Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/OYvc5iohx8z-5MEQsaMY8AwljVI.roa
File: OYvc5iohx8z-5MEQsaMY8AwljVI.roa (raw, json)
Hash identifier: Pww1T/xEXZeVwFpZpBgdXro95y2rY0B4ZZwIrh7G2xs=
Subject key identifier: 39:8B:DC:E6:2A:21:C7:CC:FE:E4:C1:10:B1:A3:18:F0:0C:25:8D:52
Certificate issuer: /CN=4d10e9d4f4afb8a4d1b919ec8593f46ba3bba7f7
Certificate serial: 0185708298D2F00FAA5970A5B192211FD2AE
Authority key identifier: 4D:10:E9:D4:F4:AF:B8:A4:D1:B9:19:EC:85:93:F4:6B:A3:BB:A7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRDp1PSvuKTRuRnshZP0a6O7p_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/OYvc5iohx8z-5MEQsaMY8AwljVI.roa
Signing time: Mon 02 Jan 2023 03:24:45 +0000
ROA not before: Mon 02 Jan 2023 03:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198592
IP address blocks: 91.236.253.0/24 maxlen: 24
91.236.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:98:d2:f0:0f:aa:59:70:a5:b1:92:21:1f:d2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d10e9d4f4afb8a4d1b919ec8593f46ba3bba7f7
Validity
Not Before: Jan 2 03:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=398bdce62a21c7ccfee4c110b1a318f00c258d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0b:3e:af:25:d5:76:01:be:d2:23:8c:26:16:
fb:56:1d:42:39:00:45:e5:72:1a:0c:11:e2:9d:94:
4d:68:22:9d:fe:ec:e4:20:3d:8f:97:d9:04:e9:3b:
c4:0b:16:cb:97:54:12:10:9e:24:7d:3d:b2:c5:a5:
8a:5a:0d:bb:b5:54:69:7c:78:40:c8:6a:85:ed:6b:
eb:69:36:82:52:99:44:b6:72:df:88:03:ec:84:7f:
b7:7b:d7:11:87:35:96:04:f8:a4:9f:cf:19:ef:b6:
13:23:64:d5:1e:d3:7c:8a:b1:e4:35:af:cb:ed:b2:
d9:cd:54:6a:1c:98:c2:b6:ba:35:1d:64:41:37:91:
74:c1:5d:74:17:65:eb:c3:bc:ea:18:3c:b8:50:29:
10:35:08:c3:81:8b:1f:53:6c:63:96:32:b3:1a:18:
21:bb:2a:a3:d5:e9:6c:fe:6c:de:5d:3a:00:2c:7a:
5c:3e:32:aa:7f:78:fe:77:50:66:a6:4d:3d:e8:06:
4f:4c:ec:1a:66:b3:e6:f4:cc:8f:6c:6e:49:12:73:
84:f1:8c:5e:1b:2a:31:f3:b9:35:0a:68:7d:87:4a:
09:09:9d:96:65:d7:31:60:16:cb:45:c3:81:7a:96:
8e:9d:b0:44:5c:36:78:f1:2d:fb:5e:39:55:2b:a0:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:DC:E6:2A:21:C7:CC:FE:E4:C1:10:B1:A3:18:F0:0C:25:8D:52
X509v3 Authority Key Identifier:
keyid:4D:10:E9:D4:F4:AF:B8:A4:D1:B9:19:EC:85:93:F4:6B:A3:BB:A7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRDp1PSvuKTRuRnshZP0a6O7p_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/OYvc5iohx8z-5MEQsaMY8AwljVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e3d8b1-101f-40e8-bcd3-155af9d83036/1/TRDp1PSvuKTRuRnshZP0a6O7p_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.252.0/23
