Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/Okw0heCuPGjxKILDDtETYfv7fpw.roa
File: Okw0heCuPGjxKILDDtETYfv7fpw.roa (raw, json)
Hash identifier: Ng+HKVrShSF1acAvaTf/cSDQVyzPKQ6yHUPuhoiLD1Y=
Subject key identifier: 3A:4C:34:85:E0:AE:3C:68:F1:28:82:C3:0E:D1:13:61:FB:FB:7E:9C
Certificate issuer: /CN=9cbe9c43ee759896003919508734723346bf7016
Certificate serial: 018573FDD5C4AB6FE61C9064666CD631AA43
Authority key identifier: 9C:BE:9C:43:EE:75:98:96:00:39:19:50:87:34:72:33:46:BF:70:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nL6cQ-51mJYAORlQhzRyM0a_cBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/Okw0heCuPGjxKILDDtETYfv7fpw.roa
Signing time: Mon 02 Jan 2023 19:38:13 +0000
ROA not before: Mon 02 Jan 2023 19:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39244
IP address blocks: 81.21.178.0/24 maxlen: 24
81.21.176.0/23 maxlen: 23
81.21.179.0/24 maxlen: 24
81.21.180.0/22 maxlen: 22
81.21.184.0/21 maxlen: 21
188.65.192.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:fd:d5:c4:ab:6f:e6:1c:90:64:66:6c:d6:31:aa:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbe9c43ee759896003919508734723346bf7016
Validity
Not Before: Jan 2 19:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a4c3485e0ae3c68f12882c30ed11361fbfb7e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5d:18:54:2b:cd:b7:b4:a8:52:2e:7a:da:be:
4e:a9:8d:c6:fc:38:06:66:b3:93:30:e0:3c:9f:5a:
06:d6:85:7f:30:04:36:57:3f:6e:d6:79:67:6d:7d:
c4:b6:e8:70:da:71:46:52:7d:1b:f6:15:90:6d:d7:
f1:bc:e6:33:99:99:15:68:8e:ab:64:e0:33:62:cf:
09:f6:02:ce:f0:6d:b3:4e:f5:5a:41:c4:89:59:35:
a0:c4:27:29:96:fd:b1:cc:3f:e7:99:b7:cc:4e:37:
f3:97:58:54:e7:93:46:ef:1f:8a:47:2b:92:38:91:
e5:48:03:3d:89:9c:95:d3:13:6f:e7:e9:0f:f9:a4:
92:de:b8:96:b1:04:0c:24:c4:b2:81:71:5c:20:ca:
6d:2a:3b:f3:ef:c1:8f:54:0e:bf:19:1d:14:88:e8:
ed:69:c3:af:b6:4c:4e:0b:bb:fe:a6:97:23:f8:20:
92:26:b1:82:dc:13:ae:90:19:41:e1:e8:ab:3a:f2:
72:d1:79:76:4f:0d:d5:34:5f:e7:aa:fc:2b:d1:5d:
b8:9b:4e:d7:45:14:e7:a3:87:c7:7c:17:48:65:e7:
39:d9:1f:72:c9:2c:30:00:b6:05:5c:44:37:ad:1c:
0a:d1:20:01:eb:81:e8:f8:f9:99:f2:fd:a1:05:4b:
77:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4C:34:85:E0:AE:3C:68:F1:28:82:C3:0E:D1:13:61:FB:FB:7E:9C
X509v3 Authority Key Identifier:
keyid:9C:BE:9C:43:EE:75:98:96:00:39:19:50:87:34:72:33:46:BF:70:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nL6cQ-51mJYAORlQhzRyM0a_cBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/Okw0heCuPGjxKILDDtETYfv7fpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f974e9-4743-46db-a348-1d1989f06618/1/nL6cQ-51mJYAORlQhzRyM0a_cBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.176.0/20
