Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/OaxmNWynpJ06QrOjm_03oIc4T6g.roa
File: OaxmNWynpJ06QrOjm_03oIc4T6g.roa (raw, json)
Hash identifier: 2jwVTPulrNxHWKXJvscAeetXzGZPfPyaPDvqllE5v0g=
Subject key identifier: 39:AC:66:35:6C:A7:A4:9D:3A:42:B3:A3:9B:FD:37:A0:87:38:4F:A8
Certificate issuer: /CN=8f20f70f17d8b72c3e42aee03291298b54a4ff2f
Certificate serial: 018636764DB2D6D5B3229A54F42456F8C35B
Authority key identifier: 8F:20:F7:0F:17:D8:B7:2C:3E:42:AE:E0:32:91:29:8B:54:A4:FF:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/OaxmNWynpJ06QrOjm_03oIc4T6g.roa
Signing time: Thu 09 Feb 2023 13:56:08 +0000
ROA not before: Thu 09 Feb 2023 13:56:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205046
IP address blocks: 185.231.132.0/22 maxlen: 22
141.21.0.0/16 maxlen: 16
2a0c:7500::/29 maxlen: 29
2001:67c:2acc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:76:4d:b2:d6:d5:b3:22:9a:54:f4:24:56:f8:c3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f20f70f17d8b72c3e42aee03291298b54a4ff2f
Validity
Not Before: Feb 9 13:56:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39ac66356ca7a49d3a42b3a39bfd37a087384fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a2:ac:b7:b7:40:77:1b:55:a7:a8:6f:72:ec:
7a:f4:f6:cb:e7:aa:c5:52:65:84:18:59:d8:64:b8:
2b:1e:9e:8e:6f:2d:43:a4:36:41:da:42:14:b7:7e:
9c:3d:c8:19:9a:75:22:50:8b:ed:58:3e:28:aa:5a:
63:26:52:c0:58:5f:46:e1:ba:9f:57:3f:ec:9b:5f:
8c:03:21:d2:ce:3a:f5:27:e8:2f:3b:15:1e:53:de:
fa:8b:1c:73:b6:d6:0d:8e:55:82:54:93:fc:16:f9:
7a:89:d4:ce:b6:84:1d:05:1f:20:e4:3a:25:d0:f1:
35:31:c1:53:4d:b5:27:31:8f:bc:bb:33:80:78:b2:
7c:54:e0:5b:e4:5b:a0:94:7f:33:e9:6a:c6:cc:66:
9d:5e:50:06:2c:e6:af:76:ec:2e:87:a7:fe:db:9b:
50:5d:f1:33:5e:86:71:36:16:e3:4f:7d:3e:af:b8:
05:d6:48:47:23:4f:39:5b:62:b6:74:df:1d:c8:39:
a4:3f:f7:70:e6:cf:5d:bc:3e:42:34:28:33:89:68:
cd:cd:a6:94:b2:06:eb:aa:27:23:f5:b6:99:1c:bd:
f7:98:c7:d9:22:53:46:ce:18:a2:f8:07:ed:e2:5a:
20:a7:77:96:bd:03:76:6f:fb:18:3b:c5:1b:83:c6:
3b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AC:66:35:6C:A7:A4:9D:3A:42:B3:A3:9B:FD:37:A0:87:38:4F:A8
X509v3 Authority Key Identifier:
keyid:8F:20:F7:0F:17:D8:B7:2C:3E:42:AE:E0:32:91:29:8B:54:A4:FF:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/OaxmNWynpJ06QrOjm_03oIc4T6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/42c0c0-de6d-49b6-b450-c96a8da2c589/1/jyD3DxfYtyw-Qq7gMpEpi1Sk_y8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.21.0.0/16
185.231.132.0/22
IPv6:
2001:67c:2acc::/48
2a0c:7500::/29
Signature Algorithm: sha256WithRSAEncryption
