Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/oqRj6ldPM7mdqOj35URssZaQmr0.roa
File: oqRj6ldPM7mdqOj35URssZaQmr0.roa (raw, json)
Hash identifier: Y99WvNg02jfH3wHiYeAvEn1FO8fKLN3lAUCCl02JEt0=
Subject key identifier: A2:A4:63:EA:57:4F:33:B9:9D:A8:E8:F7:E5:44:6C:B1:96:90:9A:BD
Certificate issuer: /CN=366a9d542297577b37aa0c423195afe2a98e135d
Certificate serial: 0185730CA608E01E76DD627A14A48AA80E16
Authority key identifier: 36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/oqRj6ldPM7mdqOj35URssZaQmr0.roa
Signing time: Mon 02 Jan 2023 15:14:46 +0000
ROA not before: Mon 02 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52129
IP address blocks: 91.207.212.0/23 maxlen: 23
185.183.28.0/22 maxlen: 22
185.183.29.0/24 maxlen: 24
185.183.30.0/24 maxlen: 24
185.183.31.0/24 maxlen: 24
185.183.28.0/24 maxlen: 24
143.55.144.0/21 maxlen: 24
91.209.104.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:a6:08:e0:1e:76:dd:62:7a:14:a4:8a:a8:0e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=366a9d542297577b37aa0c423195afe2a98e135d
Validity
Not Before: Jan 2 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a463ea574f33b99da8e8f7e5446cb196909abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:2a:40:4d:f8:2f:d2:e6:1c:b7:1b:5c:7c:
59:59:74:72:06:1c:3d:a2:87:97:4d:ac:e8:7c:33:
5a:5b:d0:a1:df:7d:69:c4:15:3d:c2:8b:fd:1a:16:
e9:f9:4d:d4:6f:a6:bb:04:a2:dd:70:c5:f1:21:e2:
1e:25:9e:cd:b0:81:d0:71:0e:58:b8:c7:9c:47:04:
a7:7d:4c:46:90:d2:e4:46:fc:22:42:6e:5a:8d:8c:
45:5e:8e:d1:30:53:32:26:be:93:1a:5f:66:37:1a:
20:11:5b:b4:b5:2f:84:b3:94:0d:4d:16:ab:db:54:
54:77:09:41:d9:31:b6:9b:1d:54:26:1b:0a:fb:31:
5a:61:e3:66:45:f0:c1:2a:2c:8c:e1:6d:b6:0e:56:
92:43:d9:21:b5:76:f1:bc:c0:ce:c5:d1:0a:78:08:
3c:0d:3e:16:94:e6:bb:e6:99:3b:52:b7:bc:e9:92:
d5:bd:d0:81:a7:c7:96:dd:4f:27:ab:b1:af:2d:1c:
61:9b:bc:cf:a5:b2:4d:87:38:29:c6:8e:c7:50:57:
a7:e0:2c:66:3a:72:75:cc:3d:ae:c7:c5:4a:63:0b:
c5:b9:da:e9:dc:4b:46:6e:4a:63:f2:90:14:c2:44:
29:fc:9c:fd:59:db:f9:cd:80:b4:d6:c0:b2:70:fc:
ed:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A4:63:EA:57:4F:33:B9:9D:A8:E8:F7:E5:44:6C:B1:96:90:9A:BD
X509v3 Authority Key Identifier:
keyid:36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/oqRj6ldPM7mdqOj35URssZaQmr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/NmqdVCKXV3s3qgxCMZWv4qmOE10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.212.0/23
91.209.104.0/24
143.55.144.0/21
185.183.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:ae:37:ec:24:7b:64:db:34:f2:63:31:16:ee:b6:87:2b:87:
