Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/rOicoMbIgImd7TXHt0b4oKmweYI.roa
File: rOicoMbIgImd7TXHt0b4oKmweYI.roa (raw, json)
Hash identifier: kDuN2KRWmhq521MD5ouTBJFe5hR0NLjjcUDUc85vSLk=
Subject key identifier: AC:E8:9C:A0:C6:C8:80:89:9D:ED:35:C7:B7:46:F8:A0:A9:B0:79:82
Certificate issuer: /CN=ba7d4ac1344ec38dce99768d78a114ebf7f17d85
Certificate serial: 018572FA68CCD64D8B682E32C8B23977BBB4
Authority key identifier: BA:7D:4A:C1:34:4E:C3:8D:CE:99:76:8D:78:A1:14:EB:F7:F1:7D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/un1KwTROw43OmXaNeKEU6_fxfYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/rOicoMbIgImd7TXHt0b4oKmweYI.roa
Signing time: Mon 02 Jan 2023 14:54:51 +0000
ROA not before: Mon 02 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198851
IP address blocks: 91.239.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:68:cc:d6:4d:8b:68:2e:32:c8:b2:39:77:bb:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba7d4ac1344ec38dce99768d78a114ebf7f17d85
Validity
Not Before: Jan 2 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ace89ca0c6c880899ded35c7b746f8a0a9b07982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:89:48:75:45:2e:91:14:82:1a:f2:13:c6:eb:
9c:ec:7f:0e:68:a0:16:87:80:b0:50:67:72:86:15:
39:39:a1:a8:d6:35:e2:dd:40:c0:7a:39:97:82:91:
f9:a0:a7:23:5a:5d:3e:73:ea:9b:9f:12:56:08:2f:
b8:91:b0:71:cb:05:22:d1:5f:62:73:19:ec:00:8f:
f7:a5:c2:4d:75:d6:08:ab:d2:fd:93:65:0e:77:d0:
15:5e:07:28:fa:a5:60:e7:48:33:e8:7d:66:40:93:
17:76:a8:4d:8e:7b:50:ba:b2:f4:d2:62:b7:db:36:
62:4e:91:89:f9:84:ba:da:44:89:31:e6:f9:e5:36:
18:ca:49:15:05:65:16:93:b9:74:f0:7c:7b:fc:30:
ce:c0:0a:12:76:5c:0a:bd:8d:ef:a7:3c:06:99:ac:
0a:0c:19:da:94:86:fe:41:3a:b7:bc:57:8a:85:03:
76:80:55:bc:da:f4:21:7b:7a:a5:5a:fa:d4:32:79:
c0:11:13:f9:ad:1e:d8:7d:5c:d9:04:3f:3e:95:a3:
cb:e0:2f:2b:6f:ee:ae:7b:49:35:12:08:a1:5e:f3:
59:37:e4:40:c5:f5:68:f9:33:ba:b7:3a:d3:73:e7:
6b:2c:1b:48:70:aa:e0:16:45:3e:8b:e9:1d:05:8d:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E8:9C:A0:C6:C8:80:89:9D:ED:35:C7:B7:46:F8:A0:A9:B0:79:82
X509v3 Authority Key Identifier:
keyid:BA:7D:4A:C1:34:4E:C3:8D:CE:99:76:8D:78:A1:14:EB:F7:F1:7D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/un1KwTROw43OmXaNeKEU6_fxfYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/rOicoMbIgImd7TXHt0b4oKmweYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b66125-6844-4a87-9bb5-af42623ea431/1/un1KwTROw43OmXaNeKEU6_fxfYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:eb:f9:67:71:c6:21:20:2b:1b:4c:a2:bc:cf:ac:16:32:ad:
