Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/OCidmzbySnHzRG7XGJ1dDFAeQNg.roa
File: OCidmzbySnHzRG7XGJ1dDFAeQNg.roa (raw, json)
Hash identifier: coJGZkJKzQWl3k4vbMJZCVVXL1OkGlGhHNHUbav+iTA=
Subject key identifier: 38:28:9D:9B:36:F2:4A:71:F3:44:6E:D7:18:9D:5D:0C:50:1E:40:D8
Certificate issuer: /CN=542f7ea90d2a2b4202e578b25ba139b3c8e62928
Certificate serial: 01856F26CDBED30407ADB2A308DF078BF3AA
Authority key identifier: 54:2F:7E:A9:0D:2A:2B:42:02:E5:78:B2:5B:A1:39:B3:C8:E6:29:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/OCidmzbySnHzRG7XGJ1dDFAeQNg.roa
Signing time: Sun 01 Jan 2023 21:04:52 +0000
ROA not before: Sun 01 Jan 2023 21:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35007
IP address blocks: 91.201.120.0/22 maxlen: 22
185.221.80.0/22 maxlen: 22
195.225.36.0/23 maxlen: 23
195.160.184.0/23 maxlen: 23
93.157.112.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:cd:be:d3:04:07:ad:b2:a3:08:df:07:8b:f3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f7ea90d2a2b4202e578b25ba139b3c8e62928
Validity
Not Before: Jan 1 21:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38289d9b36f24a71f3446ed7189d5d0c501e40d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ab:a8:a5:ab:d9:89:52:08:9d:3e:09:77:58:
c0:12:9c:3a:d6:35:7f:a4:82:4b:ee:3e:47:f5:ba:
84:df:d9:21:c8:48:08:69:22:4b:4c:69:4f:4d:42:
aa:e0:79:90:6e:f0:82:1c:01:8e:d8:8c:4c:73:de:
16:a1:12:47:b1:76:3e:37:c1:3f:d9:10:1d:58:21:
7d:0f:9e:ac:f5:68:b7:4b:3e:b6:82:22:0d:ae:ac:
68:af:d2:69:3f:34:61:72:0d:56:c2:54:9b:a9:d2:
8c:dd:5d:05:3e:04:5a:9f:b9:73:18:a2:07:13:5b:
f7:a6:63:be:e9:f4:0b:86:98:ef:be:0b:09:11:28:
1d:18:24:7d:e6:cc:7e:3c:c9:bc:05:43:55:91:44:
b4:fc:25:65:80:38:9c:1e:39:fe:3b:2d:02:62:a3:
aa:30:3a:c5:0d:90:c0:d3:e4:12:fe:50:f0:98:f2:
93:1e:84:94:86:81:26:8c:6c:7d:40:10:4c:e9:c9:
f7:30:b5:4c:02:74:c6:cf:5d:cf:66:75:70:78:be:
39:fa:e9:31:1b:77:dc:92:27:aa:f2:73:2b:28:90:
41:a2:45:32:63:32:db:70:02:36:58:91:94:d6:3e:
10:5d:22:f6:a5:af:d5:3e:a4:67:24:87:33:43:4d:
46:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:28:9D:9B:36:F2:4A:71:F3:44:6E:D7:18:9D:5D:0C:50:1E:40:D8
X509v3 Authority Key Identifier:
keyid:54:2F:7E:A9:0D:2A:2B:42:02:E5:78:B2:5B:A1:39:B3:C8:E6:29:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/OCidmzbySnHzRG7XGJ1dDFAeQNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5e51e-fb41-42e3-be69-ee1e1ded2f9f/1/VC9-qQ0qK0IC5XiyW6E5s8jmKSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.120.0/22
93.157.112.0/21
185.221.80.0/22
195.160.184.0/23
