Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2okm27clhc_OX40dY2lWB3xL-e4.roa
File: 2okm27clhc_OX40dY2lWB3xL-e4.roa (raw, json)
Hash identifier: MAB342ZB22Qx5OJYKxx9FLlq4lutGo872TYr/Xn/8Is=
Subject key identifier: DA:89:26:DB:B7:25:85:CF:CE:5F:8D:1D:63:69:56:07:7C:4B:F9:EE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0189B7DF1A8649D6446B50B1662A58DFFB31
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2okm27clhc_OX40dY2lWB3xL-e4.roa
Signing time: Wed 02 Aug 2023 20:09:59 +0000
ROA not before: Wed 02 Aug 2023 20:09:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399091
IP address blocks: 91.242.100.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b7:df:1a:86:49:d6:44:6b:50:b1:66:2a:58:df:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 2 20:09:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da8926dbb72585cfce5f8d1d636956077c4bf9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:eb:a4:d9:ec:f4:14:b0:2a:44:f6:1d:78:
fd:67:eb:2d:7a:7c:2e:88:7a:5f:1e:ad:6d:de:b9:
5e:62:e0:58:2f:c6:84:9d:ad:7e:d3:ee:4b:ef:16:
2e:e9:07:dd:d5:19:cc:e5:c2:53:29:71:82:df:af:
e1:c2:79:f9:b7:9e:79:d2:4b:04:a4:73:fa:99:e4:
81:11:96:8c:60:9c:fe:f6:2f:67:77:01:41:08:5c:
ac:8b:63:36:e5:af:10:0e:9e:ee:10:fa:9a:f4:d4:
43:c7:b4:39:78:c2:b7:70:07:9c:e0:2d:e1:48:25:
f2:78:99:2b:3c:91:e7:3f:85:ad:98:45:a6:15:1f:
29:83:6f:6b:ab:be:84:8f:6d:be:de:e4:16:f7:a0:
dc:e2:e3:24:e1:35:7a:f8:d5:7b:e6:ad:04:64:44:
99:c0:99:fb:2d:4f:85:06:bd:37:7c:d7:d3:92:d4:
0e:59:50:14:9e:97:24:5a:05:a6:39:ec:be:ec:45:
45:bd:d4:fe:ec:2f:86:f4:ce:64:17:0e:6b:bf:65:
b8:67:c5:07:35:c9:28:17:f1:ca:86:f2:37:cf:fd:
89:17:1b:2e:0d:fd:82:b1:65:b7:d9:f7:09:e5:70:
8c:01:a3:18:b4:ac:ec:2d:54:43:7f:18:f3:1f:75:
fd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:89:26:DB:B7:25:85:CF:CE:5F:8D:1D:63:69:56:07:7C:4B:F9:EE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/2okm27clhc_OX40dY2lWB3xL-e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.100.0/23
Signature Algorithm: sha256WithRSAEncryption
41:2d:d3:96:20:19:4e:9d:60:c8:67:1d:b2:7d:23:58:d6:ab:
ef:1a:53:da:c0:65:a9:e6:32:27:d8:7e:b2:d1:86:dd:c8:3b:
14:91:2f:b5:93:68:9f:ce:21:d4:35:3c:22:40:f4:c4:76:fa:
6e:2e:95:74:1c:68:56:15:d8:bb:7d:49:6d:2d:c2:aa:cc:a2:
73:c8:f9:fd:ea:89:87:7f:34:df:9b:36:2e:08:54:ef:21:9f:
21:41:c5:ab:ae:d2:31:88:ba:e8:9c:31:8b:6b:90:5a:23:d9:
b1:2c:ad:50:bc:2b:cb:10:7c:10:80:d3:87:d5:1f:6f:e8:c1:
35:8e:84:e5:52:ee:cf:bc:a6:7d:d1:c7:54:cc:c7:7f:db:36:
79:7d:84:f5:31:a6:7a:c0:d8:d8:a2:b0:40:27:54:70:4f:f2:
18:59:59:0c:e5:ac:a4:37:5d:73:c2:3e:17:29:95:73:e3:59:
70:60:72:de:64:11:24:4a:c0:6f:7c:95:a4:53:77:c3:1f:8f:
07:03:7a:fc:d7:af:39:9c:61:44:b4:85:22:ea:62:0c:61:08:
1d:09:fe:00:47:7b:ab:bd:27:b1:49:3b:31:96:c0:fa:1c:3c:
62:3b:b9:39:cf:9c:94:00:f2:dc:fa:1f:7e:9b:15:5a:b0:a7:
3b:e9:13:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm33xqGSdZEa1CxZipY3/sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODAyMjAwOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg5MjZkYmI3MjU4NWNmY2U1ZjhkMWQ2MzY5NTYwNzdjNGJmOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxHrpNns9BSwKkT2HXj9Z+stenwu
iHpfHq1t3rleYuBYL8aEna1+0+5L7xYu6Qfd1RnM5cJTKXGC36/hwnn5t5550ksE
pHP6meSBEZaMYJz+9i9ndwFBCFysi2M25a8QDp7uEPqa9NRDx7Q5eMK3cAec4C3h
SCXyeJkrPJHnP4WtmEWmFR8pg29rq76Ej22+3uQW96Dc4uMk4TV6+NV75q0EZESZ
wJn7LU+FBr03fNfTktQOWVAUnpckWgWmOey+7EVFvdT+7C+G9M5kFw5rv2W4Z8UH
NckoF/HKhvI3z/2JFxsuDf2CsWW32fcJ5XCMAaMYtKzsLVRDfxjzH3X9swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqJJtu3JYXPzl+NHWNpVgd8S/nuMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMm9rbTI3Y2xoY19PWDQwZFkybFdCM3hMLWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/JkMA0G
CSqGSIb3DQEBCwUAA4IBAQBBLdOWIBlOnWDIZx2yfSNY1qvvGlPawGWp5jIn2H6y
0YbdyDsUkS+1k2ifziHUNTwiQPTEdvpuLpV0HGhWFdi7fUltLcKqzKJzyPn96omH
fzTfmzYuCFTvIZ8hQcWrrtIxiLronDGLa5BaI9mxLK1QvCvLEHwQgNOH1R9v6ME1
joTlUu7PvKZ90cdUzMd/2zZ5fYT1MaZ6wNjYorBAJ1RwT/IYWVkM5aykN11zwj4X
KZVz41lwYHLeZBEkSsBvfJWkU3fDH48HA3r81685nGFEtIUi6mIMYQgdCf4AR3ur
vSexSTsxlsD6HDxiO7k5z5yUAPLc+h9+mxVasKc76RNr
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org