18:73:ae:98:a9:79:58:28:c3:77:8f:6a:de:b6:d9:b7:5b:12:
fb:a4:37:dd:99:f1:15:78:64:6c:77:3f:6c:74:4a:21:fc:18:
68:56:01:c7:1f:57:25:ed:83:0e:30:aa:40:2c:bc:ac:ee:17:
51:b3:1e:2f:dc:60:33:c4:3c:db:ec:7c:6a:74:6b:31:4b:0a:
9c:c9:4c:50:94:b8:54:99:2d:6d:00:6f:25:a9:67:33:1e:79:
f1:80:63:46:7a:76:bd:e1:a9:8f:08:1c:7e:4f:28:87:61:1a:
a2:35:d6:9e:a0:78:eb:bf:85:ad:de:53:e3:4b:5e:15:f0:7a:
61:e7:e7:cb:1b:b7:b6:a4:d9:73:70:f2:39:29:7c:1a:71:75:
b7:d0:88:0a:72:08:06:6f:7a:5b:32:82:3b:60:02:85:80:c0:
54:32:ce:fe:51:e7:78:bc:a9:c4:a6:f7:bc:ad:33:43:5f:96:
ea:57:05:2c:d9:99:53:54:90:e9:36:2c:2e:43:94:c4:13:6f:
fd:d4:92:1d:02:8c:f3:21:25:da:7f:a1:24:1b:33:99:bb:d0:
7b:34:11:21:bf:38:b6:35:1a:a5:84:6a:ab:4c:db:08:45:16:
64:46:95:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzDKYI4B523WJ6FKSKqA4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NmE5ZDU0MjI5NzU3N2IzN2FhMGM0MjMxOTVhZmUyYTk4
ZTEzNWQwHhcNMjMwMTAyMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE0NjNlYTU3NGYzM2I5OWRhOGU4ZjdlNTQ0NmNiMTk2OTA5YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmQqQE34L9LmHLcbXHxZWXRyBhw9
ooeXTazofDNaW9Ch331pxBU9wov9Ghbp+U3Ub6a7BKLdcMXxIeIeJZ7NsIHQcQ5Y
uMecRwSnfUxGkNLkRvwiQm5ajYxFXo7RMFMyJr6TGl9mNxogEVu0tS+Es5QNTRar
21RUdwlB2TG2mx1UJhsK+zFaYeNmRfDBKiyM4W22DlaSQ9khtXbxvMDOxdEKeAg8
DT4WlOa75pk7Ure86ZLVvdCBp8eW3U8nq7GvLRxhm7zPpbJNhzgpxo7HUFen4Cxm
OnJ1zD2ux8VKYwvFudrp3EtGbkpj8pAUwkQp/Jz9Wdv5zYC01sCycPztBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKKkY+pXTzO5najo9+VEbLGWkJq9MB8GA1UdIwQY
MBaAFDZqnVQil1d7N6oMQjGVr+KpjhNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm1xZFZDS1hWM3MzcWd4Q01aV3Y0cW1PRTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYzc1NDUtYzVmYS00M2JkLTg4Mzkt
ZDE4NWRlYzA2MDEyLzEvb3FSajZsZFBNN21kcU9qMzVVUnNzWmFRbXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYzc1NDUtYzVmYS00M2JkLTg4MzktZDE4NWRlYzA2MDEy
LzEvTm1xZFZDS1hWM3MzcWd4Q01aV3Y0cW1PRTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8/UAwQA
W9FoAwQDjzeQAwQCubccMA0GCSqGSIb3DQEBCwUAA4IBAQCjrjfsJHtk2zTyYzEW
7raHK4cYc66YqXlYKMN3j2rettm3WxL7pDfdmfEVeGRsdz9sdEoh/BhoVgHHH1cl
7YMOMKpALLys7hdRsx4v3GAzxDzb7HxqdGsxSwqcyUxQlLhUmS1tAG8lqWczHnnx
gGNGena94amPCBx+TyiHYRqiNdaeoHjrv4Wt3lPjS14V8Hph5+fLG7e2pNlzcPI5
KXwacXW30IgKcggGb3pbMoI7YAKFgMBUMs7+Ued4vKnEpve8rTNDX5bqVwUs2ZlT
VJDpNiwuQ5TEE2/91JIdAozzISXaf6EkGzOZu9B7NBEhvzi2NRqlhGqrTNsIRRZk
RpWf
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:55 2024 by rpki-client on console-ams.rpki-client.org