Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/otMRkyAeZALSSRLwHo8qx6fvHzc.roa
File: otMRkyAeZALSSRLwHo8qx6fvHzc.roa (raw, json)
Hash identifier: +SXJBI29V270YBF1HMJQSrfL2zYVzfQMl0Lwrd3StcE=
Subject key identifier: A2:D3:11:93:20:1E:64:02:D2:49:12:F0:1E:8F:2A:C7:A7:EF:1F:37
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A9303BCC309ECCAC83C124DB54028CCAB
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/otMRkyAeZALSSRLwHo8qx6fvHzc.roa
Signing time: Thu 14 Sep 2023 09:26:50 +0000
ROA not before: Thu 14 Sep 2023 09:26:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203
IP address blocks: 185.148.224.0/23 maxlen: 24
109.234.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 12:34:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:03:bc:c3:09:ec:ca:c8:3c:12:4d:b5:40:28:cc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 14 09:26:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d31193201e6402d24912f01e8f2ac7a7ef1f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2f:7f:a1:7d:2f:86:ad:d6:30:4b:c4:8e:d4:
66:01:c5:26:c8:85:d6:e3:f3:2b:9f:80:8d:2f:c2:
e2:84:e8:b0:d2:b4:bc:5f:54:93:d8:10:f0:38:e4:
fc:a8:1c:a9:68:75:59:f5:5f:26:d3:c2:8f:00:7b:
11:c1:67:00:74:fe:63:26:37:78:f6:5e:39:16:81:
64:4b:31:20:6f:69:e5:5b:e6:a9:1e:38:20:76:41:
3d:bf:8b:df:a0:01:1f:34:3f:0f:2f:ea:03:f2:ff:
32:fd:21:45:e1:23:15:09:e6:37:38:4b:b9:64:31:
eb:bd:ec:86:2d:fa:19:28:51:4b:70:a3:20:6e:78:
9a:ef:7e:b5:19:1d:52:3a:20:a3:a7:17:6e:f2:c2:
e8:ae:d0:9c:99:ae:f5:c5:8f:ac:a4:53:8c:8e:01:
8f:91:a1:10:88:7f:2f:96:8f:00:3e:6b:29:83:5c:
d5:7c:01:b2:c5:d0:d5:f6:18:d5:65:f1:ed:66:4b:
99:30:09:1d:97:ed:79:7b:e8:4d:51:48:cb:14:20:
2c:2d:c5:7a:93:43:da:23:15:ea:1f:c4:6c:3d:f6:
6a:03:7b:ea:c3:de:2a:14:63:da:5a:5a:0d:df:76:
35:b7:91:2c:0d:ef:63:12:53:37:fd:a4:de:3d:89:
b0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:11:93:20:1E:64:02:D2:49:12:F0:1E:8F:2A:C7:A7:EF:1F:37
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/otMRkyAeZALSSRLwHo8qx6fvHzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.0.0/21
185.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
45:e2:ea:33:00:26:c0:e6:29:57:40:a3:6b:de:6c:1e:22:a4:
cc:02:cd:15:f3:37:9a:d6:16:05:f3:85:b5:61:aa:28:19:f8:
0a:70:e7:c1:b0:1a:68:cd:6c:82:33:84:1c:76:1f:de:07:05:
5f:c6:44:0c:d3:a7:f7:c1:fa:62:e5:b5:ec:06:01:41:65:17:
db:56:3c:e6:fa:16:55:76:86:6e:d4:d5:11:eb:24:58:d2:e2:
2c:59:db:97:d2:a5:f2:ee:7c:87:22:5b:d6:e4:cf:8b:bf:d6:
36:b0:e4:c9:6a:91:62:cf:c8:7e:e4:5c:a0:14:84:da:b4:ee:
3a:67:e5:b0:f8:a3:c5:c8:8c:95:bc:31:ac:6b:4e:f6:28:0e:
33:87:0b:bc:5c:26:0c:5b:70:35:65:8a:be:ea:8e:41:3c:10:
c9:9b:53:d1:f9:fc:3a:94:13:3d:dd:52:d8:97:02:e1:07:c4:
2a:69:7d:50:17:92:cd:45:9c:ce:4a:89:14:06:98:4f:01:b3:
d9:6c:43:47:0e:19:d3:ce:d1:5e:4c:55:ac:6c:32:87:4a:ea:
24:db:4f:96:47:76:72:1a:89:7c:dc:22:47:54:05:e1:5f:53:
69:5f:5c:4d:dc:4e:cd:11:50:77:4f:6c:ae:82:ba:d0:c9:e4:
50:ec:a2:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqTA7zDCezKyDwSTbVAKMyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTE0MDkyNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQzMTE5MzIwMWU2NDAyZDI0OTEyZjAxZThmMmFjN2E3ZWYxZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli9/oX0vhq3WMEvEjtRmAcUmyIXW
4/Mrn4CNL8LihOiw0rS8X1ST2BDwOOT8qBypaHVZ9V8m08KPAHsRwWcAdP5jJjd4
9l45FoFkSzEgb2nlW+apHjggdkE9v4vfoAEfND8PL+oD8v8y/SFF4SMVCeY3OEu5
ZDHrveyGLfoZKFFLcKMgbnia7361GR1SOiCjpxdu8sLortCcma71xY+spFOMjgGP
kaEQiH8vlo8APmspg1zVfAGyxdDV9hjVZfHtZkuZMAkdl+15e+hNUUjLFCAsLcV6
k0PaIxXqH8RsPfZqA3vqw94qFGPaWloN33Y1t5EsDe9jElM3/aTePYmwhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLTEZMgHmQC0kkS8B6PKsen7x83MB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvb3RNUmt5QWVaQUxTU1JMd0hvOHF4NmZ2SHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbeoAAwQB
uZTgMA0GCSqGSIb3DQEBCwUAA4IBAQBF4uozACbA5ilXQKNr3mweIqTMAs0V8zea
1hYF84W1YaooGfgKcOfBsBpozWyCM4Qcdh/eBwVfxkQM06f3wfpi5bXsBgFBZRfb
Vjzm+hZVdoZu1NUR6yRY0uIsWduX0qXy7nyHIlvW5M+Lv9Y2sOTJapFiz8h+5Fyg
FITatO46Z+Ww+KPFyIyVvDGsa072KA4zhwu8XCYMW3A1ZYq+6o5BPBDJm1PR+fw6
lBM93VLYlwLhB8QqaX1QF5LNRZzOSokUBphPAbPZbENHDhnTztFeTFWsbDKHSuok
20+WR3ZyGol83CJHVAXhX1NpX1xN3E7NEVB3T2yugrrQyeRQ7KJZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org