Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OLSRsMGQdlyPQA4PVXaGqh2RZxo.roa
File: OLSRsMGQdlyPQA4PVXaGqh2RZxo.roa (raw, json)
Hash identifier: AvvraxxTevOWPBphjjYFKGm6iN2OTeNDQ85QIab4u88=
Subject key identifier: 38:B4:91:B0:C1:90:76:5C:8F:40:0E:0F:55:76:86:AA:1D:91:67:1A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192D3568BA5768B93BB72E6D047F374F8D1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OLSRsMGQdlyPQA4PVXaGqh2RZxo.roa
Signing time: Mon 28 Oct 2024 13:35:17 +0000
ROA not before: Mon 28 Oct 2024 13:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207957
IP address blocks: 45.128.99.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 05:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:56:8b:a5:76:8b:93:bb:72:e6:d0:47:f3:74:f8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 28 13:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b491b0c190765c8f400e0f557686aa1d91671a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:b2:31:9e:e7:eb:c7:38:d2:7a:db:30:ac:
d2:95:7f:b9:42:8d:2f:ea:6e:07:4e:65:69:99:74:
27:9a:61:cc:eb:64:e3:b9:5c:65:59:05:8c:cb:3b:
1d:da:8a:b8:2b:d3:26:36:ff:cb:64:a0:17:a0:a7:
6b:83:b2:57:fb:69:c6:1a:14:b1:5c:26:ee:49:e4:
46:90:ff:a6:f1:8c:c9:61:27:7d:63:dd:e3:bb:1c:
df:3a:00:66:8f:24:cf:01:9a:58:4f:2f:d8:e7:f9:
ad:42:d8:d3:60:bf:94:98:11:e0:c0:7b:fd:74:d8:
bd:a1:54:c1:76:79:14:e2:7f:30:77:bd:53:f5:fe:
d6:1f:31:5d:09:fb:c3:4f:5f:a2:9d:29:25:e6:9b:
2a:80:77:f0:17:4f:38:b1:5c:b3:26:83:0d:fc:8f:
79:3c:43:fb:e2:84:25:c0:3d:d6:fb:56:ba:98:d8:
d3:de:da:3f:7f:54:f6:d2:99:57:b2:8c:1f:81:bf:
bc:83:7f:d8:f3:f1:94:93:d6:a9:62:48:6e:a6:e9:
d2:5c:e7:32:45:b3:70:a4:9b:48:0f:a1:c0:0b:13:
b8:56:40:69:0e:c5:42:66:52:d5:54:3c:d2:13:a3:
e9:b7:cd:e0:f6:bd:0b:fc:04:ea:10:12:62:ee:65:
9b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B4:91:B0:C1:90:76:5C:8F:40:0E:0F:55:76:86:AA:1D:91:67:1A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OLSRsMGQdlyPQA4PVXaGqh2RZxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.99.0/24
45.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d5:76:ed:04:80:a5:8f:27:91:66:52:8e:bc:cb:56:1e:75:
af:43:42:a4:83:59:55:7b:51:13:56:69:32:93:3d:1a:21:cf:
5f:a9:51:2e:95:c7:8e:db:73:7c:11:a3:d9:d7:59:36:8e:40:
62:e7:c7:5e:a8:f4:75:18:59:be:ab:29:78:cb:62:9c:67:da:
a6:dd:93:3f:68:88:48:80:28:22:2a:85:5b:73:c7:33:6d:c0:
3e:55:f8:e5:5c:a4:51:d6:27:61:64:45:e8:fb:42:94:1f:fb:
44:49:22:e9:ad:a5:73:1d:22:d9:8e:9b:b4:5b:1e:36:29:16:
c3:d2:bb:1e:0f:1e:71:d4:5c:1e:e3:ce:5a:eb:a7:5c:80:4e:
ee:bb:62:e8:ec:7e:0c:b2:ec:a8:d3:10:b7:fe:a5:63:5c:46:
36:38:d0:c6:60:ce:35:8f:fe:a4:dc:27:ce:44:fe:95:35:e9:
95:1e:6b:7f:ab:71:c5:30:f8:d8:c3:c8:9f:3f:af:23:ce:c1:
1d:30:a8:67:88:12:37:37:f1:d4:84:18:55:c7:e1:95:b6:8a:
0e:10:24:09:12:b5:ec:1b:b4:33:50:e9:78:42:2c:34:09:76:
e6:4f:4a:b1:66:22:cc:34:34:89:6b:d7:da:45:d2:a4:0a:a5:
90:15:b8:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLTVouldouTu3Lm0EfzdPjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI4MTMzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI0OTFiMGMxOTA3NjVjOGY0MDBlMGY1NTc2ODZhYTFkOTE2NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof2yMZ7n68c40nrbMKzSlX+5Qo0v
6m4HTmVpmXQnmmHM62TjuVxlWQWMyzsd2oq4K9MmNv/LZKAXoKdrg7JX+2nGGhSx
XCbuSeRGkP+m8YzJYSd9Y93juxzfOgBmjyTPAZpYTy/Y5/mtQtjTYL+UmBHgwHv9
dNi9oVTBdnkU4n8wd71T9f7WHzFdCfvDT1+inSkl5psqgHfwF084sVyzJoMN/I95
PEP74oQlwD3W+1a6mNjT3to/f1T20plXsowfgb+8g3/Y8/GUk9apYkhupunSXOcy
RbNwpJtID6HACxO4VkBpDsVCZlLVVDzSE6Ppt83g9r0L/ATqEBJi7mWbpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDi0kbDBkHZcj0AOD1V2hqodkWcaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT0xTUnNNR1FkbHlQUUE0UFZYYUdxaDJSWnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYBjAwQA
LZXrMA0GCSqGSIb3DQEBCwUAA4IBAQCj1XbtBICljyeRZlKOvMtWHnWvQ0Kkg1lV
e1ETVmkykz0aIc9fqVEulceO23N8EaPZ11k2jkBi58deqPR1GFm+qyl4y2KcZ9qm
3ZM/aIhIgCgiKoVbc8czbcA+VfjlXKRR1idhZEXo+0KUH/tESSLpraVzHSLZjpu0
Wx42KRbD0rseDx5x1Fwe485a66dcgE7uu2Lo7H4Msuyo0xC3/qVjXEY2ONDGYM41
j/6k3CfORP6VNemVHmt/q3HFMPjYw8ifP68jzsEdMKhniBI3N/HUhBhVx+GVtooO
ECQJErXsG7QzUOl4Qiw0CXbmT0qxZiLMNDSJa9faRdKkCqWQFbhi
-----END CERTIFICATE-----
Generated at Tue Oct 29 09:23:25 2024 by rpki-client on console-ams.rpki-client.org