Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/oUejMcav8n9YYNrua-5cLWdcr6A.roa
File: oUejMcav8n9YYNrua-5cLWdcr6A.roa (raw, json)
Hash identifier: MfaPg754JslMvULpKQ4IGRvx4Aib7/aT9vw9mtMunz0=
Subject key identifier: A1:47:A3:31:C6:AF:F2:7F:58:60:DA:EE:6B:EE:5C:2D:67:5C:AF:A0
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018A26649285259209CD7EF9C7758C9943D5
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/oUejMcav8n9YYNrua-5cLWdcr6A.roa
Signing time: Thu 24 Aug 2023 07:13:59 +0000
ROA not before: Thu 24 Aug 2023 07:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210539
IP address blocks: 185.162.90.0/24 maxlen: 24
185.170.130.0/24 maxlen: 24
185.170.128.0/24 maxlen: 24
185.165.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:64:92:85:25:92:09:cd:7e:f9:c7:75:8c:99:43:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Aug 24 07:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a147a331c6aff27f5860daee6bee5c2d675cafa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ab:46:7e:39:83:22:7e:91:10:3d:5f:c6:8c:
52:5d:f6:79:8f:02:f1:ff:a6:be:ec:e5:1b:0a:3d:
bc:60:f4:09:0d:b8:de:a0:6b:f1:4e:cb:13:c5:6d:
9a:ca:47:44:dc:62:9e:f2:01:b4:44:be:1f:ba:f1:
01:46:25:4d:0f:bf:d3:75:a3:bd:24:df:4a:41:63:
98:fe:f6:45:ce:2c:b8:ce:7c:f1:c8:b0:2d:d8:dd:
c2:d9:dc:d4:9e:09:70:29:be:28:11:e5:0c:a0:d6:
6d:7f:df:f3:73:fb:af:80:06:10:b5:2b:f2:e5:d7:
85:b2:3a:6c:4f:69:2b:c7:bb:b3:da:26:56:9b:97:
96:8b:73:0f:1c:34:bd:05:be:6b:09:18:60:30:ba:
57:47:4d:7c:48:55:04:60:98:7b:10:d9:76:cf:f2:
b0:7f:ef:47:91:8d:be:11:e9:3d:fa:0f:1d:b3:77:
96:15:cd:65:ba:f9:e5:66:d9:d4:ed:7f:3b:19:8a:
eb:a8:17:f3:18:a0:27:93:a8:52:67:f2:17:ba:83:
54:54:b5:1e:45:14:98:a9:a5:54:e0:81:00:ef:f2:
05:c7:01:a6:60:4f:54:3a:05:2d:f6:57:a3:aa:36:
db:df:eb:2e:58:b4:1c:bc:32:81:ee:1d:6e:5a:5c:
b6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:47:A3:31:C6:AF:F2:7F:58:60:DA:EE:6B:EE:5C:2D:67:5C:AF:A0
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/oUejMcav8n9YYNrua-5cLWdcr6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.90.0/24
185.165.154.0/24
185.170.128.0/24
185.170.130.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f3:1b:5d:7e:64:53:ed:28:4a:b2:2d:96:c9:35:62:f9:69:
b5:7e:0e:51:68:a5:19:c8:3a:11:61:ac:56:d1:31:5d:91:4e:
3f:86:d6:18:5f:64:de:5e:ee:44:1b:b0:58:fa:69:e0:67:fc:
a9:a9:18:1d:e3:c8:b7:30:fc:5e:f6:c9:94:4d:52:2c:9f:8f:
3c:9e:2b:e5:02:74:89:bc:ef:ee:e5:ec:dd:5b:3f:9e:ec:f7:
7b:6f:fa:f4:d6:82:c8:65:77:90:f5:64:8b:07:c0:44:73:ff:
bf:f7:95:9e:d1:2a:22:fe:a9:5b:83:bc:4c:61:64:d8:21:c8:
f7:ac:da:37:87:4d:fe:89:94:7f:b5:9e:cf:b4:69:af:c0:de:
82:51:c0:c2:ff:cf:3f:8d:c6:10:e3:b6:64:4f:6a:e9:47:0c:
ff:d3:d5:20:5f:f1:fc:17:d2:97:f5:72:a9:5a:09:4e:ba:47:
8a:d8:98:f9:39:0a:13:39:e8:44:4e:f6:46:04:7d:eb:c9:0a:
65:b6:70:a8:f0:e0:48:ce:b9:5e:33:dd:08:37:b0:21:31:11:
4d:e3:84:33:9c:e2:47:26:00:26:fd:db:7a:77:92:a9:b6:d9:
f7:a8:cb:ac:05:56:cb:c3:73:67:28:b6:17:71:30:a9:d8:6d:
48:0a:c0:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYomZJKFJZIJzX75x3WMmUPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjMwODI0MDcxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ3YTMzMWM2YWZmMjdmNTg2MGRhZWU2YmVlNWMyZDY3NWNhZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KtGfjmDIn6RED1fxoxSXfZ5jwLx
/6a+7OUbCj28YPQJDbjeoGvxTssTxW2aykdE3GKe8gG0RL4fuvEBRiVND7/TdaO9
JN9KQWOY/vZFziy4znzxyLAt2N3C2dzUnglwKb4oEeUMoNZtf9/zc/uvgAYQtSvy
5deFsjpsT2krx7uz2iZWm5eWi3MPHDS9Bb5rCRhgMLpXR018SFUEYJh7ENl2z/Kw
f+9HkY2+Eek9+g8ds3eWFc1luvnlZtnU7X87GYrrqBfzGKAnk6hSZ/IXuoNUVLUe
RRSYqaVU4IEA7/IFxwGmYE9UOgUt9lejqjbb3+suWLQcvDKB7h1uWly2LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFHozHGr/J/WGDa7mvuXC1nXK+gMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvb1Vlak1jYXY4bjlZWU5ydWEtNWNMV2RjcjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaJaAwQA
uaWaAwQAuaqAAwQAuaqCMA0GCSqGSIb3DQEBCwUAA4IBAQCf8xtdfmRT7ShKsi2W
yTVi+Wm1fg5RaKUZyDoRYaxW0TFdkU4/htYYX2TeXu5EG7BY+mngZ/ypqRgd48i3
MPxe9smUTVIsn488nivlAnSJvO/u5ezdWz+e7Pd7b/r01oLIZXeQ9WSLB8BEc/+/
95We0Soi/qlbg7xMYWTYIcj3rNo3h03+iZR/tZ7PtGmvwN6CUcDC/88/jcYQ47Zk
T2rpRwz/09UgX/H8F9KX9XKpWglOukeK2Jj5OQoTOehETvZGBH3ryQpltnCo8OBI
zrleM90IN7AhMRFN44QznOJHJgAm/dt6d5Kpttn3qMusBVbLw3NnKLYXcTCp2G1I
CsCF
-----END CERTIFICATE-----
Generated at Mon Sep 4 11:16:18 2023 by rpki-client on console-ams.rpki-client.org