4a:01:90:24:c9:05:5d:36:86:4a:0a:0b:2a:5a:49:bf:96:aa:
d3:4d:32:34:fa:16:79:90:65:9d:bc:ed:c8:a7:e6:b1:31:27:
54:09:1b:21:c5:38:d3:75:34:43:e6:23:e6:22:8e:d8:58:90:
db:6a:0e:97:37:3d:51:88:ca:35:04:61:04:ca:31:ce:3e:3e:
8c:ff:40:ff:5e:2e:12:1b:0b:02:ee:de:96:a8:31:36:27:22:
61:95:f1:7f:8b:37:53:75:4e:74:31:54:4c:1a:cb:be:5b:21:
4a:e5:71:ca:92:f4:c2:46:a3:19:6f:78:c6:55:d0:64:75:ee:
28:b1:17:ba:d9:a8:e3:e2:63:2a:9b:c4:3e:fc:ed:9f:54:4d:
2a:c8:fa:77:7e:4d:14:ad:a0:46:64:ba:c6:8d:dc:53:53:f2:
93:76:42:9c:ab:78:04:f9:3a:ee:30:2d:b5:a9:43:68:a9:3f:
1c:4b:80:a8:ae:dc:54:0f:3b:a3:11:6b:00:e8:17:79:e4:62:
6c:b1:f1:5f:5d:c7:4f:ef:51:54:6f:37:28:20:d2:d3:0c:96:
32:49:42:c4:38:63:8d:6d:59:37:b6:f7:14:ae:cf:f1:33:2a:
b7:aa:d2:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+mjM1k2LaC4yyLI5d7u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhN2Q0YWMxMzQ0ZWMzOGRjZTk5NzY4ZDc4YTExNGViZjdm
MTdkODUwHhcNMjMwMTAyMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U4OWNhMGM2Yzg4MDg5OWRlZDM1YzdiNzQ2ZjhhMGE5YjA3OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4lIdUUukRSCGvITxuuc7H8OaKAW
h4CwUGdyhhU5OaGo1jXi3UDAejmXgpH5oKcjWl0+c+qbnxJWCC+4kbBxywUi0V9i
cxnsAI/3pcJNddYIq9L9k2UOd9AVXgco+qVg50gz6H1mQJMXdqhNjntQurL00mK3
2zZiTpGJ+YS62kSJMeb55TYYykkVBWUWk7l08Hx7/DDOwAoSdlwKvY3vpzwGmawK
DBnalIb+QTq3vFeKhQN2gFW82vQhe3qlWvrUMnnAERP5rR7YfVzZBD8+laPL4C8r
b+6ue0k1EgihXvNZN+RAxfVo+TO6tzrTc+drLBtIcKrgFkU+i+kdBY1SMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzonKDGyICJne01x7dG+KCpsHmCMB8GA1UdIwQY
MBaAFLp9SsE0TsONzpl2jXihFOv38X2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW4xS3dUUk93NDNPbVhhTmVLRVU2X2Z4ZllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iNjYxMjUtNjg0NC00YTg3LTliYjUt
YWY0MjYyM2VhNDMxLzEvck9pY29NYklnSW1kN1RYSHQwYjRvS213ZVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iNjYxMjUtNjg0NC00YTg3LTliYjUtYWY0MjYyM2VhNDMx
LzEvdW4xS3dUUk93NDNPbVhhTmVLRVU2X2Z4ZllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/+MA0G
CSqGSIb3DQEBCwUAA4IBAQAM6/lnccYhICsbTKK8z6wWMq1KAZAkyQVdNoZKCgsq
Wkm/lqrTTTI0+hZ5kGWdvO3Ip+axMSdUCRshxTjTdTRD5iPmIo7YWJDbag6XNz1R
iMo1BGEEyjHOPj6M/0D/Xi4SGwsC7t6WqDE2JyJhlfF/izdTdU50MVRMGsu+WyFK
5XHKkvTCRqMZb3jGVdBkde4osRe62ajj4mMqm8Q+/O2fVE0qyPp3fk0UraBGZLrG
jdxTU/KTdkKcq3gE+TruMC21qUNoqT8cS4CortxUDzujEWsA6Bd55GJssfFfXcdP
71FUbzcoINLTDJYySULEOGONbVk3tvcUrs/xMyq3qtLV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:58 2024 by rpki-client on console-ams.rpki-client.org