66:26:02:75:d5:16:ed:46:e2:0f:2b:07:21:8f:fa:b4:03:0b:
62:6d:57:43:9a:e6:58:4a:e3:89:a1:44:af:dc:4c:fc:86:3f:
2d:05:3b:ff:d6:f5:fb:f6:31:b2:bd:7a:e8:b0:c8:6d:55:38:
a5:3c:05:05:16:05:e8:a0:d3:0c:52:c1:8d:63:ee:74:68:e5:
e3:96:fc:8d:9a:49:86:e5:85:27:42:10:b6:92:3a:37:96:bb:
cd:43:8e:c2:85:33:95:65:c7:6a:fa:90:a3:05:21:30:4e:78:
db:d5:36:ea:55:d9:2e:16:10:0e:1c:4e:4b:18:e3:d3:93:6c:
bf:5b:a2:bd:fc:c1:06:59:6e:42:74:1a:79:6d:92:4e:45:3f:
db:90:02:b0:94:f2:f2:2a:85:b1:57:1d:27:f5:10:40:e7:6b:
6c:3d:08:40:61:8d:17:8a:72:8e:15:3e:56:b7:72:a1:45:3f:
12:b1:52:b5:2c:28:72:d3:36:d8:56:1c:40:6d:f8:32:b8:87:
f7:7b:20:14:47:ac:22:12:0a:15:c1:8a:e9:8d:42:c5:81:2e:
0c:6e:8e:90:b0:67:9f:5a:93:a5:14:ee:b3:6c:90:ca:f0:17:
93:1d:8f:16:60:8d:1e:92:1a:14:5e:4a:09:9e:08:4f:f6:c0:
15:f0:2c:8c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYY2dk2y1tWzIppU9CRW+MNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjBmNzBmMTdkOGI3MmMzZTQyYWVlMDMyOTEyOThiNTRh
NGZmMmYwHhcNMjMwMjA5MTM1NjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFjNjYzNTZjYTdhNDlkM2E0MmIzYTM5YmZkMzdhMDg3Mzg0ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaKst7dAdxtVp6hvcux69PbL56rF
UmWEGFnYZLgrHp6Oby1DpDZB2kIUt36cPcgZmnUiUIvtWD4oqlpjJlLAWF9G4bqf
Vz/sm1+MAyHSzjr1J+gvOxUeU976ixxzttYNjlWCVJP8Fvl6idTOtoQdBR8g5Dol
0PE1McFTTbUnMY+8uzOAeLJ8VOBb5FuglH8z6WrGzGadXlAGLOavduwuh6f+25tQ
XfEzXoZxNhbjT30+r7gF1khHI085W2K2dN8dyDmkP/dw5s9dvD5CNCgziWjNzaaU
sgbrqicj9baZHL33mMfZIlNGzhii+Aft4logp3eWvQN2b/sYO8Ubg8Y7JQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDmsZjVsp6SdOkKzo5v9N6CHOE+oMB8GA1UdIwQY
MBaAFI8g9w8X2LcsPkKu4DKRKYtUpP8vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlEM0R4Zll0eXctUXE3Z01wRXBpMVNrX3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy80MmMwYzAtZGU2ZC00OWI2LWI0NTAt
Yzk2YThkYTJjNTg5LzEvT2F4bU5XeW5wSjA2UXJPam1fMDNvSWM0VDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy80MmMwYzAtZGU2ZC00OWI2LWI0NTAtYzk2YThkYTJjNTg5
LzEvanlEM0R4Zll0eXctUXE3Z01wRXBpMVNrX3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzARBAIAATALAwMAjRUDBAK5
54QwFgQCAAIwEAMHACABBnwqzAMFAyoMdQAwDQYJKoZIhvcNAQELBQADggEBAGYm
AnXVFu1G4g8rByGP+rQDC2JtV0Oa5lhK44mhRK/cTPyGPy0FO//W9fv2MbK9euiw
yG1VOKU8BQUWBeig0wxSwY1j7nRo5eOW/I2aSYblhSdCELaSOjeWu81DjsKFM5Vl
x2r6kKMFITBOeNvVNupV2S4WEA4cTksY49OTbL9bor38wQZZbkJ0Gnltkk5FP9uQ
ArCU8vIqhbFXHSf1EEDna2w9CEBhjReKco4VPla3cqFFPxKxUrUsKHLTNthWHEBt
+DK4h/d7IBRHrCISChXBiumNQsWBLgxujpCwZ59ak6UU7rNskMrwF5MdjxZgjR6S
GhReSgmeCE/2wBXwLIw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:36 2024 by rpki-client on console-fra.rpki-client.org