Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ohiQrJWFczJ3IsKKLQGlH6BSoMM.roa
File: ohiQrJWFczJ3IsKKLQGlH6BSoMM.roa (raw, json)
Hash identifier: 7t+gVpH2SNiZ0SMruaPQjpv3ThRaK+hADpgEBubkxQA=
Subject key identifier: A2:18:90:AC:95:85:73:32:77:22:C2:8A:2D:01:A5:1F:A0:52:A0:C3
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018DE9EAB0797DE217EB907E5536C9BF899A
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ohiQrJWFczJ3IsKKLQGlH6BSoMM.roa
Signing time: Tue 27 Feb 2024 09:34:48 +0000
ROA not before: Tue 27 Feb 2024 09:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
79.135.100.0/23 maxlen: 23
79.135.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:ea:b0:79:7d:e2:17:eb:90:7e:55:36:c9:bf:89:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Feb 27 09:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21890ac958573327722c28a2d01a51fa052a0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:17:00:ae:67:da:0a:a7:2b:4c:bd:9d:0d:b2:
e8:69:db:8a:d4:fd:5d:49:64:37:32:77:1f:21:aa:
09:c7:4b:65:01:82:34:95:dc:20:39:01:77:71:6b:
9c:3f:33:6e:6c:15:51:c8:ce:a1:e5:11:2f:af:3d:
92:e9:07:cf:05:46:bb:c0:fd:48:0c:8a:0b:0e:d2:
50:24:20:2b:c7:7e:d5:6e:e2:a4:bb:f8:b6:d2:ea:
c3:ec:98:95:84:60:30:9e:fe:16:49:f4:ba:f3:a3:
59:06:0d:ff:2c:dc:e6:4f:2b:64:93:9c:c4:d8:b5:
fa:c7:10:ca:b9:53:e5:23:9b:11:50:2c:47:04:0a:
ca:eb:4f:b6:7b:0c:cb:27:b0:be:ac:f9:22:0a:32:
5d:b2:9d:a2:c8:c5:eb:b3:36:aa:34:ea:74:c2:fe:
6e:cf:85:30:94:00:75:5c:e3:7a:9b:13:1b:5c:b8:
0f:e3:ea:9e:a3:4a:f9:5d:c7:83:e3:88:d9:1b:e6:
27:03:c5:a9:73:70:a0:32:24:e2:a7:b8:bf:16:5b:
c0:e7:a0:66:4c:2b:df:d4:45:58:d6:04:28:2d:a3:
4c:dc:c1:fd:0f:aa:94:f7:5c:fc:ce:03:79:ec:ac:
8d:92:41:a0:ba:b1:a5:de:62:84:1f:10:b3:46:e5:
74:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:18:90:AC:95:85:73:32:77:22:C2:8A:2D:01:A5:1F:A0:52:A0:C3
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/ohiQrJWFczJ3IsKKLQGlH6BSoMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
79.135.100.0/22
Signature Algorithm: sha256WithRSAEncryption
14:a3:e6:d7:43:e0:24:74:28:64:3e:e9:a9:07:15:9f:a5:f4:
c5:e8:a0:ac:f7:ee:54:21:cc:2c:33:5d:95:7b:0a:04:ac:8d:
77:6c:17:c1:4e:1b:60:ca:28:32:21:20:92:ac:db:69:d0:b6:
cc:cd:ea:4d:67:05:22:16:ad:a8:b2:3c:dc:2e:73:b4:3d:cf:
fd:17:2e:a5:fe:b9:4d:e1:0d:af:16:85:a9:d3:12:c4:8a:d8:
7a:28:72:7f:3f:f3:4d:06:05:28:cd:a3:25:4c:1e:04:3c:68:
16:24:44:52:f4:04:ed:e0:84:0e:25:69:ba:cf:f2:ea:10:6d:
a3:08:4b:91:37:72:c1:5b:e5:42:7c:cd:da:0b:60:30:01:ca:
9f:dd:94:89:53:3a:16:35:54:01:7d:f9:3c:2f:a4:b9:e0:08:
c1:ed:42:a7:34:df:0a:d8:e0:d3:ac:3e:8f:b2:78:20:99:47:
2f:08:f6:eb:8e:24:d3:18:2a:7c:29:08:7b:2c:6b:a3:9a:98:
3b:3e:30:76:c9:7e:2f:e0:22:10:cb:81:a9:f3:9e:47:44:32:
80:8f:1a:e6:a4:ae:22:08:57:78:64:33:d8:fd:2e:74:9f:c0:
1e:e3:d0:e1:f9:98:8b:bd:99:d9:a7:b6:7f:05:8e:de:7f:68:
72:85:e9:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3p6rB5feIX65B+VTbJv4maMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwMjI3MDkzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE4OTBhYzk1ODU3MzMyNzcyMmMyOGEyZDAxYTUxZmEwNTJhMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRcArmfaCqcrTL2dDbLoaduK1P1d
SWQ3MncfIaoJx0tlAYI0ldwgOQF3cWucPzNubBVRyM6h5REvrz2S6QfPBUa7wP1I
DIoLDtJQJCArx37VbuKku/i20urD7JiVhGAwnv4WSfS686NZBg3/LNzmTytkk5zE
2LX6xxDKuVPlI5sRUCxHBArK60+2ewzLJ7C+rPkiCjJdsp2iyMXrszaqNOp0wv5u
z4UwlAB1XON6mxMbXLgP4+qeo0r5XceD44jZG+YnA8Wpc3CgMiTip7i/FlvA56Bm
TCvf1EVY1gQoLaNM3MH9D6qU91z8zgN57KyNkkGgurGl3mKEHxCzRuV0NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIYkKyVhXMydyLCii0BpR+gUqDDMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvb2hpUXJKV0ZjekozSXNLS0xRR2xINkJTb01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZCaAwQC
T4dkMA0GCSqGSIb3DQEBCwUAA4IBAQAUo+bXQ+AkdChkPumpBxWfpfTF6KCs9+5U
IcwsM12VewoErI13bBfBThtgyigyISCSrNtp0LbMzepNZwUiFq2osjzcLnO0Pc/9
Fy6l/rlN4Q2vFoWp0xLEith6KHJ/P/NNBgUozaMlTB4EPGgWJERS9ATt4IQOJWm6
z/LqEG2jCEuRN3LBW+VCfM3aC2AwAcqf3ZSJUzoWNVQBffk8L6S54AjB7UKnNN8K
2ODTrD6PsnggmUcvCPbrjiTTGCp8KQh7LGujmpg7PjB2yX4v4CIQy4Gp855HRDKA
jxrmpK4iCFd4ZDPY/S50n8Ae49Dh+ZiLvZnZp7Z/BY7ef2hyhekq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:41 2024 by rpki-client on console-ams.rpki-client.org