Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/OsCVAnKl8s1xvGvOXz67QQRe3ts.roa
File: OsCVAnKl8s1xvGvOXz67QQRe3ts.roa (raw, json)
Hash identifier: xtw2Qe1DAutkL25MTpw/kUdlW2JwWXKnRoh3uCYvrMg=
Subject key identifier: 3A:C0:95:02:72:A5:F2:CD:71:BC:6B:CE:5F:3E:BB:41:04:5E:DE:DB
Certificate issuer: /CN=107312a5016a3cdcc0b7e61dc79f55d3d5ecb37e
Certificate serial: 018571D7D8274CE81A21F2FFDB83006A9F84
Authority key identifier: 10:73:12:A5:01:6A:3C:DC:C0:B7:E6:1D:C7:9F:55:D3:D5:EC:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHMSpQFqPNzAt-Ydx59V09Xss34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/OsCVAnKl8s1xvGvOXz67QQRe3ts.roa
Signing time: Mon 02 Jan 2023 09:37:28 +0000
ROA not before: Mon 02 Jan 2023 09:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209576
IP address blocks: 91.132.66.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d8:27:4c:e8:1a:21:f2:ff:db:83:00:6a:9f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107312a5016a3cdcc0b7e61dc79f55d3d5ecb37e
Validity
Not Before: Jan 2 09:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ac0950272a5f2cd71bc6bce5f3ebb41045ededb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:f2:8e:3e:89:f7:49:5b:ea:28:6c:39:2c:
75:d5:7e:8c:18:30:09:83:b0:36:05:a8:33:c7:ee:
e8:9d:f0:1b:75:cd:46:68:4c:f8:f1:15:85:e4:21:
61:29:13:67:65:ae:3a:bb:cb:88:82:b4:d9:17:c0:
11:54:e1:4e:04:29:9f:ff:23:43:d9:9c:e2:83:85:
cc:6c:a6:e3:46:65:31:4c:54:7f:67:4b:92:55:7c:
9c:eb:4a:da:af:55:2d:be:8d:91:f5:0e:ee:0e:c6:
a9:6f:c1:cb:1a:ef:1b:2b:e3:a0:ee:be:37:6c:99:
b9:2d:b4:9d:0a:85:f5:bf:db:c6:b8:d1:e4:da:e1:
09:90:67:ce:74:9d:f0:6b:68:97:76:a7:10:fc:08:
38:e5:91:2e:f4:ce:3c:a3:31:d2:9e:c2:20:0e:74:
e1:9e:32:e2:70:42:6e:9f:72:8e:f6:8c:93:8c:18:
f3:79:1d:4f:fb:04:e2:87:d4:e3:e6:09:83:8a:d4:
b8:3c:27:5e:4b:9e:1f:f6:27:cf:fc:d4:19:49:3f:
1b:71:1a:5e:db:5d:3a:c3:d9:f8:8e:f9:c4:78:a7:
2e:d2:cd:2b:ad:00:fe:14:25:6a:0d:78:ed:06:cb:
3f:65:c9:3c:ae:31:c4:02:bf:23:f7:97:5e:ce:41:
12:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C0:95:02:72:A5:F2:CD:71:BC:6B:CE:5F:3E:BB:41:04:5E:DE:DB
X509v3 Authority Key Identifier:
keyid:10:73:12:A5:01:6A:3C:DC:C0:B7:E6:1D:C7:9F:55:D3:D5:EC:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHMSpQFqPNzAt-Ydx59V09Xss34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/OsCVAnKl8s1xvGvOXz67QQRe3ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/99f5c3-6b75-48bc-a8aa-3fdba9769302/1/EHMSpQFqPNzAt-Ydx59V09Xss34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.66.0/24
