Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/_OhHW1XxaBQDMeCUqVJ3s2pWeZ4.roa
File: _OhHW1XxaBQDMeCUqVJ3s2pWeZ4.roa (raw, json)
Hash identifier: K6YkCClusGHlVvGbYasDlQ5M6+rHvmovPZ5JBf1O+nM=
Subject key identifier: FC:E8:47:5B:55:F1:68:14:03:31:E0:94:A9:52:77:B3:6A:56:79:9E
Certificate issuer: /CN=da834df1dafa7fe6ead360b3ee75a2931af1ffe9
Certificate serial: 0185723A32D2A16420625C9D290292983635
Authority key identifier: DA:83:4D:F1:DA:FA:7F:E6:EA:D3:60:B3:EE:75:A2:93:1A:F1:FF:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oNN8dr6f-bq02Cz7nWikxrx_-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/_OhHW1XxaBQDMeCUqVJ3s2pWeZ4.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 185.195.228.0/24 maxlen: 24
185.195.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:32:d2:a1:64:20:62:5c:9d:29:02:92:98:36:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da834df1dafa7fe6ead360b3ee75a2931af1ffe9
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fce8475b55f168140331e094a95277b36a56799e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:50:99:4f:e5:f8:a8:de:99:b2:b8:93:c3:
6a:38:d9:e4:e7:0e:7e:1a:e7:14:9f:a6:43:68:d0:
51:86:0f:00:cb:c0:f0:73:5b:fb:b4:96:4c:86:2a:
1f:cb:78:48:85:6d:97:f7:b4:f7:0a:90:76:0b:14:
ae:20:33:9c:83:59:82:b2:bc:02:48:4e:ee:0c:43:
4c:87:0a:6b:2c:18:ff:0b:a7:50:bf:60:f9:79:09:
e9:fb:2a:32:49:b6:38:ef:05:2b:ea:c6:27:67:2e:
62:d6:f3:ac:2a:d4:c5:eb:11:8c:e4:e3:19:22:7b:
f1:0e:80:b8:d0:1b:7b:93:af:1c:44:fd:b7:45:c0:
9a:47:99:67:dd:ca:56:87:59:69:f8:88:df:b4:bc:
f9:ab:9c:38:d9:05:9d:58:e5:89:8a:9d:31:6b:d3:
5d:5a:ab:32:f8:b1:18:e6:ba:9c:19:9f:64:a1:de:
94:fd:55:7b:4c:9e:81:95:27:ea:32:b6:90:60:b5:
e4:95:b4:d7:d1:84:c9:19:a9:57:a6:e9:da:0e:0a:
26:d9:d5:ae:e7:1b:e9:65:f0:55:e7:cb:9a:f8:1a:
dc:c7:76:fb:f6:1c:01:6f:51:a7:45:3e:96:3d:86:
50:82:4f:2a:19:ba:61:1c:72:2b:6e:11:0e:29:15:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E8:47:5B:55:F1:68:14:03:31:E0:94:A9:52:77:B3:6A:56:79:9E
X509v3 Authority Key Identifier:
keyid:DA:83:4D:F1:DA:FA:7F:E6:EA:D3:60:B3:EE:75:A2:93:1A:F1:FF:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oNN8dr6f-bq02Cz7nWikxrx_-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/_OhHW1XxaBQDMeCUqVJ3s2pWeZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/2oNN8dr6f-bq02Cz7nWikxrx_-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.228.0/23
Signature Algorithm: sha256WithRSAEncryption
92:6c:45:38:07:fd:41:97:21:a6:05:68:7a:a1:fd:46:d1:a6:
