Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a71a5c-1746-43c4-a67f-a8f76bd26a27/1/ofHdyrZpAGhPv2cU8D6LI8luO5E.roa
File: ofHdyrZpAGhPv2cU8D6LI8luO5E.roa (raw, json)
Hash identifier: LlOCchNugHwgf7RgKZRhl4wVrZaXjf05aqgj3xyS9WU=
Subject key identifier: A1:F1:DD:CA:B6:69:00:68:4F:BF:67:14:F0:3E:8B:23:C9:6E:3B:91
Certificate issuer: /CN=736b294f965dad640f9e353bf38f9af1191479ea
Certificate serial: 018B609678DFC8944C6ACDEEBD333378C785
Authority key identifier: 73:6B:29:4F:96:5D:AD:64:0F:9E:35:3B:F3:8F:9A:F1:19:14:79:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2spT5ZdrWQPnjU784-a8RkUeeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a71a5c-1746-43c4-a67f-a8f76bd26a27/1/ofHdyrZpAGhPv2cU8D6LI8luO5E.roa
Signing time: Tue 24 Oct 2023 07:29:15 +0000
ROA not before: Tue 24 Oct 2023 07:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209900
IP address blocks: 45.65.88.0/22 maxlen: 23
2a09:fe00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:96:78:df:c8:94:4c:6a:cd:ee:bd:33:33:78:c7:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736b294f965dad640f9e353bf38f9af1191479ea
Validity
Not Before: Oct 24 07:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1f1ddcab66900684fbf6714f03e8b23c96e3b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:3c:dc:94:3b:c3:0f:d3:14:5a:4b:0a:c1:
8c:cf:31:54:4b:69:17:10:56:15:c7:a2:50:ae:63:
51:b2:4b:e0:5b:2c:91:56:54:65:c5:33:cf:94:60:
05:ab:ad:9a:15:6d:9d:e6:0e:30:66:76:02:ca:7d:
24:99:69:d7:57:8f:41:a0:07:f8:31:c1:17:74:3c:
b6:dd:9e:8d:2b:69:f4:4b:7c:1d:79:f9:14:e7:33:
47:ed:46:b9:0e:a2:8b:29:29:c1:38:1e:32:93:9a:
bd:c9:ec:17:5a:e3:db:0a:47:d0:70:bd:ea:6e:f2:
67:4d:ac:12:f9:ad:06:70:5c:64:56:44:71:0e:25:
68:05:26:aa:d5:8d:fb:a0:a1:00:ad:c1:62:56:ab:
cd:ae:e4:c8:67:8a:54:a1:43:99:1e:50:da:c8:e4:
79:0f:26:9a:4a:9d:98:56:3f:13:da:1f:ad:0e:0e:
b6:c2:4c:47:ae:aa:6f:54:db:fa:29:18:fd:a6:49:
58:50:42:e7:86:91:39:cb:ca:9a:cb:c4:37:71:04:
fd:9e:1f:6b:99:20:00:6e:1d:d9:cc:fd:f0:60:78:
fe:a4:48:16:51:e4:e5:11:ac:ca:89:2a:c9:41:12:
91:6d:00:fd:76:d6:1f:b3:b5:d8:1b:54:4f:87:40:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F1:DD:CA:B6:69:00:68:4F:BF:67:14:F0:3E:8B:23:C9:6E:3B:91
X509v3 Authority Key Identifier:
keyid:73:6B:29:4F:96:5D:AD:64:0F:9E:35:3B:F3:8F:9A:F1:19:14:79:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2spT5ZdrWQPnjU784-a8RkUeeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a71a5c-1746-43c4-a67f-a8f76bd26a27/1/ofHdyrZpAGhPv2cU8D6LI8luO5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a71a5c-1746-43c4-a67f-a8f76bd26a27/1/c2spT5ZdrWQPnjU784-a8RkUeeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.88.0/22
