Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/OeJY9qrix_LMTnv5VGvYW4dFf1w.roa
File: OeJY9qrix_LMTnv5VGvYW4dFf1w.roa (raw, json)
Hash identifier: yV2LCnWoiVvX5FlEWpTbgYOF/4FpCUEAYYcdUUPuc3Y=
Subject key identifier: 39:E2:58:F6:AA:E2:C7:F2:CC:4E:7B:F9:54:6B:D8:5B:87:45:7F:5C
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 01856DD40C1002E4C3C60F7EC6CE317C1104
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/OeJY9qrix_LMTnv5VGvYW4dFf1w.roa
Signing time: Sun 01 Jan 2023 14:54:51 +0000
ROA not before: Sun 01 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199284
IP address blocks: 91.137.16.0/20 maxlen: 24
91.137.50.0/23 maxlen: 24
91.137.48.0/22 maxlen: 24
91.137.56.0/22 maxlen: 22
91.137.60.0/22 maxlen: 24
91.137.62.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Mar 2023 13:11:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0c:10:02:e4:c3:c6:0f:7e:c6:ce:31:7c:11:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 1 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e258f6aae2c7f2cc4e7bf9546bd85b87457f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4a:7e:15:05:eb:17:35:77:cd:65:19:98:52:
95:71:69:fb:06:ee:7b:a3:ec:49:fe:28:99:f0:bc:
19:17:52:f1:a0:c7:15:ab:42:28:48:c1:1b:4b:67:
2e:cd:20:93:41:a5:80:95:c9:ae:28:a8:f2:82:62:
8a:37:98:c0:f4:8d:f2:40:27:0b:80:23:c8:36:57:
9a:0f:6a:98:bb:24:cd:73:fb:19:fa:32:2e:36:a8:
6a:07:7b:59:33:01:59:56:8f:e7:a0:d1:25:6d:eb:
f4:31:64:b3:3a:b5:79:9a:a6:d4:58:14:a2:98:34:
1e:11:78:ff:d2:2a:d9:7e:01:3a:58:46:86:3a:f7:
e0:06:f1:a2:a3:9e:21:1f:c1:dc:2d:22:f9:32:c1:
f1:2a:6a:dc:5f:d7:ce:9a:b5:de:30:d4:b1:d5:5b:
74:34:83:e7:de:1c:98:80:87:c8:20:52:99:c7:56:
1f:b5:6a:a0:f2:0e:bf:89:da:6e:e9:3b:8b:fc:15:
ad:e5:3e:ac:f6:61:1d:fb:1e:2b:3e:93:a3:8f:a8:
19:ff:d8:bf:f1:80:35:a0:c6:21:c4:93:3c:d8:f8:
cc:10:fa:18:41:10:30:38:ec:d1:24:13:55:b7:fa:
32:2d:a2:eb:1e:d6:4a:09:38:73:70:34:e3:ce:56:
2a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E2:58:F6:AA:E2:C7:F2:CC:4E:7B:F9:54:6B:D8:5B:87:45:7F:5C
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/OeJY9qrix_LMTnv5VGvYW4dFf1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.16.0/20
91.137.48.0/22
91.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
13:5f:b7:c1:44:2f:f4:13:09:03:3e:bf:cb:3b:53:2f:ff:0b:
3f:0e:11:67:c7:4d:eb:ca:1a:8c:b6:31:58:02:a3:42:4f:80:
5a:d0:fc:2a:44:aa:43:f6:46:29:61:6a:4c:1e:2f:ca:5a:1e:
b6:9c:f7:17:7b:89:b2:6c:28:68:0a:57:7e:0b:8a:6e:c9:3e:
53:95:9e:04:6e:98:fa:3d:77:8e:a2:f5:8f:75:93:1d:9c:22:
a5:c1:08:28:08:e6:f5:1f:6b:0a:0e:a9:0a:78:cb:93:6d:f2:
f3:ee:21:cd:7c:7c:c1:41:2d:fe:3a:e6:8b:36:bc:fd:9b:ac:
68:44:79:58:1f:03:05:27:3d:61:d0:ed:9d:38:24:ac:1c:ce:
b4:19:76:eb:b5:e8:15:f2:ab:30:4a:b6:b7:5f:20:bc:78:b3:
20:83:9b:ef:86:9d:ba:62:93:b8:ae:aa:bb:cb:fc:4a:9e:96:
a8:18:06:82:33:fc:19:7a:00:d0:8b:7b:55:2f:92:4e:17:d6:
7c:6f:a5:1e:f9:68:ba:7a:c1:9d:81:9f:cd:cb:90:7c:75:6b:
6f:ea:0b:c9:74:c9:93:fd:4f:56:3d:75:98:2d:a8:8f:b4:ff:
9a:de:44:96:c2:16:bf:bc:2a:df:04:57:b1:f7:c4:cd:bf:ac:
c9:a3:ba:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt1AwQAuTDxg9+xs4xfBEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWE4Mzg1YTE0ZmQ5OTY3OTc4YWU3ZjA2ZWM0ZGQ1MjIy
OWE0NGEwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWUyNThmNmFhZTJjN2YyY2M0ZTdiZjk1NDZiZDg1Yjg3NDU3ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0p+FQXrFzV3zWUZmFKVcWn7Bu57
o+xJ/iiZ8LwZF1LxoMcVq0IoSMEbS2cuzSCTQaWAlcmuKKjygmKKN5jA9I3yQCcL
gCPINleaD2qYuyTNc/sZ+jIuNqhqB3tZMwFZVo/noNElbev0MWSzOrV5mqbUWBSi
mDQeEXj/0irZfgE6WEaGOvfgBvGio54hH8HcLSL5MsHxKmrcX9fOmrXeMNSx1Vt0
NIPn3hyYgIfIIFKZx1YftWqg8g6/idpu6TuL/BWt5T6s9mEd+x4rPpOjj6gZ/9i/
8YA1oMYhxJM82PjMEPoYQRAwOOzRJBNVt/oyLaLrHtZKCThzcDTjzlYqYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDniWPaq4sfyzE57+VRr2FuHRX9cMB8GA1UdIwQY
MBaAFGDqg4WhT9mWeXiufwbsTdUiKaRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEt
ZjU0NTc3ZjdjYzBmLzEvT2VKWTlxcml4X0xNVG52NVZHdllXNGRGZjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEtZjU0NTc3ZjdjYzBm
LzEvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4kQAwQC
W4kwAwQDW4k4MA0GCSqGSIb3DQEBCwUAA4IBAQATX7fBRC/0EwkDPr/LO1Mv/ws/
DhFnx03ryhqMtjFYAqNCT4Ba0PwqRKpD9kYpYWpMHi/KWh62nPcXe4mybChoCld+
C4puyT5TlZ4Ebpj6PXeOovWPdZMdnCKlwQgoCOb1H2sKDqkKeMuTbfLz7iHNfHzB
QS3+OuaLNrz9m6xoRHlYHwMFJz1h0O2dOCSsHM60GXbrtegV8qswSra3XyC8eLMg
g5vvhp26YpO4rqq7y/xKnpaoGAaCM/wZegDQi3tVL5JOF9Z8b6Ue+Wi6esGdgZ/N
y5B8dWtv6gvJdMmT/U9WPXWYLaiPtP+a3kSWwha/vCrfBFex98TNv6zJo7pr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org