11:7c:99:72:f3:79:39:96:dd:87:23:b3:d6:31:2e:d1:26:c8:
7e:05:1f:25:68:dc:76:c8:62:ee:e7:8b:92:59:3a:2e:d7:17:
f2:9c:a0:a9:90:09:5b:c4:c5:06:26:e3:98:97:8d:c1:1f:ba:
57:78:32:4f:af:c0:6c:9d:8b:5d:4a:0a:5c:0d:a8:49:2e:bd:
19:1e:06:d5:29:80:20:f5:2f:d4:3f:83:94:67:b3:09:67:ab:
e3:7c:da:72:e6:d8:ef:bc:b7:ba:85:b1:2b:f9:23:6a:45:4b:
82:c8:f6:3c:15:76:00:6c:b7:0f:49:73:9b:91:48:28:41:0e:
be:91:e8:46:d6:fa:a9:09:ab:e0:ce:f1:52:32:82:19:e4:d1:
b4:0f:28:06:6f:4f:75:fb:a6:58:78:87:47:53:54:96:fe:94:
f5:bf:f2:ff:9f:9b:82:7a:64:6d:e0:89:35:1d:ec:51:d8:77:
7b:44:cf:da:27:b6:cd:1f:f7:a2:e6:11:17:e8:b9:05:0a:4e:
a0:75:95:6e:90:ad:85:9e:03:7e:60:bb:d0:ee:45:12:96:79:
97:2f:28:0a:30:cc:89:9b:5f:d9:a6:b0:40:d1:35:7e:52:a2:
25:7d:a9:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOjLSoWQgYlydKQKSmDY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhODM0ZGYxZGFmYTdmZTZlYWQzNjBiM2VlNzVhMjkzMWFm
MWZmZTkwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2U4NDc1YjU1ZjE2ODE0MDMzMWUwOTRhOTUyNzdiMzZhNTY3OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7pQmU/l+KjembK4k8NqONnk5w5+
GucUn6ZDaNBRhg8Ay8Dwc1v7tJZMhiofy3hIhW2X97T3CpB2CxSuIDOcg1mCsrwC
SE7uDENMhwprLBj/C6dQv2D5eQnp+yoySbY47wUr6sYnZy5i1vOsKtTF6xGM5OMZ
InvxDoC40Bt7k68cRP23RcCaR5ln3cpWh1lp+IjftLz5q5w42QWdWOWJip0xa9Nd
Wqsy+LEY5rqcGZ9kod6U/VV7TJ6BlSfqMraQYLXklbTX0YTJGalXpunaDgom2dWu
5xvpZfBV58ua+Brcx3b79hwBb1GnRT6WPYZQgk8qGbphHHIrbhEOKRXAOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzoR1tV8WgUAzHglKlSd7NqVnmeMB8GA1UdIwQY
MBaAFNqDTfHa+n/m6tNgs+51opMa8f/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9OTjhkcjZmLWJxMDJDejduV2lreHJ4Xy1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNWI0ZTctOGE2OC00NjZkLTlmYzUt
MDc1ZGM0NjA0YWVmLzEvX09oSFcxWHhhQlFETWVDVXFWSjNzMnBXZVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNWI0ZTctOGE2OC00NjZkLTlmYzUtMDc1ZGM0NjA0YWVm
LzEvMm9OTjhkcjZmLWJxMDJDejduV2lreHJ4Xy1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucPkMA0G
CSqGSIb3DQEBCwUAA4IBAQCSbEU4B/1BlyGmBWh6of1G0aYRfJly83k5lt2HI7PW
MS7RJsh+BR8laNx2yGLu54uSWTou1xfynKCpkAlbxMUGJuOYl43BH7pXeDJPr8Bs
nYtdSgpcDahJLr0ZHgbVKYAg9S/UP4OUZ7MJZ6vjfNpy5tjvvLe6hbEr+SNqRUuC
yPY8FXYAbLcPSXObkUgoQQ6+kehG1vqpCavgzvFSMoIZ5NG0DygGb091+6ZYeIdH
U1SW/pT1v/L/n5uCemRt4Ik1HexR2Hd7RM/aJ7bNH/ei5hEX6LkFCk6gdZVukK2F
ngN+YLvQ7kUSlnmXLygKMMyJm1/ZprBA0TV+UqIlfanW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:48 2024 by rpki-client on console-fra.rpki-client.org