Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/OhNA8QRya5X4hHCg8W9PF6yG-LA.roa
File: OhNA8QRya5X4hHCg8W9PF6yG-LA.roa (raw, json)
Hash identifier: NwoTcU/M8EPSFsXjX4uuPoAcNJRgvkFAMwk44tjCFOk=
Subject key identifier: 3A:13:40:F1:04:72:6B:95:F8:84:70:A0:F1:6F:4F:17:AC:86:F8:B0
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A11748B88C2971F7F17B0839F3CC92684
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/OhNA8QRya5X4hHCg8W9PF6yG-LA.roa
Signing time: Sun 20 Aug 2023 05:39:25 +0000
ROA not before: Sun 20 Aug 2023 05:39:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 11:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:11:74:8b:88:c2:97:1f:7f:17:b0:83:9f:3c:c9:26:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 20 05:39:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a1340f104726b95f88470a0f16f4f17ac86f8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:17:26:bb:88:cf:01:3e:e3:0c:36:0b:4c:2b:
0e:2b:63:eb:c4:8e:f6:80:9b:56:6e:8e:19:c4:91:
06:c1:0d:31:54:46:d6:13:98:d7:00:2e:d4:20:8b:
e0:55:e0:8f:6b:be:e9:cb:c5:0f:9c:84:14:34:dc:
80:2c:ca:21:4f:4f:83:7a:cc:0f:20:49:82:56:a7:
fb:d1:6f:2b:6e:26:7b:14:69:b2:83:d4:a3:37:e7:
58:0d:18:da:47:41:13:66:29:41:ea:71:1d:6f:20:
2d:2c:eb:b6:97:a8:3a:64:8d:75:5d:d2:05:0e:fd:
17:e9:30:b6:0a:39:9b:0d:3e:45:49:85:07:52:50:
21:dd:aa:b5:f1:8b:fc:16:7a:d7:6b:4e:85:44:e1:
14:c1:d7:65:0e:ad:2b:5d:1d:94:3e:2e:fe:91:36:
58:96:27:fb:95:8b:fc:f3:cb:eb:b4:69:0b:cb:e1:
e2:7f:54:4f:5d:49:d0:cc:d1:44:3e:18:ac:bb:e1:
f3:2d:33:6c:5e:68:53:23:f1:9e:4d:42:6d:07:69:
8d:7b:4a:c8:93:e5:32:93:82:ca:a7:d7:e9:54:2e:
7d:81:e4:a6:7c:98:f9:42:c4:52:51:1f:37:f7:f7:
1f:e2:64:3e:68:8e:cc:8a:e9:65:ea:6d:1b:8c:4f:
64:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:13:40:F1:04:72:6B:95:F8:84:70:A0:F1:6F:4F:17:AC:86:F8:B0
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/OhNA8QRya5X4hHCg8W9PF6yG-LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.1.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:99:85:2c:28:db:86:39:d7:a4:f6:b1:1d:48:5d:f1:98:0a:
89:41:4d:9b:54:a3:d9:3f:92:d5:ee:df:40:62:b6:6e:17:31:
18:3c:bb:19:2a:9c:5d:41:3d:77:6b:42:6b:8a:0e:fb:f2:95:
86:9e:c2:06:15:e1:f7:56:6f:f6:7f:11:93:88:5c:cd:57:5c:
dd:6c:42:6e:fd:9a:01:0b:18:09:6d:ac:7f:2a:2c:44:ad:21:
64:8e:92:ac:74:af:b9:5d:78:ac:1d:10:f3:ef:19:39:82:04:
ac:70:c3:b6:3d:db:df:8b:14:fd:24:6b:2e:f0:bb:fc:f1:93:
d9:75:9f:05:4b:4f:6c:85:94:22:8c:d1:55:49:20:63:41:7f:
1c:43:7d:3f:1c:ac:fe:62:54:5b:9f:b8:48:d8:79:38:86:f1:
ca:97:14:09:55:01:9f:37:d8:bf:de:3e:9f:a8:27:23:8e:bf:
2c:59:79:19:0c:33:75:81:4b:de:1e:00:79:54:2a:a9:68:22:
96:b3:2d:15:8a:c3:cb:3a:26:8d:90:fc:e6:18:c3:88:4c:b1:
22:4e:ec:ea:52:09:4c:64:5f:2f:34:5b:90:34:2c:53:c8:0a:
dc:de:07:42:8e:cd:50:1a:25:a2:f8:9c:c0:b4:7e:75:28:e0:
5f:2d:ca:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoRdIuIwpcffxewg588ySaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODIwMDUzOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTEzNDBmMTA0NzI2Yjk1Zjg4NDcwYTBmMTZmNGYxN2FjODZmOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhcmu4jPAT7jDDYLTCsOK2PrxI72
gJtWbo4ZxJEGwQ0xVEbWE5jXAC7UIIvgVeCPa77py8UPnIQUNNyALMohT0+DeswP
IEmCVqf70W8rbiZ7FGmyg9SjN+dYDRjaR0ETZilB6nEdbyAtLOu2l6g6ZI11XdIF
Dv0X6TC2CjmbDT5FSYUHUlAh3aq18Yv8FnrXa06FROEUwddlDq0rXR2UPi7+kTZY
lif7lYv888vrtGkLy+Hif1RPXUnQzNFEPhisu+HzLTNsXmhTI/GeTUJtB2mNe0rI
k+Uyk4LKp9fpVC59geSmfJj5QsRSUR839/cf4mQ+aI7Miull6m0bjE9kTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDoTQPEEcmuV+IRwoPFvTxeshviwMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvT2hOQThRUnlhNVg0aEhDZzhXOVBGNnlHLUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQA
URaHAwQAWbkBAwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQAMmYUsKNuGOdek9rEd
SF3xmAqJQU2bVKPZP5LV7t9AYrZuFzEYPLsZKpxdQT13a0Jrig778pWGnsIGFeH3
Vm/2fxGTiFzNV1zdbEJu/ZoBCxgJbax/KixErSFkjpKsdK+5XXisHRDz7xk5ggSs
cMO2PdvfixT9JGsu8Lv88ZPZdZ8FS09shZQijNFVSSBjQX8cQ30/HKz+YlRbn7hI
2Hk4hvHKlxQJVQGfN9i/3j6fqCcjjr8sWXkZDDN1gUveHgB5VCqpaCKWsy0VisPL
OiaNkPzmGMOITLEiTuzqUglMZF8vNFuQNCxTyArc3gdCjs1QGiWi+JzAtH51KOBf
Lcol
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org