Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/ONi1K6KyKGtzuA9DexCbL0QXnkY.roa
File: ONi1K6KyKGtzuA9DexCbL0QXnkY.roa (raw, json)
Hash identifier: OjP9Nz959VAZyFaQiC/11kf6SdgFpDIJs2TelKmGXng=
Subject key identifier: 38:D8:B5:2B:A2:B2:28:6B:73:B8:0F:43:7B:10:9B:2F:44:17:9E:46
Certificate issuer: /CN=fe0a7919a3ed7b13b5dab39c86e04a7a97231473
Certificate serial: 01856ECBA7DA64F8C916894B7489E2E8ED70
Authority key identifier: FE:0A:79:19:A3:ED:7B:13:B5:DA:B3:9C:86:E0:4A:7A:97:23:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gp5GaPtexO12rOchuBKepcjFHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/ONi1K6KyKGtzuA9DexCbL0QXnkY.roa
Signing time: Sun 01 Jan 2023 19:25:18 +0000
ROA not before: Sun 01 Jan 2023 19:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15669
IP address blocks: 91.237.102.0/23 maxlen: 23
2a03:4ba0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:a7:da:64:f8:c9:16:89:4b:74:89:e2:e8:ed:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe0a7919a3ed7b13b5dab39c86e04a7a97231473
Validity
Not Before: Jan 1 19:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38d8b52ba2b2286b73b80f437b109b2f44179e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b4:3d:53:e6:1b:74:40:72:c6:38:e4:02:e6:
6a:2f:33:19:0d:b1:16:ce:28:33:40:c0:19:1c:94:
46:1d:47:bb:b1:f2:6d:f1:20:ee:48:c7:db:94:49:
a5:87:f9:91:45:57:25:ff:7f:9f:e0:11:fd:6c:3f:
e4:ba:16:f4:51:48:c8:45:19:07:c5:d0:33:cf:72:
7b:92:bc:f1:ec:4f:c0:65:f5:58:f9:b4:4c:ce:d6:
93:df:87:c6:5b:c2:81:a9:ea:8b:6b:b5:00:f2:1e:
da:4c:53:13:a8:a7:0b:54:fc:f0:a8:c2:48:04:9a:
0b:90:3b:5a:02:44:11:5b:9a:75:b5:ea:e9:47:45:
4b:55:55:b8:4a:c7:c1:a5:c8:8c:de:e9:c7:6e:72:
2d:15:b6:35:8e:e5:b8:0b:70:fe:13:fc:32:a6:84:
38:ad:b5:f5:58:cc:5e:c2:e1:67:47:0e:3d:d9:5f:
c8:51:df:fa:ef:c5:96:5c:93:bc:4d:4a:64:90:65:
4b:71:8e:0f:f8:b3:6f:04:8b:38:0f:5a:6f:3f:d7:
09:b4:5f:82:e2:52:a3:81:52:41:4a:64:60:30:c9:
19:e8:ba:32:d5:7a:93:fc:bf:66:ef:d3:8f:1f:4e:
8c:ad:ca:11:c0:f5:22:eb:50:25:39:8e:59:90:65:
03:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D8:B5:2B:A2:B2:28:6B:73:B8:0F:43:7B:10:9B:2F:44:17:9E:46
X509v3 Authority Key Identifier:
keyid:FE:0A:79:19:A3:ED:7B:13:B5:DA:B3:9C:86:E0:4A:7A:97:23:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gp5GaPtexO12rOchuBKepcjFHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/ONi1K6KyKGtzuA9DexCbL0QXnkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/_gp5GaPtexO12rOchuBKepcjFHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.102.0/23
IPv6:
2a03:4ba0::/48
Signature Algorithm: sha256WithRSAEncryption
