Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oX2YvXazo5Xr3QB82h4OjLDnnOQ.roa
File: oX2YvXazo5Xr3QB82h4OjLDnnOQ.roa (raw, json)
Hash identifier: PHEEHhpiT72VmMk1Uy3ToZ5GS3nIMtErAo0ykPzb1Nw=
Subject key identifier: A1:7D:98:BD:76:B3:A3:95:EB:DD:00:7C:DA:1E:0E:8C:B0:E7:9C:E4
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01888A252D6CA543E8EB95393BA88ABDD08A
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oX2YvXazo5Xr3QB82h4OjLDnnOQ.roa
Signing time: Mon 05 Jun 2023 06:01:12 +0000
ROA not before: Mon 05 Jun 2023 06:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.143.211.0/24 maxlen: 24
194.143.210.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:25:2d:6c:a5:43:e8:eb:95:39:3b:a8:8a:bd:d0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 5 06:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a17d98bd76b3a395ebdd007cda1e0e8cb0e79ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:27:89:13:7d:b9:fd:29:4d:c8:95:14:85:59:
de:a1:3a:2d:0f:f4:ca:5f:48:9d:5c:db:61:66:25:
cc:b7:c1:a4:1c:1c:67:4c:f9:4d:9e:72:57:28:21:
22:1b:5c:3a:19:41:46:6f:98:22:a9:0c:b7:93:55:
d5:c6:ff:2f:73:6f:b2:80:f5:f6:8a:d6:f5:73:58:
76:8a:23:62:0b:ce:23:7d:fe:89:b7:f8:d7:8c:4c:
5f:32:d5:d2:de:3d:02:13:3c:f5:88:bb:c9:37:3c:
e3:b9:a6:02:93:8f:18:66:dc:98:7d:60:dc:57:93:
d2:81:39:48:a1:f1:02:c6:2f:72:eb:1f:9b:9f:ba:
21:34:71:4d:ac:fb:18:1c:7b:1f:86:48:3b:1b:31:
52:ec:82:54:60:7e:c4:8d:19:56:9b:d4:b8:9e:5b:
a3:00:4b:51:3d:78:f8:9d:b0:a8:43:b0:cd:cb:00:
b7:f9:f3:5b:4d:9d:3b:73:28:14:70:58:2a:d2:d8:
ae:71:ef:a6:9b:e1:05:d3:f8:73:85:8d:71:86:02:
a6:23:c6:f1:e7:a7:60:f4:05:4b:32:85:6c:ab:11:
71:03:fa:ed:21:ad:4d:43:b0:66:1c:42:c0:cd:83:
5f:b4:c0:e0:f7:33:73:39:46:b4:d8:ea:d7:d2:86:
1a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7D:98:BD:76:B3:A3:95:EB:DD:00:7C:DA:1E:0E:8C:B0:E7:9C:E4
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oX2YvXazo5Xr3QB82h4OjLDnnOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.210.0/23
194.143.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:de:77:f0:c7:d2:0f:5b:0d:f0:b8:64:14:46:21:37:7c:60:
c7:7e:b0:dd:e8:8d:37:6c:dd:45:f4:0c:60:b4:1c:45:dc:25:
08:cf:b6:3e:c6:c2:fa:1d:17:4a:f5:22:58:e3:14:fe:fa:5e:
d4:e4:18:fe:64:54:b6:1d:1d:72:dc:87:a5:ba:4a:2c:9d:41:
d9:ef:fd:f6:4e:9f:f4:89:b7:71:da:92:4b:59:77:dd:54:e5:
1f:0e:b7:4c:b0:8d:4d:e0:03:d9:f3:fb:d1:a1:8e:54:e1:a1:
22:26:a3:8e:bc:2c:1c:e4:bb:7f:98:59:3c:06:46:d1:0b:a3:
65:1e:35:1b:09:aa:5d:e5:cf:94:4b:4a:75:40:3a:02:be:08:
ce:cf:2d:54:f9:ef:e7:82:e9:ef:c2:25:52:5f:61:26:2a:94:
17:10:a4:9a:4b:ed:a8:d5:6e:7e:9b:ca:7e:63:a5:df:dc:d6:
b4:a6:66:76:ee:ea:86:b5:74:f5:e7:c2:57:cb:07:56:fd:31:
a2:d6:64:be:76:4a:9d:e7:29:37:49:45:99:41:f4:bc:6f:41:
20:9b:79:f2:8e:23:b6:f3:40:a9:b3:7a:1a:a4:42:86:ff:45:
d0:87:ec:35:e5:56:14:78:3b:61:22:06:30:e7:bc:6d:f6:a0:
f0:91:db:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiKJS1spUPo65U5O6iKvdCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNjA1MDYwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdkOThiZDc2YjNhMzk1ZWJkZDAwN2NkYTFlMGU4Y2IwZTc5Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ieJE325/SlNyJUUhVneoTotD/TK
X0idXNthZiXMt8GkHBxnTPlNnnJXKCEiG1w6GUFGb5giqQy3k1XVxv8vc2+ygPX2
itb1c1h2iiNiC84jff6Jt/jXjExfMtXS3j0CEzz1iLvJNzzjuaYCk48YZtyYfWDc
V5PSgTlIofECxi9y6x+bn7ohNHFNrPsYHHsfhkg7GzFS7IJUYH7EjRlWm9S4nluj
AEtRPXj4nbCoQ7DNywC3+fNbTZ07cygUcFgq0tiuce+mm+EF0/hzhY1xhgKmI8bx
56dg9AVLMoVsqxFxA/rtIa1NQ7BmHELAzYNftMDg9zNzOUa02OrX0oYazQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKF9mL12s6OV690AfNoeDoyw55zkMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvb1gyWXZYYXpvNVhyM1FCODJoNE9qTERubk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwo/SAwQA
wo/eMA0GCSqGSIb3DQEBCwUAA4IBAQCK3nfwx9IPWw3wuGQURiE3fGDHfrDd6I03
bN1F9AxgtBxF3CUIz7Y+xsL6HRdK9SJY4xT++l7U5Bj+ZFS2HR1y3IelukosnUHZ
7/32Tp/0ibdx2pJLWXfdVOUfDrdMsI1N4APZ8/vRoY5U4aEiJqOOvCwc5Lt/mFk8
BkbRC6NlHjUbCapd5c+US0p1QDoCvgjOzy1U+e/ngunvwiVSX2EmKpQXEKSaS+2o
1W5+m8p+Y6Xf3Na0pmZ27uqGtXT158JXywdW/TGi1mS+dkqd5yk3SUWZQfS8b0Eg
m3nyjiO280Cps3oapEKG/0XQh+w15VYUeDthIgYw57xt9qDwkdtl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:42 2023 by rpki-client on console-ams.rpki-client.org