Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/OnK2LSYuN4MlILEKB8_LU-oGUt4.roa
File: OnK2LSYuN4MlILEKB8_LU-oGUt4.roa (raw, json)
Hash identifier: QLNqG3umHpfcFfQM/ZAX5VBcLSfCC+Gp5oAu25DWLek=
Subject key identifier: 3A:72:B6:2D:26:2E:37:83:25:20:B1:0A:07:CF:CB:53:EA:06:52:DE
Certificate issuer: /CN=76ad2abb73df96bcb1b1d1b8d99d35f5b9fd9828
Certificate serial: 0189FE04A6050773A5368ADC644D1B5BCF83
Authority key identifier: 76:AD:2A:BB:73:DF:96:BC:B1:B1:D1:B8:D9:9D:35:F5:B9:FD:98:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dq0qu3PflryxsdG42Z019bn9mCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/OnK2LSYuN4MlILEKB8_LU-oGUt4.roa
Signing time: Wed 16 Aug 2023 11:04:24 +0000
ROA not before: Wed 16 Aug 2023 11:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 91.203.31.0/24 maxlen: 24
2001:67c:10bc::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Dec 2023 22:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:04:a6:05:07:73:a5:36:8a:dc:64:4d:1b:5b:cf:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ad2abb73df96bcb1b1d1b8d99d35f5b9fd9828
Validity
Not Before: Aug 16 11:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a72b62d262e37832520b10a07cfcb53ea0652de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:b8:b8:bd:79:4f:89:15:3a:15:47:02:30:
10:cc:d3:da:56:6c:32:25:64:70:50:5a:43:87:17:
bd:dd:4c:6f:ca:08:61:ec:82:95:07:23:ac:ac:c9:
43:75:2a:a6:50:b9:86:71:0e:a2:37:05:93:67:d8:
b0:82:df:ca:08:0f:fc:21:a8:36:42:37:1a:88:9b:
1e:b3:82:b4:ba:ef:3c:45:06:04:73:af:f5:89:da:
3c:6f:21:12:8d:f5:1e:48:77:3d:01:50:ac:45:9e:
e4:a2:35:ac:37:09:09:00:58:09:06:3b:5f:d1:a6:
7d:9c:ac:0d:ac:ee:ba:25:2c:bd:72:0d:53:bd:b0:
d8:fe:d8:8d:c2:d5:df:d3:c8:e2:4e:7b:5c:c8:a7:
c6:7e:e2:37:39:ed:c5:ca:e7:4f:39:33:13:42:34:
6b:ce:e1:5e:eb:4a:d0:52:ef:c0:40:43:12:3d:94:
08:58:4f:91:82:80:57:a1:28:09:4e:45:0f:61:f9:
e3:67:74:75:bf:dc:4e:c6:34:d0:3a:68:81:f7:e9:
5c:56:5f:19:40:2a:a3:82:4a:fb:f2:db:b2:f4:0b:
f8:5d:f4:db:6e:d7:5c:da:6e:0a:c4:d8:de:96:64:
3d:a8:24:68:5f:3d:48:2b:5b:bd:66:f6:40:a2:b9:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:72:B6:2D:26:2E:37:83:25:20:B1:0A:07:CF:CB:53:EA:06:52:DE
X509v3 Authority Key Identifier:
keyid:76:AD:2A:BB:73:DF:96:BC:B1:B1:D1:B8:D9:9D:35:F5:B9:FD:98:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dq0qu3PflryxsdG42Z019bn9mCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/OnK2LSYuN4MlILEKB8_LU-oGUt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/3cdd92-724a-4fd8-a5f8-370b3a87bf98/1/dq0qu3PflryxsdG42Z019bn9mCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.31.0/24
IPv6:
2001:67c:10bc::/48
Signature Algorithm: sha256WithRSAEncryption
39:9c:87:28:b6:fb:86:57:12:bc:c9:44:cd:cc:3f:4a:52:2c:
26:78:11:31:62:a0:dd:05:e6:94:ad:97:2e:7e:ac:11:a9:82:
89:cc:c5:a1:1b:66:47:90:c9:26:7b:3f:18:84:da:31:92:77:
4c:1a:80:98:19:8a:08:61:a7:23:b1:c6:3d:e4:15:91:af:a6:
72:5f:f6:25:cd:fd:8d:62:74:b1:1b:81:7f:d5:11:af:0d:e8:
6d:9b:ce:6e:18:b6:1a:ca:e5:48:e3:94:a5:37:ab:90:84:bc:
95:ad:94:fb:79:e2:52:8d:f8:f2:fa:a4:af:2d:d6:48:23:da:
13:7e:e7:e0:8d:1a:cd:29:3b:06:81:6a:df:ea:9b:40:25:a4:
fd:39:99:22:6d:3c:9a:d1:9d:6b:77:5d:88:fc:4f:94:1b:75:
83:3f:23:aa:1c:0c:7a:24:6f:4d:08:36:ee:b4:88:c7:33:42:
e4:7c:1c:ae:91:bf:24:09:b1:40:56:09:35:20:9e:e6:73:4a:
a6:90:57:aa:d3:e2:89:21:74:41:8e:ce:1c:c5:b0:73:43:ee:
d5:66:f0:aa:6b:e7:61:05:69:24:00:da:8f:3a:55:bd:cb:6e:
91:21:ad:b9:c8:42:9f:6b:4c:89:33:f3:06:64:c9:18:3c:90:
23:8e:10:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn+BKYFB3OlNorcZE0bW8+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YWQyYWJiNzNkZjk2YmNiMWIxZDFiOGQ5OWQzNWY1Yjlm
ZDk4MjgwHhcNMjMwODE2MTEwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTcyYjYyZDI2MmUzNzgzMjUyMGIxMGEwN2NmY2I1M2VhMDY1MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhK4uL15T4kVOhVHAjAQzNPaVmwy
JWRwUFpDhxe93Uxvyghh7IKVByOsrMlDdSqmULmGcQ6iNwWTZ9iwgt/KCA/8Iag2
QjcaiJses4K0uu88RQYEc6/1ido8byESjfUeSHc9AVCsRZ7kojWsNwkJAFgJBjtf
0aZ9nKwNrO66JSy9cg1TvbDY/tiNwtXf08jiTntcyKfGfuI3Oe3FyudPOTMTQjRr
zuFe60rQUu/AQEMSPZQIWE+RgoBXoSgJTkUPYfnjZ3R1v9xOxjTQOmiB9+lcVl8Z
QCqjgkr78tuy9Av4XfTbbtdc2m4KxNjelmQ9qCRoXz1IK1u9ZvZAorlXawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDpyti0mLjeDJSCxCgfPy1PqBlLeMB8GA1UdIwQY
MBaAFHatKrtz35a8sbHRuNmdNfW5/ZgoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHEwcXUzUGZscnl4c2RHNDJaMDE5Ym45bUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8zY2RkOTItNzI0YS00ZmQ4LWE1Zjgt
MzcwYjNhODdiZjk4LzEvT25LMkxTWXVONE1sSUxFS0I4X0xVLW9HVXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8zY2RkOTItNzI0YS00ZmQ4LWE1ZjgtMzcwYjNhODdiZjk4
LzEvZHEwcXUzUGZscnl4c2RHNDJaMDE5Ym45bUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8sfMA8E
AgACMAkDBwAgAQZ8ELwwDQYJKoZIhvcNAQELBQADggEBADmchyi2+4ZXErzJRM3M
P0pSLCZ4ETFioN0F5pStly5+rBGpgonMxaEbZkeQySZ7PxiE2jGSd0wagJgZighh
pyOxxj3kFZGvpnJf9iXN/Y1idLEbgX/VEa8N6G2bzm4YthrK5UjjlKU3q5CEvJWt
lPt54lKN+PL6pK8t1kgj2hN+5+CNGs0pOwaBat/qm0AlpP05mSJtPJrRnWt3XYj8
T5QbdYM/I6ocDHokb00INu60iMczQuR8HK6RvyQJsUBWCTUgnuZzSqaQV6rT4okh
dEGOzhzFsHND7tVm8Kpr52EFaSQA2o86Vb3LbpEhrbnIQp9rTIkz8wZkyRg8kCOO
EKw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:15 2024 by rpki-client on console-ams.rpki-client.org