Signature Algorithm: sha256WithRSAEncryption
15:93:01:ef:04:4f:a0:0c:43:14:d9:40:a7:a3:da:a0:2b:c5:
27:f0:fe:c6:c3:b1:b3:75:89:3e:bc:2b:60:17:48:30:cd:b5:
ef:a2:f7:09:be:89:04:1c:58:c9:8f:b9:c1:8c:2d:01:f2:78:
27:db:f7:54:f8:f3:29:3b:64:8d:b6:fc:4e:c0:d1:6f:db:ae:
e3:09:71:0d:61:56:34:fc:30:ef:89:6f:cc:fd:65:88:ad:42:
d5:14:a2:cf:3b:77:80:b2:b5:65:a3:75:ea:5a:ac:83:23:51:
bd:01:6e:6a:55:54:e4:81:9e:26:61:9c:b5:89:3d:f1:95:0e:
f2:cb:35:37:64:6c:02:1f:3a:4a:58:25:04:71:f5:86:17:27:
71:48:1d:88:f7:c6:b9:17:63:50:8b:7b:ad:8a:3c:12:be:1b:
56:b5:c0:20:ce:a5:49:20:40:22:ca:1d:4d:05:d6:fd:d6:71:
50:05:aa:8f:45:76:0b:84:92:0c:f9:70:30:4a:4b:fd:e2:be:
21:59:e7:5c:9b:9e:dc:72:21:4b:25:4c:2d:50:39:ca:07:55:
cb:42:c7:bd:78:4a:2e:8f:25:77:19:52:00:c4:7e:88:69:63:
67:d1:0b:f4:6a:81:e9:c5:b3:5f:c4:24:3c:31:29:c1:f7:bb:
a8:34:7c:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgpjS8A+qWXClsZIhH9KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTBlOWQ0ZjRhZmI4YTRkMWI5MTllYzg1OTNmNDZiYTNi
YmE3ZjcwHhcNMjMwMTAyMDMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThiZGNlNjJhMjFjN2NjZmVlNGMxMTBiMWEzMThmMDBjMjU4ZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQs+ryXVdgG+0iOMJhb7Vh1COQBF
5XIaDBHinZRNaCKd/uzkID2Pl9kE6TvECxbLl1QSEJ4kfT2yxaWKWg27tVRpfHhA
yGqF7WvraTaCUplEtnLfiAPshH+3e9cRhzWWBPikn88Z77YTI2TVHtN8irHkNa/L
7bLZzVRqHJjCtro1HWRBN5F0wV10F2Xrw7zqGDy4UCkQNQjDgYsfU2xjljKzGhgh
uyqj1els/mzeXToALHpcPjKqf3j+d1Bmpk096AZPTOwaZrPm9MyPbG5JEnOE8Yxe
Gyox87k1Cmh9h0oJCZ2WZdcxYBbLRcOBepaOnbBEXDZ48S37XjlVK6A0vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmL3OYqIcfM/uTBELGjGPAMJY1SMB8GA1UdIwQY
MBaAFE0Q6dT0r7ik0bkZ7IWT9Guju6f3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJEcDFQU3Z1S1RSdVJuc2haUDBhNk83cF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lM2Q4YjEtMTAxZi00MGU4LWJjZDMt
MTU1YWY5ZDgzMDM2LzEvT1l2YzVpb2h4OHotNU1FUXNhTVk4QXdsalZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lM2Q4YjEtMTAxZi00MGU4LWJjZDMtMTU1YWY5ZDgzMDM2
LzEvVFJEcDFQU3Z1S1RSdVJuc2haUDBhNk83cF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+z8MA0G
CSqGSIb3DQEBCwUAA4IBAQAVkwHvBE+gDEMU2UCno9qgK8Un8P7Gw7GzdYk+vCtg
F0gwzbXvovcJvokEHFjJj7nBjC0B8ngn2/dU+PMpO2SNtvxOwNFv267jCXENYVY0
/DDviW/M/WWIrULVFKLPO3eAsrVlo3XqWqyDI1G9AW5qVVTkgZ4mYZy1iT3xlQ7y
yzU3ZGwCHzpKWCUEcfWGFydxSB2I98a5F2NQi3utijwSvhtWtcAgzqVJIEAiyh1N
Bdb91nFQBaqPRXYLhJIM+XAwSkv94r4hWedcm57cciFLJUwtUDnKB1XLQse9eEou
jyV3GVIAxH6IaWNn0Qv0aoHpxbNfxCQ8MSnB97uoNHzr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org