81:68:f6:95:ae:1d:aa:c4:37:a7:6e:75:c9:88:e0:de:a1:54:
5c:8d:37:47:7d:39:65:d7:18:2c:ca:28:85:9b:ce:c3:cc:ab:
92:0e:86:33:1d:27:84:71:1e:a5:3c:0b:1a:e8:21:1e:21:1b:
99:00:94:20:11:9e:fc:c3:e9:3a:3f:f9:15:65:b6:42:fd:2a:
5c:f8:99:8b:48:34:c6:bd:b9:cd:cf:6b:4a:c4:c8:43:c9:b8:
cd:20:f3:b4:c0:54:0c:5b:8d:4a:7e:1c:4b:33:28:1f:d0:f4:
fd:ee:e5:15:ac:fd:db:20:c6:fd:13:26:bc:e2:f3:5c:28:8e:
71:b7:a6:e8:b6:c9:72:ce:0e:ca:67:f8:84:20:81:e9:8f:ca:
8d:41:c0:f8:c1:fc:af:76:65:c9:77:42:94:25:6e:25:af:98:
42:b3:66:31:86:f2:68:f9:70:13:50:10:63:7e:f9:0e:8c:8a:
84:5d:be:b0:3d:6b:22:74:f3:06:89:7a:d7:0c:81:e3:71:ab:
b6:02:ce:fa:8c:9c:0a:af:48:9e:4f:d4:17:62:01:c4:6b:2d:
22:99:b6:2e:4c:a9:b0:65:90:e0:a8:88:82:71:14:08:29:bb:
20:2a:5e:54:4e:61:e3:1e:24:e4:49:e5:75:73:e2:7c:6d:e6:
33:25:e0:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuy6faZPjJFolLdIni6O1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMGE3OTE5YTNlZDdiMTNiNWRhYjM5Yzg2ZTA0YTdhOTcy
MzE0NzMwHhcNMjMwMTAxMTkyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ4YjUyYmEyYjIyODZiNzNiODBmNDM3YjEwOWIyZjQ0MTc5ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLQ9U+YbdEByxjjkAuZqLzMZDbEW
zigzQMAZHJRGHUe7sfJt8SDuSMfblEmlh/mRRVcl/3+f4BH9bD/kuhb0UUjIRRkH
xdAzz3J7krzx7E/AZfVY+bRMztaT34fGW8KBqeqLa7UA8h7aTFMTqKcLVPzwqMJI
BJoLkDtaAkQRW5p1terpR0VLVVW4SsfBpciM3unHbnItFbY1juW4C3D+E/wypoQ4
rbX1WMxewuFnRw492V/IUd/678WWXJO8TUpkkGVLcY4P+LNvBIs4D1pvP9cJtF+C
4lKjgVJBSmRgMMkZ6Loy1XqT/L9m79OPH06MrcoRwPUi61AlOY5ZkGUDBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjYtSuisihrc7gPQ3sQmy9EF55GMB8GA1UdIwQY
MBaAFP4KeRmj7XsTtdqznIbgSnqXIxRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2dwNUdhUHRleE8xMnJPY2h1QktlcGNqRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80ODUwNmEtMzNkYy00NTc0LTgwZjMt
YmRlMjRhMmE5ZmY1LzEvT05pMUs2S3lLR3R6dUE5RGV4Q2JMMFFYbmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80ODUwNmEtMzNkYy00NTc0LTgwZjMtYmRlMjRhMmE5ZmY1
LzEvX2dwNUdhUHRleE8xMnJPY2h1QktlcGNqRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW+1mMA8E
AgACMAkDBwAqA0ugAAAwDQYJKoZIhvcNAQELBQADggEBAIFo9pWuHarEN6dudcmI
4N6hVFyNN0d9OWXXGCzKKIWbzsPMq5IOhjMdJ4RxHqU8CxroIR4hG5kAlCARnvzD
6To/+RVltkL9Klz4mYtINMa9uc3Pa0rEyEPJuM0g87TAVAxbjUp+HEszKB/Q9P3u
5RWs/dsgxv0TJrzi81wojnG3pui2yXLODspn+IQggemPyo1BwPjB/K92Zcl3QpQl
biWvmEKzZjGG8mj5cBNQEGN++Q6MioRdvrA9ayJ08waJetcMgeNxq7YCzvqMnAqv
SJ5P1BdiAcRrLSKZti5MqbBlkOCoiIJxFAgpuyAqXlROYeMeJORJ5XVz4nxt5jMl
4Nc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:19 2024 by rpki-client on console-ams.rpki-client.org