Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/OQkoN--sjtP5_8a8z8d7UYPoB2A.roa
File: OQkoN--sjtP5_8a8z8d7UYPoB2A.roa (raw, json)
Hash identifier: Q1e9rqQxwjv+ZP55IS72DwoW3LBRryABX5Qa8vjeD7s=
Subject key identifier: 39:09:28:37:EF:AC:8E:D3:F9:FF:C6:BC:CF:C7:7B:51:83:E8:07:60
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 01856D4A9906505765333A8ED491A7E34416
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/OQkoN--sjtP5_8a8z8d7UYPoB2A.roa
Signing time: Sun 01 Jan 2023 12:24:43 +0000
ROA not before: Sun 01 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29436
IP address blocks: 192.162.80.0/22 maxlen: 22
193.238.36.0/22 maxlen: 22
195.149.108.0/24 maxlen: 24
192.166.112.0/23 maxlen: 23
2001:67c:2d9c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:99:06:50:57:65:33:3a:8e:d4:91:a7:e3:44:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Jan 1 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39092837efac8ed3f9ffc6bccfc77b5183e80760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6c:ed:6b:ab:81:49:35:6b:76:99:03:af:a7:
a7:ef:81:3d:97:f9:98:3a:ab:ef:01:f9:63:c9:9d:
d4:33:f0:8c:48:4c:2a:73:68:62:c9:56:16:28:ef:
05:33:bd:ba:8e:43:78:a8:09:a6:e6:5f:59:d0:54:
27:59:d6:47:5d:22:ba:80:56:5c:37:83:91:01:87:
23:bf:32:ba:72:61:61:0f:e5:d5:2e:6a:3e:eb:f5:
d7:3a:bf:ee:fc:d6:11:83:02:1b:f1:a2:5b:90:20:
9e:07:e6:1d:5d:91:42:10:e2:20:44:a6:9a:2f:e9:
7c:f6:8d:50:93:2f:02:e4:4d:b1:91:d2:82:96:d2:
62:96:97:77:63:bb:b4:96:24:0a:d2:3e:02:b1:0c:
47:f7:89:f7:bf:0f:b8:76:26:a0:ff:96:b7:ad:31:
55:57:cc:dd:9c:b5:45:aa:b2:c9:b6:86:d1:04:dc:
01:3a:92:f1:8e:10:c4:09:7a:b9:bc:0c:db:f3:04:
43:3f:8b:fc:2d:b8:98:7d:3f:97:3f:bb:14:1c:3f:
a7:06:fd:64:a6:10:e3:66:c3:42:b7:b1:0f:ed:c8:
2e:4c:5f:c5:2e:ae:ca:5e:b9:75:1e:b1:b2:d9:93:
87:10:e7:39:b0:c6:18:34:eb:85:7d:c7:fd:7f:55:
af:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:09:28:37:EF:AC:8E:D3:F9:FF:C6:BC:CF:C7:7B:51:83:E8:07:60
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/OQkoN--sjtP5_8a8z8d7UYPoB2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.80.0/22
192.166.112.0/23
193.238.36.0/22
195.149.108.0/24
IPv6:
2001:67c:2d9c::/48
Signature Algorithm: sha256WithRSAEncryption
b6:11:1f:b5:13:ff:58:8a:e6:63:79:3c:54:59:db:3f:7a:fa:
c1:1c:ae:3f:5e:37:1d:91:fb:fc:fe:df:08:8e:74:0c:90:7d:
79:2b:ee:ed:89:82:3f:ff:86:fb:d2:7f:fd:8f:b0:c2:1a:db:
7a:7f:ee:38:71:2f:1e:5d:fb:e5:40:d1:f1:a8:45:1f:ec:6b:
25:31:e7:c3:1b:9d:65:ce:94:73:61:d7:dd:ea:c1:d2:c9:16:
8e:88:5a:36:98:c2:6d:b2:d5:f5:a5:78:4b:80:41:0c:90:26:
f4:82:36:21:5a:6b:d4:8f:a0:41:49:9a:7e:2e:d5:5e:a6:fb:
91:eb:3f:0c:d8:75:4a:58:3d:3f:43:7b:97:0c:84:71:05:3b:
fe:70:fd:f5:86:aa:95:a8:9a:e8:ee:48:06:56:08:59:ab:51:
c1:65:e4:11:a4:55:c9:f3:95:d6:16:32:76:bb:f5:17:52:1d:
d4:51:b0:88:8a:fe:2a:2e:06:4d:a1:9a:b9:2f:e3:ca:0c:71:
1a:e9:46:05:8f:f5:04:a7:78:46:43:cf:42:62:b3:23:30:a7:
fe:28:0c:5b:bd:be:b5:7f:4e:c6:f4:7a:7f:03:75:5c:ca:2a:
d1:5a:11:7b:c0:31:f5:08:ac:ca:41:33:49:24:16:18:11:0d:
51:68:fa:6a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVtSpkGUFdlMzqO1JGn40QWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjMwMTAxMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA5MjgzN2VmYWM4ZWQzZjlmZmM2YmNjZmM3N2I1MTgzZTgwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2zta6uBSTVrdpkDr6en74E9l/mY
OqvvAfljyZ3UM/CMSEwqc2hiyVYWKO8FM726jkN4qAmm5l9Z0FQnWdZHXSK6gFZc
N4ORAYcjvzK6cmFhD+XVLmo+6/XXOr/u/NYRgwIb8aJbkCCeB+YdXZFCEOIgRKaa
L+l89o1Qky8C5E2xkdKCltJilpd3Y7u0liQK0j4CsQxH94n3vw+4diag/5a3rTFV
V8zdnLVFqrLJtobRBNwBOpLxjhDECXq5vAzb8wRDP4v8LbiYfT+XP7sUHD+nBv1k
phDjZsNCt7EP7cguTF/FLq7KXrl1HrGy2ZOHEOc5sMYYNOuFfcf9f1WvcwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDkJKDfvrI7T+f/GvM/He1GD6AdgMB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvT1Frb04tLXNqdFA1XzhhOHo4ZDdVWVBvQjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCwKJQAwQB
wKZwAwQCwe4kAwQAw5VsMA8EAgACMAkDBwAgAQZ8LZwwDQYJKoZIhvcNAQELBQAD
ggEBALYRH7UT/1iK5mN5PFRZ2z96+sEcrj9eNx2R+/z+3wiOdAyQfXkr7u2Jgj//
hvvSf/2PsMIa23p/7jhxLx5d++VA0fGoRR/sayUx58MbnWXOlHNh193qwdLJFo6I
WjaYwm2y1fWleEuAQQyQJvSCNiFaa9SPoEFJmn4u1V6m+5HrPwzYdUpYPT9De5cM
hHEFO/5w/fWGqpWomujuSAZWCFmrUcFl5BGkVcnzldYWMna79RdSHdRRsIiK/iou
Bk2hmrkv48oMcRrpRgWP9QSneEZDz0JisyMwp/4oDFu9vrV/Tsb0en8DdVzKKtFa
EXvAMfUIrMpBM0kkFhgRDVFo+mo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:52 2024 by rpki-client on console.sobornost.net