IPv6:
2a09:fe00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:3c:af:6f:ba:49:98:00:59:86:d5:68:1f:53:77:2a:28:c2:
fb:b4:09:d6:f6:5a:33:43:9e:73:ff:67:3b:30:80:f6:16:59:
95:65:21:50:a3:ae:0d:e1:24:40:f6:4d:ff:57:a3:e8:46:ab:
1d:9a:54:5a:6b:52:75:8b:4c:b5:9a:eb:b2:67:81:0f:76:2f:
ea:db:69:3a:12:b9:8d:08:6d:ae:b0:65:29:2d:f9:04:62:fb:
fe:31:79:8e:91:11:c9:38:00:c2:2b:6c:69:ba:e6:09:28:b5:
bc:34:b9:1d:14:77:6b:1b:68:19:a6:95:99:73:cb:8c:24:24:
03:9e:93:0e:df:01:cc:83:06:0b:d5:d3:fb:40:55:93:09:c6:
2e:64:58:c8:e0:d6:66:64:43:79:69:3e:d3:60:2d:fc:d4:c5:
c8:90:d6:ef:c3:c8:a6:5a:37:f7:01:2b:ee:62:d7:a5:a9:18:
05:f2:e1:15:6f:ed:9d:12:08:47:f9:6d:79:3c:4e:8e:70:ea:
79:93:1b:d0:d4:53:4c:75:a5:10:71:4e:68:c3:6d:89:73:e5:
f5:ed:e5:be:c9:f6:b1:cb:fb:a0:15:eb:ec:d5:af:0e:98:60:
94:1e:2b:00:2a:60:1b:d6:9e:8a:02:d9:dc:d4:05:f3:c8:f8:
fb:28:07:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtglnjfyJRMas3uvTMzeMeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNmIyOTRmOTY1ZGFkNjQwZjllMzUzYmYzOGY5YWYxMTkx
NDc5ZWEwHhcNMjMxMDI0MDcyOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYxZGRjYWI2NjkwMDY4NGZiZjY3MTRmMDNlOGIyM2M5NmUzYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT483JQ7ww/TFFpLCsGMzzFUS2kX
EFYVx6JQrmNRskvgWyyRVlRlxTPPlGAFq62aFW2d5g4wZnYCyn0kmWnXV49BoAf4
McEXdDy23Z6NK2n0S3wdefkU5zNH7Ua5DqKLKSnBOB4yk5q9yewXWuPbCkfQcL3q
bvJnTawS+a0GcFxkVkRxDiVoBSaq1Y37oKEArcFiVqvNruTIZ4pUoUOZHlDayOR5
DyaaSp2YVj8T2h+tDg62wkxHrqpvVNv6KRj9pklYUELnhpE5y8qay8Q3cQT9nh9r
mSAAbh3ZzP3wYHj+pEgWUeTlEazKiSrJQRKRbQD9dtYfs7XYG1RPh0A07QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKHx3cq2aQBoT79nFPA+iyPJbjuRMB8GA1UdIwQY
MBaAFHNrKU+WXa1kD541O/OPmvEZFHnqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJzcFQ1WmRyV1FQbmpVNzg0LWE4UmtVZWVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNzFhNWMtMTc0Ni00M2M0LWE2N2Yt
YThmNzZiZDI2YTI3LzEvb2ZIZHlyWnBBR2hQdjJjVThENkxJOGx1TzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNzFhNWMtMTc0Ni00M2M0LWE2N2YtYThmNzZiZDI2YTI3
LzEvYzJzcFQ1WmRyV1FQbmpVNzg0LWE4UmtVZWVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUFYMA0E
AgACMAcDBQMqCf4AMA0GCSqGSIb3DQEBCwUAA4IBAQCaPK9vukmYAFmG1WgfU3cq
KML7tAnW9lozQ55z/2c7MID2FlmVZSFQo64N4SRA9k3/V6PoRqsdmlRaa1J1i0y1
muuyZ4EPdi/q22k6ErmNCG2usGUpLfkEYvv+MXmOkRHJOADCK2xpuuYJKLW8NLkd
FHdrG2gZppWZc8uMJCQDnpMO3wHMgwYL1dP7QFWTCcYuZFjI4NZmZEN5aT7TYC38
1MXIkNbvw8imWjf3ASvuYtelqRgF8uEVb+2dEghH+W15PE6OcOp5kxvQ1FNMdaUQ
cU5ow22Jc+X17eW+yfaxy/ugFevs1a8OmGCUHisAKmAb1p6KAtnc1AXzyPj7KAe/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:47 2024 by rpki-client on console-fra.rpki-client.org