188.65.192.0/21
Signature Algorithm: sha256WithRSAEncryption
13:70:cf:f4:5c:83:f2:32:1d:d1:38:ab:f2:ab:6d:21:79:05:
aa:70:72:e8:b9:0f:f1:28:a5:41:e3:45:7a:16:70:7c:34:7d:
b7:0a:c5:b5:32:a4:40:26:7c:d6:0b:6e:dc:58:74:50:99:ca:
66:51:ee:62:4d:d5:4a:7e:6d:a1:1e:a6:41:62:ae:76:47:73:
26:4d:14:64:8e:d8:1c:af:5c:c9:e0:3b:ba:45:7a:31:c4:f5:
1e:0b:c4:a8:e2:fd:93:ed:0c:c6:ad:a2:de:b5:90:77:c9:9a:
64:a7:dc:e1:c4:4b:e6:9b:5f:ca:b1:71:d4:0c:1d:f8:86:fe:
39:5c:d7:ff:50:7a:7f:99:71:1d:42:1e:19:37:ad:c5:c4:06:
f3:61:aa:4e:f2:06:82:b8:ce:34:b1:26:b4:b4:56:6a:93:be:
6c:bb:24:74:e8:11:aa:a9:de:29:7d:37:ea:06:bb:14:bd:aa:
59:72:17:af:68:73:15:0c:96:9a:fd:83:a2:b4:d5:83:12:06:
0d:25:c8:5f:96:8b:34:e4:c2:82:b9:ac:cb:13:04:85:09:ef:
1f:5e:c0:33:0e:35:ca:cf:ed:84:1a:66:41:98:aa:e3:90:39:
8c:c8:2e:a8:3a:be:24:62:bd:48:a2:f3:bb:bb:34:59:dc:7c:
5f:a8:93:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVz/dXEq2/mHJBkZmzWMapDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmU5YzQzZWU3NTk4OTYwMDM5MTk1MDg3MzQ3MjMzNDZi
ZjcwMTYwHhcNMjMwMTAyMTkzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRjMzQ4NWUwYWUzYzY4ZjEyODgyYzMwZWQxMTM2MWZiZmI3ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil0YVCvNt7SoUi562r5OqY3G/DgG
ZrOTMOA8n1oG1oV/MAQ2Vz9u1nlnbX3Etuhw2nFGUn0b9hWQbdfxvOYzmZkVaI6r
ZOAzYs8J9gLO8G2zTvVaQcSJWTWgxCcplv2xzD/nmbfMTjfzl1hU55NG7x+KRyuS
OJHlSAM9iZyV0xNv5+kP+aSS3riWsQQMJMSygXFcIMptKjvz78GPVA6/GR0UiOjt
acOvtkxOC7v+ppcj+CCSJrGC3BOukBlB4eirOvJy0Xl2Tw3VNF/nqvwr0V24m07X
RRTno4fHfBdIZec52R9yySwwALYFXEQ3rRwK0SAB64Ho+PmZ8v2hBUt3KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpMNIXgrjxo8SiCww7RE2H7+36cMB8GA1UdIwQY
MBaAFJy+nEPudZiWADkZUIc0cjNGv3AWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkw2Y1EtNTFtSllBT1JsUWh6UnlNMGFfY0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTc0ZTktNDc0My00NmRiLWEzNDgt
MWQxOTg5ZjA2NjE4LzEvT2t3MGhlQ3VQR2p4S0lMRER0RVRZZnY3ZnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTc0ZTktNDc0My00NmRiLWEzNDgtMWQxOTg5ZjA2NjE4
LzEvbkw2Y1EtNTFtSllBT1JsUWh6UnlNMGFfY0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEURWwAwQD
vEHAMA0GCSqGSIb3DQEBCwUAA4IBAQATcM/0XIPyMh3ROKvyq20heQWqcHLouQ/x
KKVB40V6FnB8NH23CsW1MqRAJnzWC27cWHRQmcpmUe5iTdVKfm2hHqZBYq52R3Mm
TRRkjtgcr1zJ4Du6RXoxxPUeC8So4v2T7QzGraLetZB3yZpkp9zhxEvmm1/KsXHU
DB34hv45XNf/UHp/mXEdQh4ZN63FxAbzYapO8gaCuM40sSa0tFZqk75suyR06BGq
qd4pfTfqBrsUvapZchevaHMVDJaa/YOitNWDEgYNJchflos05MKCuazLEwSFCe8f
XsAzDjXKz+2EGmZBmKrjkDmMyC6oOr4kYr1IovO7uzRZ3HxfqJNi
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:54 2024 by rpki-client on console.sobornost.net