Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/OkxFtORsClG1cr5m-LzAXtg-vCU.roa
File: OkxFtORsClG1cr5m-LzAXtg-vCU.roa (raw, json)
Hash identifier: 9jQgh5fQVWTi4PEqq7ZP/C8YmOsseHOaN34a8Wqslpo=
Subject key identifier: 3A:4C:45:B4:E4:6C:0A:51:B5:72:BE:66:F8:BC:C0:5E:D8:3E:BC:25
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 01856F94D11CEA7152556800BE951ACA4191
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/OkxFtORsClG1cr5m-LzAXtg-vCU.roa
Signing time: Sun 01 Jan 2023 23:05:01 +0000
ROA not before: Sun 01 Jan 2023 23:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5588
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d1:1c:ea:71:52:55:68:00:be:95:1a:ca:41:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Jan 1 23:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a4c45b4e46c0a51b572be66f8bcc05ed83ebc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:40:36:db:1e:6e:1f:b4:06:c6:66:ee:02:
8d:87:8d:b2:ec:5a:17:97:05:05:00:9d:36:33:b2:
e9:cc:73:34:ad:73:ac:fc:5a:97:52:95:1e:ed:d8:
d9:54:89:83:ba:03:74:67:9e:78:b9:6b:15:b7:4c:
15:d8:55:1e:fe:6f:2f:8d:d4:8b:fa:33:db:63:1a:
21:51:a3:5d:43:5c:84:62:d6:e4:6e:69:92:c7:21:
1e:b5:91:ec:33:3c:53:97:17:c3:d3:57:79:16:a4:
de:fc:7a:98:19:2c:df:23:66:b0:84:f8:d5:ed:b5:
64:f8:67:03:a0:b5:3b:12:d5:23:9e:ea:48:2c:5e:
a1:b7:63:b7:13:95:c7:97:b5:5e:a0:64:ad:c5:af:
b8:80:06:7c:8c:a7:ba:fc:8f:8f:cd:a7:e3:9a:97:
08:a3:38:86:e0:cc:f0:2a:69:d0:09:9c:74:93:15:
a8:9f:77:60:25:d5:09:f6:88:f0:f6:c3:73:0a:0e:
5d:52:b1:21:f8:04:32:76:ff:73:a1:b5:6d:9d:e5:
3c:db:66:8c:bb:c5:e6:21:5b:80:81:a2:41:75:2c:
d1:8c:df:b3:de:ee:5e:b1:9b:29:57:8d:12:8b:ea:
a9:e1:05:7b:b0:18:88:76:df:d6:59:9d:b8:59:5c:
50:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4C:45:B4:E4:6C:0A:51:B5:72:BE:66:F8:BC:C0:5E:D8:3E:BC:25
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/OkxFtORsClG1cr5m-LzAXtg-vCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
73:1c:81:22:95:21:15:94:85:67:d5:7c:30:63:aa:79:9e:27:
72:ef:1c:18:a4:62:ab:8f:18:33:05:77:bc:a9:df:cd:08:3a:
85:b7:7d:08:1e:98:b0:c0:c3:18:50:17:b3:d1:b8:94:90:46:
53:c6:be:89:66:71:90:ff:41:dd:1c:51:e9:3b:92:cf:a7:af:
2c:a2:a8:05:99:7c:2b:3f:db:d7:54:0f:f2:c1:22:98:0e:30:
b0:0d:29:74:04:fd:a3:da:a2:c9:66:f4:16:f9:11:ab:ad:10:
ab:a5:ed:93:66:4d:7c:88:bb:f1:b3:c7:19:fb:b3:98:b7:ee:
10:2b:94:86:4e:9b:06:54:8e:75:8c:20:cd:42:df:21:ef:46:
33:8c:79:64:d7:3f:75:da:c4:ab:8c:fd:7b:19:c2:b6:17:e9:
14:62:c5:48:91:40:51:ff:44:43:6f:5c:bf:2e:82:00:27:2e:
7c:f9:0a:22:17:29:89:a6:13:09:93:6b:18:e5:84:c9:94:7a:
81:6d:0e:73:05:d1:9c:e6:5c:c9:d9:43:b8:b1:c7:97:2c:e9:
e7:a3:b7:7d:17:f9:6e:4f:27:ac:57:04:27:b9:d8:5c:40:53:
dc:d4:34:60:4a:e6:dc:42:1f:94:f5:8e:80:d4:e6:de:d1:17:
e5:ed:a8:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvlNEc6nFSVWgAvpUaykGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNl
OThlMjAwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRjNDViNGU0NmMwYTUxYjU3MmJlNjZmOGJjYzA1ZWQ4M2ViYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuxANtsebh+0BsZm7gKNh42y7FoX
lwUFAJ02M7LpzHM0rXOs/FqXUpUe7djZVImDugN0Z554uWsVt0wV2FUe/m8vjdSL
+jPbYxohUaNdQ1yEYtbkbmmSxyEetZHsMzxTlxfD01d5FqTe/HqYGSzfI2awhPjV
7bVk+GcDoLU7EtUjnupILF6ht2O3E5XHl7VeoGStxa+4gAZ8jKe6/I+PzafjmpcI
oziG4MzwKmnQCZx0kxWon3dgJdUJ9ojw9sNzCg5dUrEh+AQydv9zobVtneU822aM
u8XmIVuAgaJBdSzRjN+z3u5esZspV40Si+qp4QV7sBiIdt/WWZ24WVxQMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpMRbTkbApRtXK+Zvi8wF7YPrwlMB8GA1UdIwQY
MBaAFD4L6OSNugffIXEXRbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5Zjgt
MjBmOWYwZGJmNDU4LzEvT2t4RnRPUnNDbEcxY3I1bS1MekFYdGctdkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4
LzEvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF
1CbAAwQH1MuAAwQF1dpgMA0GCSqGSIb3DQEBCwUAA4IBAQBzHIEilSEVlIVn1Xww
Y6p5nidy7xwYpGKrjxgzBXe8qd/NCDqFt30IHpiwwMMYUBez0biUkEZTxr6JZnGQ
/0HdHFHpO5LPp68soqgFmXwrP9vXVA/ywSKYDjCwDSl0BP2j2qLJZvQW+RGrrRCr
pe2TZk18iLvxs8cZ+7OYt+4QK5SGTpsGVI51jCDNQt8h70YzjHlk1z912sSrjP17
GcK2F+kUYsVIkUBR/0RDb1y/LoIAJy58+QoiFymJphMJk2sY5YTJlHqBbQ5zBdGc
5lzJ2UO4sceXLOnno7d9F/luTyesVwQnudhcQFPc1DRgSubcQh+U9Y6A1Obe0Rfl
7ais
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:19 2024 by rpki-client on console-fra.rpki-client.org