31:
56:e0:45:2c:e4:71:76:97:df:16:bc:9f:03:e7:c2:6c:c0:96:
1a:e5:12:c8:c7:91:20:94:3c:97:df:a6:2c:ca:63:05:b6:fc:
56:19:c5:9b:e5:46:f9:9c:ad:39:b0:4a:ca:83:88:6a:2b:92:
29:09:c3:c7:4b:59:06:26:f8:6f:0e:e4:0f:04:9f:fb:d3:45:
67:37:62:32:9f:f8:6f:98:54:cd:04:25:83:f0:d2:25:35:ea:
dc:a0:e8:a1:a2:31:4f:3d:75:d2:6a:43:a2:a9:e6:55:cc:64:
9d:a7:c6:4b:c0:84:b8:4b:4b:7e:35:1f:7d:db:40:bd:86:1d:
71:eb:bb:bc:67:bb:e7:ce:b2:82:e2:86:f4:f7:6d:46:8e:82:
25:c5:b6:a3:e0:3e:ef:f6:55:ff:36:d5:60:52:41:2c:be:1e:
0f:f3:6b:ac:16:d2:6f:80:25:f5:a9:26:c5:0f:20:74:17:1a:
f5:fc:e4:be:03:c1:e9:e6:e0:a8:d7:4c:29:fd:29:6b:fd:1a:
c7:c3:5f:07:7a:fc:52:ec:22:58:6f:c9:06:c2:c0:0f:3a:aa:
dd:af:5a:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAYd4JzfXsyEw4Q9ujkKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNWUzZWM1YTkwNjIzY2NiOTc3ODRkM2NlZjI0MjEyYTMx
Y2JhZjEwHhcNMjMwMTAxMTEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg5MTIzMWE0ZjkzM2VhYmE3ZGE3MGQxNDBkY2JmOGU1ZWFhOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLhvA0VgHLkms+horT+EK1jsOvpL
sW0InNHZYc31NE8+Fv/N+PqvltFs/1sEUbIbibBq4itbjwjnrE37x6WCgb0LRI20
PTPnScqEmebjYbLe9lu4jKnkHUTAj8nJR3GUOE0qtLQ3lxfAMzsguKtlLIc600/q
0LlnCkK7QvWTM+aS4Fq7fCMfyNhAV62g3GMu+3fxU6jTiWF0p20Rhqdoai77XMgO
s2OgV/aYzGauel17EGhy+oZgDKZkQZPCEry5yQi28jJibGM6c9RlDg6UxnSK84ax
mjtHHhQmaLA2UItKcgL4fZQbwguU5xYemKJOlfjdMBysT1yrrgON4FfgowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKJEjGk+TPqun2nDRQNy/jl6qmcMB8GA1UdIwQY
MBaAFMpePsWpBiPMuXeE087yQhKjHLrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWw0LXhha0dJOHk1ZDRUVHp2SkNFcU1jdXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZjkyYmQtMzVkMC00NTcwLWI1ZDMt
NmYzMWY2ZjdmMTZiLzEvQW9rU01hVDVNLXE2ZmFjTkZBM0wtT1hxcVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZjkyYmQtMzVkMC00NTcwLWI1ZDMtNmYzMWY2ZjdmMTZi
LzEveWw0LXhha0dJOHk1ZDRUVHp2SkNFcU1jdXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXLYMA0G
CSqGSIb3DQEBCwUAA4IBAQBpkmyFJReXMC3h1gmP6uBQYgTYy/9TbszrP5XbEiUF
DdonTzFW4EUs5HF2l98WvJ8D58JswJYa5RLIx5EglDyX36YsymMFtvxWGcWb5Ub5
nK05sErKg4hqK5IpCcPHS1kGJvhvDuQPBJ/700VnN2Iyn/hvmFTNBCWD8NIlNerc
oOihojFPPXXSakOiqeZVzGSdp8ZLwIS4S0t+NR9920C9hh1x67u8Z7vnzrKC4ob0
921GjoIlxbaj4D7v9lX/NtVgUkEsvh4P82usFtJvgCX1qSbFDyB0Fxr1/OS+A8Hp
5uCo10wp/Slr/RrHw18HevxS7CJYb8kGwsAPOqrdr1qz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:15 2024 by rpki-client on console-fra.rpki-client.org