Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/onb-9kIk1QXZ0w-aQAIV0dfxfjg.roa
File: onb-9kIk1QXZ0w-aQAIV0dfxfjg.roa (raw, json)
Hash identifier: A4kCyHJlGAS8Y4dQARP/3t3URh6vMDjUnznOIoxyuJs=
Subject key identifier: A2:76:FE:F6:42:24:D5:05:D9:D3:0F:9A:40:02:15:D1:D7:F1:7E:38
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018F52BA5EA5668929BF877D0F3C7A5E5077
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/onb-9kIk1QXZ0w-aQAIV0dfxfjg.roa
Signing time: Tue 07 May 2024 11:04:56 +0000
ROA not before: Tue 07 May 2024 11:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206119
IP address blocks: 45.133.37.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 13:17:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:ba:5e:a5:66:89:29:bf:87:7d:0f:3c:7a:5e:50:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 7 11:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a276fef64224d505d9d30f9a400215d1d7f17e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:6d:c5:b6:80:5f:be:57:a6:92:69:9b:92:
98:01:f9:06:8f:6d:75:9d:db:3f:5e:3b:d9:11:99:
b2:4e:0e:f1:df:78:bb:e9:9f:db:57:d0:28:97:9c:
d0:4a:64:62:a1:9e:e5:22:92:d2:98:df:57:ef:fa:
64:b1:1a:42:e6:99:97:dd:c6:85:e5:e9:b1:78:3c:
e8:11:21:6d:77:9f:56:ec:38:17:fd:90:4a:66:a9:
73:c5:85:80:12:bd:5c:20:fd:2e:80:0b:57:2d:12:
03:95:f5:da:b3:87:e9:0f:3a:c2:03:fe:00:19:d1:
e2:9b:e1:61:24:86:2c:8b:c2:f2:47:ca:f5:5d:8f:
6c:b1:cc:d8:31:f1:28:b6:83:d7:46:ba:13:bd:f3:
ad:76:45:68:51:da:0c:f2:79:e8:dc:26:1b:13:67:
e2:c6:ca:d1:11:7f:e0:68:89:b2:28:c4:ae:47:18:
74:e1:68:38:42:5c:8b:3e:ae:d2:e1:26:69:e8:ce:
d0:aa:f0:2d:c4:8e:92:94:2f:4b:ca:02:a5:79:e8:
e1:b3:40:99:17:4c:c1:0a:01:b6:e3:03:0e:ff:6f:
14:68:0c:ee:fd:cc:d7:cb:f2:f4:cf:cc:9a:0e:14:
fc:74:7b:16:9f:49:83:40:a6:9b:f3:c7:1b:94:c6:
96:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:76:FE:F6:42:24:D5:05:D9:D3:0F:9A:40:02:15:D1:D7:F1:7E:38
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/onb-9kIk1QXZ0w-aQAIV0dfxfjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.37.0/24
185.169.183.0/24
185.174.21.0/24
Signature Algorithm: sha256WithRSAEncryption
13:00:fc:48:86:cc:c7:07:b2:64:fc:3f:b6:fe:e2:ae:a4:39:
2c:9e:4b:f6:65:48:81:82:8c:b1:c5:72:9d:9a:f8:c7:2b:98:
dd:76:80:73:a3:59:41:6f:f7:c7:8d:41:d4:a7:71:8e:ad:4f:
8e:ca:2e:05:ce:de:25:77:8d:d1:c5:fd:4a:37:11:cc:89:73:
cc:c7:cd:96:d3:bc:96:ec:8d:dc:e6:50:78:1b:e2:b8:fb:06:
11:bc:c1:1d:37:8f:9c:03:e9:93:c9:ed:2f:a2:a4:09:7d:af:
b7:45:64:3c:04:6e:00:ee:95:01:5f:e3:ac:2d:cd:1a:46:c1:
91:7b:b2:5d:b2:de:03:94:42:9c:ef:c3:8c:e7:29:76:3b:51:
5d:99:7d:a8:9d:ea:e5:e4:58:3f:ad:ed:4c:df:73:ab:89:91:
69:24:61:e1:88:14:94:14:a6:11:cf:b7:18:77:53:2b:ea:42:
e0:31:c9:5f:37:be:74:a8:1f:8e:7a:eb:2d:62:82:48:ff:60:
f0:56:9d:7d:05:be:71:4a:b3:a7:81:32:78:3a:55:74:55:99:
2c:b5:32:a9:39:e6:5a:b8:0a:d9:0c:27:2b:58:80:15:84:9b:
88:52:ee:46:64:e5:80:d3:94:f5:05:3e:36:33:26:5b:c4:fe:
2e:a2:f2:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9Sul6lZokpv4d9Dzx6XlB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwNTA3MTEwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc2ZmVmNjQyMjRkNTA1ZDlkMzBmOWE0MDAyMTVkMWQ3ZjE3ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF9txbaAX75XppJpm5KYAfkGj211
nds/XjvZEZmyTg7x33i76Z/bV9Aol5zQSmRioZ7lIpLSmN9X7/pksRpC5pmX3caF
5emxeDzoESFtd59W7DgX/ZBKZqlzxYWAEr1cIP0ugAtXLRIDlfXas4fpDzrCA/4A
GdHim+FhJIYsi8LyR8r1XY9ssczYMfEotoPXRroTvfOtdkVoUdoM8nno3CYbE2fi
xsrREX/gaImyKMSuRxh04Wg4QlyLPq7S4SZp6M7QqvAtxI6SlC9LygKleejhs0CZ
F0zBCgG24wMO/28UaAzu/czXy/L0z8yaDhT8dHsWn0mDQKab88cblMaWcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKJ2/vZCJNUF2dMPmkACFdHX8X44MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvb25iLTlrSWsxUVhaMHctYVFBSVYwZGZ4ZmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYUlAwQA
uam3AwQAua4VMA0GCSqGSIb3DQEBCwUAA4IBAQATAPxIhszHB7Jk/D+2/uKupDks
nkv2ZUiBgoyxxXKdmvjHK5jddoBzo1lBb/fHjUHUp3GOrU+Oyi4Fzt4ld43Rxf1K
NxHMiXPMx82W07yW7I3c5lB4G+K4+wYRvMEdN4+cA+mTye0voqQJfa+3RWQ8BG4A
7pUBX+OsLc0aRsGRe7Jdst4DlEKc78OM5yl2O1FdmX2onerl5Fg/re1M33OriZFp
JGHhiBSUFKYRz7cYd1Mr6kLgMclfN750qB+OeustYoJI/2DwVp19Bb5xSrOngTJ4
OlV0VZkstTKpOeZauArZDCcrWIAVhJuIUu5GZOWA05T1BT42MyZbxP4uovK+
-----END CERTIFICATE-----
Generated at Tue May 7 17:27:43 2024 by rpki-client on console-fra.rpki-client.org