Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/ONlGbHilAEeSMzbZWjwx_SIeCKk.roa
File: ONlGbHilAEeSMzbZWjwx_SIeCKk.roa (raw, json)
Hash identifier: brDufPGRnylw1ackaVifvNUEcb0X/RiLHal4ZPo+L0E=
Subject key identifier: 38:D9:46:6C:78:A5:00:47:92:33:36:D9:5A:3C:31:FD:22:1E:08:A9
Certificate issuer: /CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Certificate serial: 01856CF85733FE566B64C340A8EA40B20BE1
Authority key identifier: 74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/ONlGbHilAEeSMzbZWjwx_SIeCKk.roa
Signing time: Sun 01 Jan 2023 10:54:52 +0000
ROA not before: Sun 01 Jan 2023 10:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62217
IP address blocks: 185.184.156.0/24 maxlen: 24
185.184.157.0/24 maxlen: 24
185.184.158.0/24 maxlen: 24
185.184.156.0/22 maxlen: 22
185.184.159.0/24 maxlen: 24
2a0b:3880::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:57:33:fe:56:6b:64:c3:40:a8:ea:40:b2:0b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Validity
Not Before: Jan 1 10:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38d9466c78a50047923336d95a3c31fd221e08a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ca:f4:c6:43:3a:db:59:81:13:79:a9:a8:7f:
f8:ab:2b:9b:cf:a7:4e:58:4a:0e:b3:73:0b:ee:2b:
a5:f6:84:44:86:62:53:7f:3d:ce:cd:c2:fb:df:a0:
1e:12:59:e3:f1:a4:8e:42:14:a9:4e:a5:55:2b:d6:
9e:3a:cd:64:71:09:00:e7:0b:5f:fd:14:ef:09:cc:
a5:2b:e1:d6:b3:fe:24:22:5a:a3:9a:01:54:aa:16:
68:bf:73:d1:fb:5f:df:fc:7d:26:d2:04:98:1b:f1:
94:7b:9a:b8:a6:a8:fd:14:bb:87:6a:c5:76:0d:45:
0b:8e:21:69:5a:94:6a:00:86:d2:42:54:4a:36:4f:
d8:27:57:9c:7c:5c:b4:85:b5:21:05:70:8e:25:a2:
4c:48:7b:1e:e4:c1:4e:a9:7b:b3:cb:6e:54:c2:df:
c6:99:e7:27:d7:4e:8f:a5:cb:5d:af:d5:41:43:f4:
25:8b:6f:62:92:bc:cd:0e:98:73:ba:47:92:fb:66:
b4:69:73:e8:5d:6a:b9:5f:7a:b7:f2:aa:cb:f1:11:
ba:a4:bf:62:6f:67:c7:a9:84:1c:e9:23:cd:fc:6e:
28:3f:0a:98:03:df:48:97:5c:2c:2b:96:50:a6:c0:
67:0b:ee:0d:65:63:83:9c:6a:19:c9:09:ea:f9:85:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D9:46:6C:78:A5:00:47:92:33:36:D9:5A:3C:31:FD:22:1E:08:A9
X509v3 Authority Key Identifier:
keyid:74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/ONlGbHilAEeSMzbZWjwx_SIeCKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.156.0/22
IPv6:
2a0b:3880::/32
Signature Algorithm: sha256WithRSAEncryption
5d:c9:13:d3:e2:81:c8:23:59:84:5e:87:27:5b:d9:0b:a6:07:
75:ef:14:3c:12:a6:4b:7f:28:08:f6:be:c9:0a:32:ee:b6:07:
f0:6f:23:9b:9d:15:53:aa:1e:ac:14:b3:e3:21:a1:a4:6f:bc:
2a:22:4a:df:6c:9f:bc:18:6f:27:45:d2:95:87:26:1f:c8:ef:
13:c0:ca:c3:6a:5a:1f:36:18:7b:75:4d:a9:c1:9a:ed:a7:01:
38:f0:20:4e:e3:f7:79:49:63:36:1a:68:c5:a9:d7:9c:82:be:
0f:57:07:0a:88:e2:16:9c:2b:c3:81:ef:e4:25:11:b6:40:9f:
5b:c4:5b:a8:9b:6d:38:5f:3d:e1:75:19:dc:53:62:06:92:58:
57:f1:1d:bf:02:47:4f:41:9d:8c:28:8a:af:75:53:f5:b5:d0:
04:4e:2c:06:46:7f:a9:72:5e:bc:fe:78:1f:05:0a:1c:a3:0b:
d4:ca:24:34:7a:81:ce:fd:f1:35:55:f3:bb:13:06:2d:13:08:
bc:4a:c4:79:f7:b3:7f:4a:b2:0a:45:ad:3c:ee:95:b2:82:84:
32:1b:f9:2f:4b:bd:01:94:e5:b6:70:3d:09:16:9a:36:c3:9c:
81:d2:72:17:7e:21:06:7c:83:05:80:46:22:b9:98:82:36:91:
74:a7:6b:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+Fcz/lZrZMNAqOpAsgvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NWI2YzNjOWFiZGVkYjk2ZWIxZWYzZjdmN2ZhNzAwNTc1
MjJjN2YwHhcNMjMwMTAxMTA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ5NDY2Yzc4YTUwMDQ3OTIzMzM2ZDk1YTNjMzFmZDIyMWUwOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksr0xkM621mBE3mpqH/4qyubz6dO
WEoOs3ML7iul9oREhmJTfz3OzcL736AeElnj8aSOQhSpTqVVK9aeOs1kcQkA5wtf
/RTvCcylK+HWs/4kIlqjmgFUqhZov3PR+1/f/H0m0gSYG/GUe5q4pqj9FLuHasV2
DUULjiFpWpRqAIbSQlRKNk/YJ1ecfFy0hbUhBXCOJaJMSHse5MFOqXuzy25Uwt/G
mecn106Ppctdr9VBQ/Qli29ikrzNDphzukeS+2a0aXPoXWq5X3q38qrL8RG6pL9i
b2fHqYQc6SPN/G4oPwqYA99Il1wsK5ZQpsBnC+4NZWODnGoZyQnq+YU88wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDjZRmx4pQBHkjM22Vo8Mf0iHgipMB8GA1UdIwQY
MBaAFHRbbDyave25brHvP39/pwBXUix/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWIt
ZjcwZDVlZjg3NWMzLzEvT05sR2JIaWxBRWVTTXpiWldqd3hfU0llQ0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWItZjcwZDVlZjg3NWMz
LzEvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubicMA0E
AgACMAcDBQAqCziAMA0GCSqGSIb3DQEBCwUAA4IBAQBdyRPT4oHII1mEXocnW9kL
pgd17xQ8EqZLfygI9r7JCjLutgfwbyObnRVTqh6sFLPjIaGkb7wqIkrfbJ+8GG8n
RdKVhyYfyO8TwMrDalofNhh7dU2pwZrtpwE48CBO4/d5SWM2GmjFqdecgr4PVwcK
iOIWnCvDge/kJRG2QJ9bxFuom204Xz3hdRncU2IGklhX8R2/AkdPQZ2MKIqvdVP1
tdAETiwGRn+pcl68/ngfBQocowvUyiQ0eoHO/fE1VfO7EwYtEwi8SsR597N/SrIK
Ra087pWygoQyG/kvS70BlOW2cD0JFpo2w5yB0nIXfiEGfIMFgEYiuZiCNpF0p2u6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org