Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/o0gzN_0o-72jzxdIn8_lEKMWR30.roa
File: o0gzN_0o-72jzxdIn8_lEKMWR30.roa (raw, json)
Hash identifier: GTezOaeUsyGQ0KTrqOv3dNoFyWImEu5kzjrkQhteqS4=
Subject key identifier: A3:48:33:37:FD:28:FB:BD:A3:CF:17:48:9F:CF:E5:10:A3:16:47:7D
Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Certificate serial: 018ACB4787AD5F414702FE465A35B5BFEBE7
Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/o0gzN_0o-72jzxdIn8_lEKMWR30.roa
Signing time: Mon 25 Sep 2023 07:39:37 +0000
ROA not before: Mon 25 Sep 2023 07:39:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203428
IP address blocks: 81.8.150.0/24 maxlen: 24
81.8.151.0/24 maxlen: 24
81.8.152.0/24 maxlen: 24
81.8.153.0/24 maxlen: 24
81.8.154.0/24 maxlen: 24
81.8.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:47:87:ad:5f:41:47:02:fe:46:5a:35:b5:bf:eb:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Validity
Not Before: Sep 25 07:39:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3483337fd28fbbda3cf17489fcfe510a316477d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:b2:73:1c:a8:1b:74:ec:2c:e3:9d:a5:b3:
61:7d:53:56:be:54:b1:8a:f6:57:2b:f9:8a:bd:48:
db:21:47:ad:86:9c:97:06:e8:13:ca:31:7d:05:35:
57:35:f7:d2:52:44:03:21:93:86:b0:98:16:a9:a3:
7a:41:3d:af:b9:5e:50:f7:78:de:56:93:b1:9b:b0:
69:4e:b8:68:49:7f:11:31:a5:dc:a4:3e:b8:24:9e:
f2:78:a4:bd:fa:83:62:bd:a2:8e:99:0e:2f:f7:8e:
87:f1:97:c8:5b:a1:0f:2e:c0:1a:a7:d8:9d:01:c6:
95:67:c7:db:fa:ad:1d:94:e7:32:63:1e:0c:ff:b8:
ac:7c:c0:2f:f3:d2:d0:4b:18:1d:2f:dd:6a:04:4a:
db:06:d6:de:ae:94:b9:a0:c9:9c:51:6f:51:d0:1e:
7e:05:ae:41:37:cc:a7:7f:00:b2:85:30:51:0b:25:
a9:8d:4b:1e:19:97:ee:43:d7:2c:27:15:b2:15:ce:
8c:8f:8b:87:c5:b2:c4:9d:eb:b2:13:cc:aa:f9:c4:
4d:9a:b1:43:2b:78:4b:47:88:bf:29:68:e4:28:18:
9e:99:af:7f:41:26:d2:78:06:9e:14:6b:f3:05:08:
73:ae:ca:bd:b3:3c:8d:74:56:ee:0d:99:22:92:8f:
2d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:48:33:37:FD:28:FB:BD:A3:CF:17:48:9F:CF:E5:10:A3:16:47:7D
X509v3 Authority Key Identifier:
keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/o0gzN_0o-72jzxdIn8_lEKMWR30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.8.150.0-81.8.155.255
Signature Algorithm: sha256WithRSAEncryption
04:9d:d0:ad:2c:96:27:b8:9e:b2:92:a1:cf:8f:8a:02:8b:c7:
83:0d:97:49:8c:5c:71:a1:b7:13:c5:fe:05:8a:e6:1f:6b:b5:
21:30:1b:22:c9:cd:4c:d4:f4:67:7d:13:7e:0c:b3:36:64:f3:
eb:c1:32:26:0c:cc:0a:a0:78:aa:74:d7:ab:17:ba:03:f3:d1:
c7:88:13:9d:f9:0a:94:63:6a:a1:ec:cf:83:fa:07:3f:99:f1:
8b:f7:ed:8f:79:b4:96:87:41:cd:66:cc:24:1d:19:00:ca:74:
d0:fa:d5:95:0c:3e:c6:0b:92:81:76:b8:66:3e:31:74:b5:1c:
8d:69:2b:d3:8d:07:65:e2:2f:0c:53:4b:a9:d9:19:a3:b9:ec:
da:be:59:d1:7d:a8:83:b8:c9:9a:5a:79:e6:27:89:11:47:aa:
55:7e:c0:d6:7c:1b:74:6c:be:ea:22:8a:f8:ac:97:52:c7:6e:
1e:2d:76:03:77:1b:d4:53:d9:50:71:02:7e:97:35:48:c7:ed:
e6:c6:71:9b:a5:d3:26:90:67:da:cd:70:0b:71:17:b0:61:db:
bf:8e:26:33:16:3c:69:d4:1f:97:93:0e:9b:7c:29:45:a8:86:
5c:64:c2:ea:c4:19:ce:6f:73:24:c9:67:52:2d:6d:ee:43:83:
ed:4c:d8:8e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrLR4etX0FHAv5GWjW1v+vnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl
ODY0ZmYwHhcNMjMwOTI1MDczOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ4MzMzN2ZkMjhmYmJkYTNjZjE3NDg5ZmNmZTUxMGEzMTY0NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB6ycxyoG3TsLOOdpbNhfVNWvlSx
ivZXK/mKvUjbIUethpyXBugTyjF9BTVXNffSUkQDIZOGsJgWqaN6QT2vuV5Q93je
VpOxm7BpTrhoSX8RMaXcpD64JJ7yeKS9+oNivaKOmQ4v946H8ZfIW6EPLsAap9id
AcaVZ8fb+q0dlOcyYx4M/7isfMAv89LQSxgdL91qBErbBtberpS5oMmcUW9R0B5+
Ba5BN8ynfwCyhTBRCyWpjUseGZfuQ9csJxWyFc6Mj4uHxbLEneuyE8yq+cRNmrFD
K3hLR4i/KWjkKBiema9/QSbSeAaeFGvzBQhzrsq9szyNdFbuDZkiko8tnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKNIMzf9KPu9o88XSJ/P5RCjFkd9MB8GA1UdIwQY
MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt
NzczM2JkODg4ZTI4LzEvbzBnek5fMG8tNzJqenhkSW44X2xFS01XUjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4
LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFRCJYD
BAJRCJgwDQYJKoZIhvcNAQELBQADggEBAASd0K0slie4nrKSoc+PigKLx4MNl0mM
XHGhtxPF/gWK5h9rtSEwGyLJzUzU9Gd9E34MszZk8+vBMiYMzAqgeKp016sXugPz
0ceIE535CpRjaqHsz4P6Bz+Z8Yv37Y95tJaHQc1mzCQdGQDKdND61ZUMPsYLkoF2
uGY+MXS1HI1pK9ONB2XiLwxTS6nZGaO57Nq+WdF9qIO4yZpaeeYniRFHqlV+wNZ8
G3Rsvuoiivisl1LHbh4tdgN3G9RT2VBxAn6XNUjH7ebGcZul0yaQZ9rNcAtxF7Bh
27+OJjMWPGnUH5eTDpt8KUWohlxkwurEGc5vcyTJZ1Itbe5Dg+1M2I4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:56 2024 by rpki-client on console-ams.rpki-client.org