Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/oOvqYHOzYayznaOfRXOvuWQJciw.roa
File: oOvqYHOzYayznaOfRXOvuWQJciw.roa (raw, json)
Hash identifier: W82Zr2su9fgFB418qmnejfVb9XkFEppOUmqvNKUQjI4=
Subject key identifier: A0:EB:EA:60:73:B3:61:AC:B3:9D:A3:9F:45:73:AF:B9:64:09:72:2C
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018570D5462263A2A9CB7463B579AF6D6F96
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/oOvqYHOzYayznaOfRXOvuWQJciw.roa
Signing time: Mon 02 Jan 2023 04:55:03 +0000
ROA not before: Mon 02 Jan 2023 04:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42894
IP address blocks: 145.31.0.0/16 maxlen: 24
145.50.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
131.237.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 11:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:46:22:63:a2:a9:cb:74:63:b5:79:af:6d:6f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 04:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0ebea6073b361acb39da39f4573afb96409722c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6d:d5:67:55:71:ca:20:91:51:af:f4:9f:8d:
b2:fc:f2:bb:ff:8d:a8:b4:a1:03:b0:11:ab:4b:79:
ab:4d:74:a3:16:0d:9d:b0:46:72:8b:4a:9e:69:3f:
c7:ba:46:a1:61:0f:ba:a3:39:34:bb:32:21:77:30:
7d:e4:38:0b:71:7b:b0:7d:68:fa:92:2a:80:72:37:
b0:41:96:55:13:09:b9:12:6c:ef:8b:76:90:6a:8d:
22:6a:5e:30:b3:08:fd:17:8e:86:43:37:90:a6:95:
c4:0d:be:fa:ee:c8:cc:2c:22:ce:ab:50:00:fb:5c:
f5:11:4d:a5:70:8e:5c:f5:34:97:20:52:91:c7:d9:
f7:d5:2e:76:a2:d8:b3:92:d2:82:86:e6:2d:13:bf:
a0:a8:88:dc:e5:c1:fa:67:d8:7c:58:40:81:7a:4c:
3e:d7:1e:dc:9b:c5:fd:5f:05:96:2c:97:80:05:cb:
90:75:9f:15:82:1f:d1:11:bf:9b:ec:42:35:0f:8e:
f5:29:75:35:39:47:9f:f5:9a:f8:9f:59:7c:1d:58:
d0:18:e0:3d:38:6f:35:ca:ba:c6:4a:72:27:00:d7:
1d:5d:12:bc:37:5a:bd:62:30:e5:2c:ee:c7:12:08:
45:af:f2:bc:86:22:84:d0:1c:54:b8:b3:2b:4f:6b:
e1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EB:EA:60:73:B3:61:AC:B3:9D:A3:9F:45:73:AF:B9:64:09:72:2C
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/oOvqYHOzYayznaOfRXOvuWQJciw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:7b:87:d9:d4:ba:80:bb:a4:b8:f6:f2:ca:d7:69:71:15:9a:
47:01:91:d7:fa:26:a5:9e:1d:c1:d3:fa:2c:e7:18:9a:5b:c9:
c6:06:a9:1f:31:43:68:17:6a:45:d4:80:6e:f4:49:e6:79:e1:
de:b3:82:c2:8f:56:19:68:cb:f6:ad:ec:99:cf:8f:7f:5c:85:
f5:01:d5:d0:61:63:b3:74:25:0a:61:ca:85:ec:f1:07:e6:15:
ca:f7:46:0b:7d:10:9d:d0:38:05:ee:40:63:17:81:7a:5d:2a:
d0:27:29:b7:df:3c:c7:68:2b:6d:33:ff:8d:c4:aa:2a:07:b8:
00:5a:d7:ea:62:45:97:0d:32:7f:e9:da:d1:99:71:c4:f9:f0:
b8:9b:87:16:3d:e7:f2:f9:6a:ce:4b:14:ff:a7:d6:ae:da:c2:
29:0d:83:ef:98:77:6f:c9:ea:7c:1f:a5:cf:cb:c9:bf:89:89:
be:5c:93:4f:b4:08:e3:32:91:4b:97:2c:8a:bc:00:53:fe:4f:
f7:8b:f5:1b:1c:a1:4f:88:1a:02:d7:f5:dc:63:24:a2:60:3f:
72:23:23:76:48:ae:ab:f9:6c:60:e2:80:6c:d6:0a:6d:bd:54:
38:f6:70:2c:98:82:ed:85:b3:e3:14:12:e3:4a:74:5a:e5:8e:
ff:50:0d:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw1UYiY6Kpy3RjtXmvbW+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjMwMTAyMDQ1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGViZWE2MDczYjM2MWFjYjM5ZGEzOWY0NTczYWZiOTY0MDk3MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl23VZ1VxyiCRUa/0n42y/PK7/42o
tKEDsBGrS3mrTXSjFg2dsEZyi0qeaT/HukahYQ+6ozk0uzIhdzB95DgLcXuwfWj6
kiqAcjewQZZVEwm5Emzvi3aQao0ial4wswj9F46GQzeQppXEDb767sjMLCLOq1AA
+1z1EU2lcI5c9TSXIFKRx9n31S52otizktKChuYtE7+gqIjc5cH6Z9h8WECBekw+
1x7cm8X9XwWWLJeABcuQdZ8Vgh/REb+b7EI1D471KXU1OUef9Zr4n1l8HVjQGOA9
OG81yrrGSnInANcdXRK8N1q9YjDlLO7HEghFr/K8hiKE0BxUuLMrT2vhYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKDr6mBzs2Gss52jn0Vzr7lkCXIsMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvb092cVlIT3pZYXl6bmFPZlJYT3Z1V1FKY2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAATAVAwMAg+0DAwCR
HwMEB5EtAAMDAJEyMA0GCSqGSIb3DQEBCwUAA4IBAQBTe4fZ1LqAu6S49vLK12lx
FZpHAZHX+ialnh3B0/os5xiaW8nGBqkfMUNoF2pF1IBu9EnmeeHes4LCj1YZaMv2
reyZz49/XIX1AdXQYWOzdCUKYcqF7PEH5hXK90YLfRCd0DgF7kBjF4F6XSrQJym3
3zzHaCttM/+NxKoqB7gAWtfqYkWXDTJ/6drRmXHE+fC4m4cWPefy+WrOSxT/p9au
2sIpDYPvmHdvyep8H6XPy8m/iYm+XJNPtAjjMpFLlyyKvABT/k/3i/UbHKFPiBoC
1/XcYySiYD9yIyN2SK6r+Wxg4oBs1gptvVQ49nAsmILthbPjFBLjSnRa5Y7/UA18
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:02 2024 by rpki-client on console-ams.rpki-client.org