Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/OlQhkRwHxnqu-ZAJCOF-abkvkrI.roa
File: OlQhkRwHxnqu-ZAJCOF-abkvkrI.roa (raw, json)
Hash identifier: hI3PU/W7xUyr3FmwsDi/LH5kqoRo5vjvIVHqU8mz3P8=
Subject key identifier: 3A:54:21:91:1C:07:C6:7A:AE:F9:90:09:08:E1:7E:69:B9:2F:92:B2
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018D324C357D03D5EF0D0C3134E825487A05
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/OlQhkRwHxnqu-ZAJCOF-abkvkrI.roa
Signing time: Mon 22 Jan 2024 17:51:11 +0000
ROA not before: Mon 22 Jan 2024 17:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 16:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:4c:35:7d:03:d5:ef:0d:0c:31:34:e8:25:48:7a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 22 17:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a5421911c07c67aaef9900908e17e69b92f92b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:96:09:3c:91:38:72:92:c3:53:83:65:29:ea:
f0:4c:c4:18:8f:ab:0b:3c:3c:53:05:fa:2f:fe:fa:
5d:f6:9f:2e:a8:45:1d:64:28:52:c2:04:51:32:b8:
e6:de:69:9a:11:1a:39:fb:b8:53:54:de:06:92:1d:
28:8b:b9:3d:32:38:75:7b:41:25:1b:b1:26:af:60:
3d:81:41:96:65:dd:c6:b3:82:f7:eb:d5:ca:01:64:
b8:d4:3b:7f:29:d6:8f:ac:fb:ec:4c:7a:d8:c2:ea:
a1:ad:41:32:c4:5d:e2:b5:56:51:79:e6:35:9b:5e:
37:5c:56:8e:52:68:f1:1e:5f:96:78:27:d9:ed:93:
79:02:22:67:0d:cc:f6:74:7e:db:01:f4:c0:c6:26:
07:cf:75:74:e7:eb:25:4e:02:78:30:10:75:a3:1e:
96:3e:e0:31:e1:89:70:bb:ac:43:5a:3d:4f:9a:26:
d1:4e:62:7e:78:4f:23:88:76:1c:42:43:4a:50:81:
c0:63:c3:eb:bc:31:14:df:5d:38:fd:47:9c:99:91:
40:99:ea:f9:1d:7d:f0:d5:12:3d:4d:9c:b6:45:88:
98:7e:f0:73:17:dd:9b:2d:8b:3f:8b:8b:01:9e:9e:
58:2d:9a:dc:6d:72:b1:bc:c2:0b:39:62:8b:e2:e9:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:54:21:91:1C:07:C6:7A:AE:F9:90:09:08:E1:7E:69:B9:2F:92:B2
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/OlQhkRwHxnqu-ZAJCOF-abkvkrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
14.102.236.0/24
103.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:a5:10:47:14:7a:ff:84:fd:f0:59:0b:63:c8:fa:85:a8:54:
4b:e6:7e:2f:00:65:3a:6d:94:2e:15:95:38:3d:1e:2f:3a:99:
7e:4a:8e:62:bc:ef:cc:2e:14:e8:85:7a:b5:f1:dc:3e:3a:14:
70:8b:65:48:28:ed:c8:02:67:8e:2a:de:eb:f5:7f:04:42:dd:
66:30:e2:4c:ee:73:b0:1c:7d:7d:30:0b:9e:7e:e9:f2:34:10:
ff:70:06:a7:68:fa:71:23:a8:85:da:12:3d:b7:b6:71:51:6e:
16:06:d2:65:f3:8e:53:63:1b:dc:f1:91:f3:01:b1:26:98:21:
89:9e:75:cf:f7:4e:75:2a:07:5d:ee:5c:e9:18:fc:45:06:7c:
77:2b:fc:ff:5f:20:8e:1f:71:a3:0e:1f:81:09:e1:ac:95:21:
88:98:61:f7:dc:ff:c0:64:51:04:78:5c:11:28:1d:c2:8f:ba:
6c:5c:45:a1:47:0a:ea:50:62:b4:7b:4a:0c:a5:39:e7:b2:e6:
2f:4f:2f:92:6d:85:fb:8a:c7:1b:53:a7:f2:f1:d2:54:26:43:
8b:58:7c:01:6d:82:da:c3:2c:d2:1c:b5:07:8f:bd:7a:f3:e8:
e2:85:ee:45:ae:44:98:85:d9:0c:a3:93:5e:f7:33:c6:9f:38:
0c:86:62:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0yTDV9A9XvDQwxNOglSHoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTIyMTc1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU0MjE5MTFjMDdjNjdhYWVmOTkwMDkwOGUxN2U2OWI5MmY5MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJYJPJE4cpLDU4NlKerwTMQYj6sL
PDxTBfov/vpd9p8uqEUdZChSwgRRMrjm3mmaERo5+7hTVN4Gkh0oi7k9Mjh1e0El
G7Emr2A9gUGWZd3Gs4L369XKAWS41Dt/KdaPrPvsTHrYwuqhrUEyxF3itVZReeY1
m143XFaOUmjxHl+WeCfZ7ZN5AiJnDcz2dH7bAfTAxiYHz3V05+slTgJ4MBB1ox6W
PuAx4Ylwu6xDWj1PmibRTmJ+eE8jiHYcQkNKUIHAY8PrvDEU3104/UecmZFAmer5
HX3w1RI9TZy2RYiYfvBzF92bLYs/i4sBnp5YLZrcbXKxvMILOWKL4uleeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDpUIZEcB8Z6rvmQCQjhfmm5L5KyMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvT2xRaGtSd0h4bnF1LVpBSkNPRi1hYmt2a3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQADmbqAwQA
DmbsAwQAZy87MA0GCSqGSIb3DQEBCwUAA4IBAQDHpRBHFHr/hP3wWQtjyPqFqFRL
5n4vAGU6bZQuFZU4PR4vOpl+So5ivO/MLhTohXq18dw+OhRwi2VIKO3IAmeOKt7r
9X8EQt1mMOJM7nOwHH19MAuefunyNBD/cAanaPpxI6iF2hI9t7ZxUW4WBtJl845T
Yxvc8ZHzAbEmmCGJnnXP9051Kgdd7lzpGPxFBnx3K/z/XyCOH3GjDh+BCeGslSGI
mGH33P/AZFEEeFwRKB3Cj7psXEWhRwrqUGK0e0oMpTnnsuYvTy+SbYX7iscbU6fy
8dJUJkOLWHwBbYLawyzSHLUHj7168+jihe5FrkSYhdkMo5Ne9zPGnzgMhmLr
-----END CERTIFICATE-----
Generated at Wed Jan 31 20:20:29 2024 by rpki-client on console-fra.rpki-client.org