Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Oe-D1P31KB2zg72jX-CFW3EaNP0.roa
File: Oe-D1P31KB2zg72jX-CFW3EaNP0.roa (raw, json)
Hash identifier: g5ZtE2lpY06ArCgWYcpSEih/whC3lX9WH4ooTOSclso=
Subject key identifier: 39:EF:83:D4:FD:F5:28:1D:B3:83:BD:A3:5F:E0:85:5B:71:1A:34:FD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01880B5A0734126D92A9476BE1BA2F007FBF
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Oe-D1P31KB2zg72jX-CFW3EaNP0.roa
Signing time: Thu 11 May 2023 15:07:09 +0000
ROA not before: Thu 11 May 2023 15:07:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43094
IP address blocks: 91.242.84.0/23 maxlen: 23
91.242.104.0/21 maxlen: 21
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
91.242.78.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:5a:07:34:12:6d:92:a9:47:6b:e1:ba:2f:00:7f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 11 15:07:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39ef83d4fdf5281db383bda35fe0855b711a34fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d3:9c:49:46:ee:09:be:25:fb:e7:5e:88:5d:
63:76:36:e2:21:7b:41:3a:68:06:2e:b4:02:ac:e0:
5e:ae:da:ab:cb:0f:60:82:f0:e6:da:38:97:a1:27:
8d:27:b2:4d:25:57:42:27:da:2c:ed:57:70:9f:df:
e1:2c:32:1b:26:03:e9:2c:1e:91:0c:d1:07:51:7c:
18:c4:0a:71:75:e7:77:21:e4:78:9d:80:8f:eb:f4:
6d:21:64:ff:5b:8d:c0:2f:9f:d3:34:09:24:4a:31:
41:74:b1:2d:23:0d:c3:5f:a7:c8:7d:0a:12:0e:04:
b0:7c:09:21:e7:bb:f3:30:97:20:8c:1d:67:15:11:
45:63:88:99:45:30:48:d9:2d:ac:4f:96:f1:a8:7c:
b8:a8:2d:dc:a0:2c:1b:28:18:19:1d:58:5a:7a:ca:
43:cf:39:87:3a:c7:3e:ed:d5:ec:ba:54:32:a0:8c:
ba:bd:eb:95:d1:cf:61:0b:0b:85:67:77:76:d4:41:
e6:cb:70:ca:f8:ef:05:45:4f:8e:37:10:c4:36:fe:
28:28:70:b1:48:8d:1c:71:16:4b:af:ab:30:61:03:
84:f7:ae:d0:de:a8:ab:db:cf:fa:bb:97:41:57:86:
c3:e7:eb:61:fc:7f:48:01:26:68:7e:96:4d:16:ae:
53:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EF:83:D4:FD:F5:28:1D:B3:83:BD:A3:5F:E0:85:5B:71:1A:34:FD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Oe-D1P31KB2zg72jX-CFW3EaNP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.78.0/23
91.242.84.0/23
91.242.104.0/21
194.114.144.0/24
Signature Algorithm: sha256WithRSAEncryption
55:93:af:34:be:ac:2e:ce:91:b8:3d:ea:f2:68:f5:e9:90:be:
3f:3d:93:8f:6c:42:76:21:4b:0b:ce:e9:de:e5:32:3f:15:de:
bd:69:65:f8:37:9e:3a:aa:c6:c4:f0:2a:40:cb:06:0e:1b:a5:
ab:ca:0d:4d:2f:2b:c0:0a:a2:04:57:32:3f:55:99:4c:38:8f:
16:58:bd:ce:68:86:24:57:0e:2e:9e:28:49:60:8f:42:19:53:
21:7b:b7:14:8f:6d:33:f1:ba:43:c2:91:fe:ae:cf:4b:3b:e2:
ac:96:5c:16:cb:db:07:f0:20:44:7d:a8:f2:24:fd:44:45:d3:
25:7d:ec:ef:02:2d:5a:c2:bf:e9:b6:b0:27:f0:96:13:c1:08:
a9:8b:2d:f6:fd:ec:49:6e:31:f7:32:74:0e:79:17:ab:5c:f2:
16:5c:1b:64:46:e0:66:e7:21:28:ed:e3:61:c8:76:c4:fd:84:
48:34:99:98:39:8a:d4:b6:39:b4:75:99:34:a3:2e:a4:04:57:
f2:eb:48:7d:d8:e8:04:ed:4e:1c:7f:cf:26:25:50:c4:8a:a6:
9f:81:57:21:9a:cc:84:90:47:47:80:2a:55:c5:ac:79:4d:fc:
15:20:5b:a2:cf:01:95:28:c9:a6:5d:e1:ba:97:2d:47:8a:67:
6f:b8:94:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgLWgc0Em2SqUdr4bovAH+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNTExMTUwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWVmODNkNGZkZjUyODFkYjM4M2JkYTM1ZmUwODU1YjcxMWEzNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtOcSUbuCb4l++deiF1jdjbiIXtB
OmgGLrQCrOBertqryw9ggvDm2jiXoSeNJ7JNJVdCJ9os7Vdwn9/hLDIbJgPpLB6R
DNEHUXwYxApxded3IeR4nYCP6/RtIWT/W43AL5/TNAkkSjFBdLEtIw3DX6fIfQoS
DgSwfAkh57vzMJcgjB1nFRFFY4iZRTBI2S2sT5bxqHy4qC3coCwbKBgZHVhaespD
zzmHOsc+7dXsulQyoIy6veuV0c9hCwuFZ3d21EHmy3DK+O8FRU+ONxDENv4oKHCx
SI0ccRZLr6swYQOE967Q3qir28/6u5dBV4bD5+th/H9IASZofpZNFq5TswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDnvg9T99Sgds4O9o1/ghVtxGjT9MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvT2UtRDFQMzFLQjJ6ZzcyalgtQ0ZXM0VhTlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW/JOAwQB
W/JUAwQDW/JoAwQAwnKQMA0GCSqGSIb3DQEBCwUAA4IBAQBVk680vqwuzpG4Pery
aPXpkL4/PZOPbEJ2IUsLzune5TI/Fd69aWX4N546qsbE8CpAywYOG6Wryg1NLyvA
CqIEVzI/VZlMOI8WWL3OaIYkVw4unihJYI9CGVMhe7cUj20z8bpDwpH+rs9LO+Ks
llwWy9sH8CBEfajyJP1ERdMlfezvAi1awr/ptrAn8JYTwQipiy32/exJbjH3MnQO
eRerXPIWXBtkRuBm5yEo7eNhyHbE/YRINJmYOYrUtjm0dZk0oy6kBFfy60h92OgE
7U4cf88mJVDEiqafgVchmsyEkEdHgCpVxax5TfwVIFuizwGVKMmmXeG6ly1Himdv
uJT8
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org