195.225.36.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:4c:4c:c1:cb:87:5d:b5:2b:3d:01:f9:0a:6a:fd:7e:9b:47:
62:c4:e1:a7:e6:02:86:a4:ec:b9:57:52:4c:8a:67:b4:bc:e6:
8c:15:d0:f4:3c:08:8a:7b:6a:fc:31:86:45:59:95:9e:d0:2c:
4f:7a:46:12:96:76:0f:4f:de:9a:90:bb:51:45:a2:5e:44:91:
09:88:a8:5a:bb:78:03:55:f9:fd:71:51:e7:c4:6c:5e:2c:a1:
44:f2:4a:14:b9:3d:8a:b8:a8:ce:e0:34:da:01:cb:6b:49:d8:
c4:87:24:93:e1:2c:f7:8b:c7:5e:7b:ce:e2:b3:c4:d8:1d:12:
85:4c:89:56:55:d6:c2:04:bd:1a:bc:9f:2f:c0:89:68:b9:86:
f6:30:4c:6e:fb:9b:ed:b2:fa:f8:96:6e:e8:f2:88:6a:ee:29:
dc:37:c1:fd:f0:8b:55:c3:56:a3:90:c2:b4:a8:dd:21:48:7d:
e1:69:27:a2:d0:cf:38:16:8c:0b:09:3d:d3:67:c1:2f:8b:4b:
09:31:df:e9:c8:e9:3e:2c:c9:6f:d8:4d:f4:22:2f:a0:cf:d3:
f3:e4:b0:69:d3:c4:d3:bf:91:73:0f:97:e2:3a:9d:cb:74:ab:
ec:9a:8b:8e:2a:6d:e5:4e:1c:ef:25:55:b4:39:d6:2a:ff:a6:
9b:c7:de:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvJs2+0wQHrbKjCN8Hi/OqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY3ZWE5MGQyYTJiNDIwMmU1NzhiMjViYTEzOWIzYzhl
NjI5MjgwHhcNMjMwMTAxMjEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI4OWQ5YjM2ZjI0YTcxZjM0NDZlZDcxODlkNWQwYzUwMWU0MGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6uopavZiVIInT4Jd1jAEpw61jV/
pIJL7j5H9bqE39khyEgIaSJLTGlPTUKq4HmQbvCCHAGO2IxMc94WoRJHsXY+N8E/
2RAdWCF9D56s9Wi3Sz62giINrqxor9JpPzRhcg1WwlSbqdKM3V0FPgRan7lzGKIH
E1v3pmO+6fQLhpjvvgsJESgdGCR95sx+PMm8BUNVkUS0/CVlgDicHjn+Oy0CYqOq
MDrFDZDA0+QS/lDwmPKTHoSUhoEmjGx9QBBM6cn3MLVMAnTGz13PZnVweL45+ukx
G3fckieq8nMrKJBBokUyYzLbcAI2WJGU1j4QXSL2pa/VPqRnJIczQ01GswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDgonZs28kpx80Ru1xidXQxQHkDYMB8GA1UdIwQY
MBaAFFQvfqkNKitCAuV4sluhObPI5ikoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5LXFRMHFLMElDNVhpeVc2RTVzOGptS1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNWU1MWUtZmI0MS00MmUzLWJlNjkt
ZWUxZTFkZWQyZjlmLzEvT0NpZG16YnlTbkh6Ukc3WEdKMWRERkFlUU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNWU1MWUtZmI0MS00MmUzLWJlNjktZWUxZTFkZWQyZjlm
LzEvVkM5LXFRMHFLMElDNVhpeVc2RTVzOGptS1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8l4AwQD
XZ1wAwQCud1QAwQBw6C4AwQBw+EkMA0GCSqGSIb3DQEBCwUAA4IBAQC4TEzBy4dd
tSs9AfkKav1+m0dixOGn5gKGpOy5V1JMime0vOaMFdD0PAiKe2r8MYZFWZWe0CxP
ekYSlnYPT96akLtRRaJeRJEJiKhau3gDVfn9cVHnxGxeLKFE8koUuT2KuKjO4DTa
ActrSdjEhyST4Sz3i8dee87is8TYHRKFTIlWVdbCBL0avJ8vwIlouYb2MExu+5vt
svr4lm7o8ohq7incN8H98ItVw1ajkMK0qN0hSH3haSei0M84FowLCT3TZ8Evi0sJ
Md/pyOk+LMlv2E30Ii+gz9Pz5LBp08TTv5FzD5fiOp3LdKvsmouOKm3lThzvJVW0
OdYq/6abx95l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:25 2024 by rpki-client on console-fra.rpki-client.org