Signature Algorithm: sha256WithRSAEncryption
10:8f:6a:51:97:7a:4c:82:e3:e4:19:ef:fb:57:91:ab:09:80:
d2:3e:74:ba:d9:50:8b:8b:05:cd:33:a2:e1:4f:ca:6b:35:19:
af:35:be:bc:a6:9c:96:89:b6:6b:ce:a2:d4:3e:64:4f:01:ab:
2b:c4:e7:80:8d:31:c8:fc:18:a7:e2:6e:2f:e7:5d:5c:09:f2:
47:0c:b2:d5:7d:63:40:da:ff:d6:59:a8:06:bc:b1:ac:8c:bd:
19:3b:ab:4c:7a:2c:62:72:70:8d:08:37:cd:b7:c7:41:81:e0:
52:b0:bf:7a:86:43:13:88:8e:f1:74:89:e8:76:77:9d:6a:e0:
5d:04:b4:00:11:87:9a:cb:9a:d4:52:a5:fd:97:7e:59:cc:45:
12:2f:27:4a:e5:b2:32:ad:e2:ca:ea:92:8d:93:fd:b2:f7:42:
7c:05:58:c0:cc:6b:f4:b3:79:76:43:95:5e:ae:12:4d:e8:93:
51:59:a4:34:30:35:00:31:b9:07:63:8e:7e:06:aa:5d:07:c9:
32:2d:64:a4:5d:85:14:62:c4:76:18:6e:e3:db:c5:2a:84:96:
98:88:e4:97:0b:fd:19:c7:da:1d:01:22:9f:67:fe:a4:40:9b:
c2:83:02:32:fc:f2:b0:bb:62:f8:2b:0c:db:f2:ef:52:83:ef:
3c:c5:07:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx19gnTOgaIfL/24MAap+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzMxMmE1MDE2YTNjZGNjMGI3ZTYxZGM3OWY1NWQzZDVl
Y2IzN2UwHhcNMjMwMTAyMDkzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWMwOTUwMjcyYTVmMmNkNzFiYzZiY2U1ZjNlYmI0MTA0NWVkZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvbyjj6J90lb6ihsOSx11X6MGDAJ
g7A2Bagzx+7onfAbdc1GaEz48RWF5CFhKRNnZa46u8uIgrTZF8ARVOFOBCmf/yND
2Zzig4XMbKbjRmUxTFR/Z0uSVXyc60rar1Utvo2R9Q7uDsapb8HLGu8bK+Og7r43
bJm5LbSdCoX1v9vGuNHk2uEJkGfOdJ3wa2iXdqcQ/Ag45ZEu9M48ozHSnsIgDnTh
njLicEJun3KO9oyTjBjzeR1P+wTih9Tj5gmDitS4PCdeS54f9ifP/NQZST8bcRpe
2106w9n4jvnEeKcu0s0rrQD+FCVqDXjtBss/Zck8rjHEAr8j95dezkESkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrAlQJypfLNcbxrzl8+u0EEXt7bMB8GA1UdIwQY
MBaAFBBzEqUBajzcwLfmHcefVdPV7LN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhNU3BRRnFQTnpBdC1ZZHg1OVYwOVhzczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85OWY1YzMtNmI3NS00OGJjLWE4YWEt
M2ZkYmE5NzY5MzAyLzEvT3NDVkFuS2w4czF4dkd2T1h6NjdRUVJlM3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85OWY1YzMtNmI3NS00OGJjLWE4YWEtM2ZkYmE5NzY5MzAy
LzEvRUhNU3BRRnFQTnpBdC1ZZHg1OVYwOVhzczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4RCMA0G
CSqGSIb3DQEBCwUAA4IBAQAQj2pRl3pMguPkGe/7V5GrCYDSPnS62VCLiwXNM6Lh
T8prNRmvNb68ppyWibZrzqLUPmRPAasrxOeAjTHI/Bin4m4v511cCfJHDLLVfWNA
2v/WWagGvLGsjL0ZO6tMeixicnCNCDfNt8dBgeBSsL96hkMTiI7xdInodnedauBd
BLQAEYeay5rUUqX9l35ZzEUSLydK5bIyreLK6pKNk/2y90J8BVjAzGv0s3l2Q5Ve
rhJN6JNRWaQ0MDUAMbkHY45+BqpdB8kyLWSkXYUUYsR2GG7j28UqhJaYiOSXC/0Z
x9odASKfZ/6kQJvCgwIy/PKwu2L4Kwzb8u9Sg+88xQfV
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:56 2024 by rpki-client on console-ams.rpki-client.org