Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ONlpxQS-wuXmuodPyAceTxdbvEk.roa
File: ONlpxQS-wuXmuodPyAceTxdbvEk.roa (raw, json)
Hash identifier: OGKuML8SCFRpsMwUUJ3l6xvz1rtMDil5dicj8Paszwc=
Subject key identifier: 38:D9:69:C5:04:BE:C2:E5:E6:BA:87:4F:C8:07:1E:4F:17:5B:BC:49
Certificate issuer: /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial: 018E969621393A7D0368D94AE20A6292DCB8
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ONlpxQS-wuXmuodPyAceTxdbvEk.roa
Signing time: Sun 31 Mar 2024 22:16:44 +0000
ROA not before: Sun 31 Mar 2024 22:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59895
IP address blocks: 89.28.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Apr 2024 11:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:96:96:21:39:3a:7d:03:68:d9:4a:e2:0a:62:92:dc:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Validity
Not Before: Mar 31 22:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38d969c504bec2e5e6ba874fc8071e4f175bbc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:5d:df:1e:21:ce:29:46:00:c3:e1:03:d3:
e6:bd:3f:28:92:e1:a5:f7:3b:9d:b8:d4:50:73:64:
ff:49:4d:d6:4c:bb:cc:88:3e:a1:fa:63:a5:3c:48:
a4:47:3f:7a:2f:f1:c2:cd:de:64:d1:d8:f9:b4:f7:
ca:ab:e8:64:3d:48:3b:55:8b:19:7f:ee:cc:50:3d:
b7:7e:ea:7a:f1:ba:79:8c:e7:cd:87:fb:46:39:a6:
b6:1a:92:8e:80:08:92:7f:ba:85:2f:00:92:fe:46:
38:bf:aa:a3:c2:20:cd:89:90:0e:3e:66:20:a2:85:
3c:fc:a9:4b:a2:37:a8:0c:ad:03:a9:3f:a0:e2:28:
7f:db:3d:21:56:f6:05:35:dc:8a:64:38:08:bb:ea:
57:b4:3e:72:a1:82:7d:fa:43:ed:6b:96:a1:67:f9:
95:6d:8e:91:cc:a6:8b:10:9e:2e:e2:68:21:b3:64:
55:95:a1:63:3c:ab:c5:8b:8a:31:05:a5:13:56:ae:
ee:af:65:55:1e:3c:07:f3:76:22:db:d7:27:73:c0:
46:08:23:32:32:24:bd:4e:fc:3a:fc:95:cd:cd:3f:
0c:9f:5f:c0:76:17:12:5b:a8:0a:c8:bb:40:5c:81:
c5:95:f2:97:e3:f2:99:5b:78:48:31:20:ac:18:9f:
b2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D9:69:C5:04:BE:C2:E5:E6:BA:87:4F:C8:07:1E:4F:17:5B:BC:49
X509v3 Authority Key Identifier:
keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ONlpxQS-wuXmuodPyAceTxdbvEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e2:1c:6c:e5:6b:76:89:f2:c4:7d:b8:0c:ad:4d:f1:83:05:
38:8a:0c:26:a0:cb:41:7f:87:28:18:17:78:a4:62:cb:6e:df:
48:6e:ea:d6:ba:58:f0:fa:39:b4:2a:42:61:f3:12:32:1d:de:
4b:cc:98:20:83:fc:9e:2d:1e:09:ff:bb:29:67:0e:f6:7d:38:
73:ea:c8:8b:c2:33:71:87:b5:f5:e7:08:9d:6e:19:69:2d:37:
f2:7b:90:14:53:33:bd:40:1e:b4:2e:3a:88:de:31:b7:fe:a1:
91:e9:f6:19:26:3f:c3:68:30:39:74:58:ba:72:64:3f:03:e7:
07:ad:d1:fa:d4:05:bb:09:85:f8:b0:7f:17:4b:96:d8:b6:b3:
24:48:cc:33:bd:4f:8b:7c:6e:6e:bb:87:25:15:70:9f:c4:04:
33:43:58:76:d9:9b:e3:a0:14:48:4f:bd:22:8c:7c:9e:1b:2e:
37:da:5d:0c:f3:57:8d:5f:6d:57:af:66:9d:86:1d:7c:71:42:
14:e7:3b:52:58:04:5e:5c:ee:da:df:d0:48:e1:d5:54:31:27:
b7:28:4a:59:a3:c1:2e:29:c8:e6:68:c3:ea:c5:72:fc:5a:db:
c3:79:0c:a4:d5:33:93:bc:b9:9f:97:de:a2:0f:56:ae:41:6a:
df:3f:2c:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6WliE5On0DaNlK4gpikty4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwMzMxMjIxNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ5NjljNTA0YmVjMmU1ZTZiYTg3NGZjODA3MWU0ZjE3NWJiYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEpd3x4hzilGAMPhA9PmvT8okuGl
9zuduNRQc2T/SU3WTLvMiD6h+mOlPEikRz96L/HCzd5k0dj5tPfKq+hkPUg7VYsZ
f+7MUD23fup68bp5jOfNh/tGOaa2GpKOgAiSf7qFLwCS/kY4v6qjwiDNiZAOPmYg
ooU8/KlLojeoDK0DqT+g4ih/2z0hVvYFNdyKZDgIu+pXtD5yoYJ9+kPta5ahZ/mV
bY6RzKaLEJ4u4mghs2RVlaFjPKvFi4oxBaUTVq7ur2VVHjwH83Yi29cnc8BGCCMy
MiS9Tvw6/JXNzT8Mn1/AdhcSW6gKyLtAXIHFlfKX4/KZW3hIMSCsGJ+yAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjZacUEvsLl5rqHT8gHHk8XW7xJMB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvT05scHhRUy13dVhtdW9kUHlBY2VUeGRidkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRzsMA0G
CSqGSIb3DQEBCwUAA4IBAQCN4hxs5Wt2ifLEfbgMrU3xgwU4igwmoMtBf4coGBd4
pGLLbt9IburWuljw+jm0KkJh8xIyHd5LzJggg/yeLR4J/7spZw72fThz6siLwjNx
h7X15widbhlpLTfye5AUUzO9QB60LjqI3jG3/qGR6fYZJj/DaDA5dFi6cmQ/A+cH
rdH61AW7CYX4sH8XS5bYtrMkSMwzvU+LfG5uu4clFXCfxAQzQ1h22ZvjoBRIT70i
jHyeGy432l0M81eNX21Xr2adhh18cUIU5ztSWAReXO7a39BI4dVUMSe3KEpZo8Eu
KcjmaMPqxXL8WtvDeQyk1TOTvLmfl96iD1auQWrfPyxu
-----END CERTIFICATE-----
Generated at Sun Apr 7 14:14:26 2024 by rpki-client on console-ams.rpki-client.org