Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OiYY-3aQSrrJ6S0-Lbrvbmhf_qE.roa
File: OiYY-3aQSrrJ6S0-Lbrvbmhf_qE.roa (raw, json)
Hash identifier: MXG6fMCgtYKdwvVBhEArY/bACwHxOLjOhQMRfy62eXI=
Subject key identifier: 3A:26:18:FB:76:90:4A:BA:C9:E9:2D:3E:2D:BA:EF:6E:68:5F:FE:A1
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018E662291B499DB05FE4DDF89A040BD52C1
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OiYY-3aQSrrJ6S0-Lbrvbmhf_qE.roa
Signing time: Fri 22 Mar 2024 12:28:45 +0000
ROA not before: Fri 22 Mar 2024 12:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11325
IP address blocks: 91.201.140.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 26 Mar 2024 13:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:22:91:b4:99:db:05:fe:4d:df:89:a0:40:bd:52:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Mar 22 12:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a2618fb76904abac9e92d3e2dbaef6e685ffea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:63:af:a6:33:55:1d:03:56:53:ba:2a:84:
86:fe:f7:8b:d8:29:44:a3:2f:f9:69:3c:c5:18:7e:
de:06:15:c3:d3:b6:c5:a7:ea:1b:7a:7f:0e:59:f3:
d7:49:eb:2b:75:f2:c4:59:74:65:65:47:07:23:5e:
8f:f9:55:4c:9a:9c:da:54:9e:09:d4:cb:c9:3d:40:
ce:f8:88:c5:7d:53:32:eb:9a:db:12:04:66:c6:f9:
80:4a:74:34:bc:71:6d:73:a3:7a:d4:47:c9:99:b9:
db:88:15:cc:c8:b3:d3:21:56:76:ce:ce:f5:51:a8:
d7:cc:91:cf:e4:57:58:d5:ab:84:23:50:21:56:84:
8d:75:cc:d9:90:82:39:28:89:0c:ae:a9:67:1f:05:
06:9c:86:2c:8e:3c:4b:e4:cd:dd:8d:61:3e:b0:77:
1d:4b:8c:6b:27:bd:ab:82:5a:cf:22:d8:4b:27:08:
e9:c6:dc:eb:ac:cc:1c:bb:c1:e9:76:1a:6c:c6:60:
78:d3:ba:41:d7:c6:d2:94:da:ed:13:13:d5:ad:ce:
4d:aa:74:37:6a:ae:1a:b7:12:17:5d:bf:a5:35:58:
24:29:fe:02:60:30:b6:df:ba:9f:27:9c:f3:f6:6c:
41:6b:de:42:ed:3e:5f:88:07:d9:c6:7b:97:df:09:
67:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:26:18:FB:76:90:4A:BA:C9:E9:2D:3E:2D:BA:EF:6E:68:5F:FE:A1
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/OiYY-3aQSrrJ6S0-Lbrvbmhf_qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.140.0/23
Signature Algorithm: sha256WithRSAEncryption
07:bb:1a:4d:05:a2:30:8e:07:dd:0c:9c:2a:c3:09:d1:dc:5d:
fb:4a:d6:8c:70:bf:c4:04:f0:75:18:bf:a1:94:a4:e1:4c:b2:
05:60:bb:5a:5c:69:a2:83:02:51:fa:bf:d6:13:40:65:cb:c5:
e7:45:1e:5e:e5:c6:54:a5:8f:4e:1a:90:0a:0d:39:33:38:fd:
40:a3:ac:50:d9:21:0b:60:7e:67:1e:ed:94:be:f9:6b:06:7c:
a9:b1:41:38:6f:d7:ee:44:c8:a2:6c:8e:9b:55:3f:08:24:f2:
31:93:8c:67:d3:32:f3:2f:a7:3b:4e:7d:ed:5d:e7:a1:4c:56:
ee:8b:c8:da:14:bc:db:95:10:0f:64:d6:94:60:2d:81:55:43:
fe:6a:94:2e:67:5a:a1:3e:c0:3d:53:f4:b6:9a:f7:f2:46:b5:
e0:ed:f0:9d:64:55:22:5b:f7:e7:6f:64:5c:47:b5:c3:d9:e3:
6e:2b:ad:1b:9d:ec:b9:90:fc:02:53:3d:f2:e1:6d:ea:06:7f:
91:b9:b3:1f:43:9a:08:75:c2:63:eb:00:a1:9f:07:8b:e2:58:
00:3a:95:ea:5d:3c:a5:68:02:4f:1b:a0:54:72:e2:20:f1:fb:
76:1c:b8:d4:5e:55:67:dd:77:e4:4a:70:6e:e0:54:30:23:99:
6e:d6:d1:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mIpG0mdsF/k3fiaBAvVLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwMzIyMTIyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI2MThmYjc2OTA0YWJhYzllOTJkM2UyZGJhZWY2ZTY4NWZmZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNljr6YzVR0DVlO6KoSG/veL2ClE
oy/5aTzFGH7eBhXD07bFp+oben8OWfPXSesrdfLEWXRlZUcHI16P+VVMmpzaVJ4J
1MvJPUDO+IjFfVMy65rbEgRmxvmASnQ0vHFtc6N61EfJmbnbiBXMyLPTIVZ2zs71
UajXzJHP5FdY1auEI1AhVoSNdczZkII5KIkMrqlnHwUGnIYsjjxL5M3djWE+sHcd
S4xrJ72rglrPIthLJwjpxtzrrMwcu8HpdhpsxmB407pB18bSlNrtExPVrc5NqnQ3
aq4atxIXXb+lNVgkKf4CYDC237qfJ5zz9mxBa95C7T5fiAfZxnuX3wlnvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDomGPt2kEq6yektPi26725oX/6hMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvT2lZWS0zYVFTcnJKNlMwLUxicnZibWhmX3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8mMMA0G
CSqGSIb3DQEBCwUAA4IBAQAHuxpNBaIwjgfdDJwqwwnR3F37StaMcL/EBPB1GL+h
lKThTLIFYLtaXGmigwJR+r/WE0Bly8XnRR5e5cZUpY9OGpAKDTkzOP1Ao6xQ2SEL
YH5nHu2UvvlrBnypsUE4b9fuRMiibI6bVT8IJPIxk4xn0zLzL6c7Tn3tXeehTFbu
i8jaFLzblRAPZNaUYC2BVUP+apQuZ1qhPsA9U/S2mvfyRrXg7fCdZFUiW/fnb2Rc
R7XD2eNuK60bney5kPwCUz3y4W3qBn+RubMfQ5oIdcJj6wChnweL4lgAOpXqXTyl
aAJPG6BUcuIg8ft2HLjUXlVn3XfkSnBu4FQwI5lu1tGw
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:18 2024 by rpki-client on console-fra.rpki-client.org