Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tOR9si5jSpAGXjmCsfPai-jBksQ.roa
File: tOR9si5jSpAGXjmCsfPai-jBksQ.roa (raw, json)
Hash identifier: lkJMfVwWxgpcze38TYcXQ4guqqFW27rcr/JtANjenbE=
Subject key identifier: B4:E4:7D:B2:2E:63:4A:90:06:5E:39:82:B1:F3:DA:8B:E8:C1:92:C4
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB84A9DA6E1F35591906BD63F2F4BE3
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tOR9si5jSpAGXjmCsfPai-jBksQ.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31660
IP address blocks: 81.255.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:4a:9d:a6:e1:f3:55:91:90:6b:d6:3f:2f:4b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e47db22e634a90065e3982b1f3da8be8c192c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:ed:6d:16:bd:ab:81:bc:e4:fc:d5:31:7a:
f5:fd:19:e3:b5:3c:c3:54:ab:06:db:9d:08:32:6a:
ee:70:cb:c5:1f:07:69:cc:72:47:f4:cb:f8:a3:a9:
44:2e:e1:ed:f2:72:55:af:b4:cf:b8:7d:fb:a2:77:
8d:d6:55:4b:cb:75:b6:da:47:67:2d:d8:88:b7:35:
ce:67:da:ba:fe:5d:bd:3c:1d:6c:49:03:56:1e:77:
34:e0:22:62:05:38:e3:64:68:4a:9b:a2:a2:2d:83:
57:ca:d9:97:c4:b2:97:7a:95:06:3c:93:62:26:7b:
c3:85:01:e4:f4:8f:a5:31:64:ce:db:14:c9:ae:8a:
1e:ee:93:25:d9:79:55:8d:f9:19:17:81:3c:dc:4e:
c9:fa:db:21:b4:5b:98:98:ee:05:05:ec:ed:78:53:
1e:ba:be:93:a9:06:5c:4b:ca:0f:92:72:0f:dc:03:
f3:db:fb:52:70:e2:7e:6a:e4:5a:cb:1e:e9:2d:0c:
6c:7b:b6:03:f0:52:34:0e:26:e1:e9:94:3e:e9:16:
22:4c:28:94:7f:64:4c:6e:a0:8e:5f:dc:cc:88:5b:
c7:13:ac:31:5c:62:86:85:c6:da:95:15:de:9e:3b:
f0:89:e6:d0:9d:27:a5:bf:93:21:b1:46:76:22:6c:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E4:7D:B2:2E:63:4A:90:06:5E:39:82:B1:F3:DA:8B:E8:C1:92:C4
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tOR9si5jSpAGXjmCsfPai-jBksQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.156.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ea:bd:e2:62:ad:f6:d5:55:9d:51:98:ff:b7:5e:f1:b6:21:
b1:93:27:39:e2:24:e3:6f:79:2c:44:2a:28:91:f1:e5:88:e2:
b7:92:01:0c:45:56:75:c9:4d:7e:70:e8:b2:d5:dd:c1:75:1a:
9a:9a:a4:25:2d:e5:a6:5e:bd:1e:af:db:98:fa:b2:85:cf:28:
4a:50:da:94:ad:d9:1d:25:0c:a6:71:a4:21:75:83:47:ab:1a:
dc:89:2f:6d:42:b2:77:8e:51:9d:72:8c:55:85:88:6e:ba:73:
31:dd:85:cb:2e:9e:da:80:3e:7c:38:1a:cc:d0:4e:6f:8b:4b:
2b:88:f4:fe:43:ac:f6:13:04:cf:83:89:d6:0d:2d:be:d7:cb:
a8:e0:ab:dc:ab:50:91:a6:92:fa:12:72:47:a5:a2:82:86:e9:
28:64:6b:15:52:1d:84:45:6f:ce:23:cc:59:f9:ea:3d:b7:dc:
56:a8:3e:5b:20:93:0a:f8:41:9a:f1:74:f7:a8:02:30:88:36:
8f:f5:e7:07:02:9c:3c:59:e6:df:05:55:9d:36:94:1b:32:4a:
47:42:48:2f:5a:51:75:be:3d:11:9b:11:a1:2a:0a:7a:6d:8f:
5b:63:5f:2f:2e:62:3c:23:75:c1:e5:4b:19:9f:7f:5c:ea:87:
44:74:9e:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuEqdpuHzVZGQa9Y/L0vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU0N2RiMjJlNjM0YTkwMDY1ZTM5ODJiMWYzZGE4YmU4YzE5MmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNjtbRa9q4G85PzVMXr1/RnjtTzD
VKsG250IMmrucMvFHwdpzHJH9Mv4o6lELuHt8nJVr7TPuH37oneN1lVLy3W22kdn
LdiItzXOZ9q6/l29PB1sSQNWHnc04CJiBTjjZGhKm6KiLYNXytmXxLKXepUGPJNi
JnvDhQHk9I+lMWTO2xTJrooe7pMl2XlVjfkZF4E83E7J+tshtFuYmO4FBezteFMe
ur6TqQZcS8oPknIP3APz2/tScOJ+auRayx7pLQxse7YD8FI0Dibh6ZQ+6RYiTCiU
f2RMbqCOX9zMiFvHE6wxXGKGhcbalRXenjvwiebQnSelv5MhsUZ2ImyPWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTkfbIuY0qQBl45grHz2ovowZLEMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvdE9SOXNpNWpTcEFHWGptQ3NmUGFpLWpCa3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUf+cMA0G
CSqGSIb3DQEBCwUAA4IBAQAT6r3iYq321VWdUZj/t17xtiGxkyc54iTjb3ksRCoo
kfHliOK3kgEMRVZ1yU1+cOiy1d3BdRqamqQlLeWmXr0er9uY+rKFzyhKUNqUrdkd
JQymcaQhdYNHqxrciS9tQrJ3jlGdcoxVhYhuunMx3YXLLp7agD58OBrM0E5vi0sr
iPT+Q6z2EwTPg4nWDS2+18uo4Kvcq1CRppL6EnJHpaKChukoZGsVUh2ERW/OI8xZ
+eo9t9xWqD5bIJMK+EGa8XT3qAIwiDaP9ecHApw8WebfBVWdNpQbMkpHQkgvWlF1
vj0RmxGhKgp6bY9bY18vLmI8I3XB5UsZn39c6odEdJ4C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org