Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/AOM0C2dGtT_xEcXIGaJNBBosNQg.roa
File: AOM0C2dGtT_xEcXIGaJNBBosNQg.roa (raw, json)
Hash identifier: abRt8rm+uGsYGkEOrLWQmfCKduXzktigZV+lOWEu9+8=
Subject key identifier: 00:E3:34:0B:67:46:B5:3F:F1:11:C5:C8:19:A2:4D:04:1A:2C:35:08
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC740BB3FC0D1D9EE104EC28AFACCAFDD
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/AOM0C2dGtT_xEcXIGaJNBBosNQg.roa
Signing time: Tue 20 Feb 2024 16:02:04 +0000
ROA not before: Tue 20 Feb 2024 16:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 91.220.198.0/24 maxlen: 24
195.96.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 18:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:40:bb:3f:c0:d1:d9:ee:10:4e:c2:8a:fa:cc:af:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 20 16:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00e3340b6746b53ff111c5c819a24d041a2c3508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e5:f9:0e:3b:44:16:c6:d3:cc:b5:c8:e4:f2:
51:ad:dd:81:bd:4f:9d:bc:cc:5e:00:8e:b8:05:c1:
76:df:c5:77:fd:d6:e7:88:8d:de:ef:b0:bf:84:96:
66:36:18:d0:c0:a3:22:78:e6:1b:81:7e:ec:14:8f:
0b:8b:9c:41:6d:12:9a:2f:fd:1a:c5:b3:d2:64:0e:
9f:05:d7:5c:05:76:92:b9:1f:95:2d:8c:43:92:96:
66:71:ff:53:30:a1:10:57:c9:bb:f3:1b:06:82:3d:
17:5e:97:86:07:c0:d4:e3:36:aa:ac:bc:3d:70:fc:
3e:d2:51:63:90:50:7b:88:3a:84:ba:60:a4:c0:04:
c4:4d:3f:3b:45:75:45:58:03:53:d0:7b:14:e6:dc:
c2:a2:bd:61:66:3f:b5:6e:f1:89:56:d8:98:6c:5f:
28:8d:96:7a:4b:66:62:99:bc:6d:d4:79:a4:09:b2:
84:ab:da:90:a9:20:e0:2c:d4:f6:83:d3:7f:db:d1:
68:6c:f7:1a:a0:b9:df:6b:15:f9:f1:e0:87:cd:af:
6e:01:23:ef:bb:08:37:fa:ee:5b:24:bf:a4:4c:38:
08:88:60:a4:2b:b0:8b:f1:1a:9c:01:a2:24:b6:f7:
f2:a5:34:2c:18:78:40:de:3f:64:96:7a:54:ea:01:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E3:34:0B:67:46:B5:3F:F1:11:C5:C8:19:A2:4D:04:1A:2C:35:08
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/AOM0C2dGtT_xEcXIGaJNBBosNQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.198.0/24
195.96.144.0/24
Signature Algorithm: sha256WithRSAEncryption
62:53:bb:d0:aa:0e:c8:32:d8:52:9f:a9:a2:b3:e8:d8:53:03:
ff:c6:0c:8a:f5:9f:d3:83:6c:d1:c9:93:26:4a:85:45:b5:9b:
e6:3c:d4:19:36:bc:77:b9:51:4c:08:36:72:e8:16:96:71:44:
06:4a:36:a3:a4:04:3a:11:7a:28:ec:76:16:4c:11:e4:41:4d:
56:ef:05:77:a8:44:d8:af:17:ed:36:65:3b:85:a7:b2:13:f1:
f3:c8:f7:41:b1:39:e6:39:ef:27:a0:bf:94:7a:82:3c:72:a8:
a9:ac:5d:3e:a6:16:8b:92:e6:e6:04:85:0a:80:11:08:f0:00:
53:9a:a4:ea:1f:cc:39:ee:79:9e:cb:49:d3:a8:d2:a3:ac:5c:
77:77:74:6c:e7:25:2f:41:fc:f0:ff:80:39:a8:68:cc:6a:0a:
8d:42:80:e0:ca:1a:e1:4f:49:61:59:4b:28:8c:f8:9b:cd:de:
38:84:1c:ba:99:8b:ce:17:2a:3b:79:e1:83:81:c0:fa:a5:da:
3d:ce:f0:4c:f7:1f:27:35:73:1c:a6:cd:35:0d:92:1d:28:85:
cb:d4:44:2a:7e:11:ad:c8:61:38:1b:92:07:8d:c6:e4:6e:6f:
35:89:ce:84:11:c9:17:16:7a:6a:91:bb:94:e0:83:a1:d7:bd:
76:f4:b0:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3HQLs/wNHZ7hBOwor6zK/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIwMTYwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGUzMzQwYjY3NDZiNTNmZjExMWM1YzgxOWEyNGQwNDFhMmMzNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOX5DjtEFsbTzLXI5PJRrd2BvU+d
vMxeAI64BcF238V3/dbniI3e77C/hJZmNhjQwKMieOYbgX7sFI8Li5xBbRKaL/0a
xbPSZA6fBddcBXaSuR+VLYxDkpZmcf9TMKEQV8m78xsGgj0XXpeGB8DU4zaqrLw9
cPw+0lFjkFB7iDqEumCkwATETT87RXVFWANT0HsU5tzCor1hZj+1bvGJVtiYbF8o
jZZ6S2Zimbxt1HmkCbKEq9qQqSDgLNT2g9N/29FobPcaoLnfaxX58eCHza9uASPv
uwg3+u5bJL+kTDgIiGCkK7CL8RqcAaIktvfypTQsGHhA3j9klnpU6gHFIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADjNAtnRrU/8RHFyBmiTQQaLDUIMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQU9NMEMyZEd0VF94RWNYSUdhSk5CQm9zTlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9zGAwQA
w2CQMA0GCSqGSIb3DQEBCwUAA4IBAQBiU7vQqg7IMthSn6mis+jYUwP/xgyK9Z/T
g2zRyZMmSoVFtZvmPNQZNrx3uVFMCDZy6BaWcUQGSjajpAQ6EXoo7HYWTBHkQU1W
7wV3qETYrxftNmU7haeyE/HzyPdBsTnmOe8noL+UeoI8cqiprF0+phaLkubmBIUK
gBEI8ABTmqTqH8w57nmey0nTqNKjrFx3d3Rs5yUvQfzw/4A5qGjMagqNQoDgyhrh
T0lhWUsojPibzd44hBy6mYvOFyo7eeGDgcD6pdo9zvBM9x8nNXMcps01DZIdKIXL
1EQqfhGtyGE4G5IHjcbkbm81ic6EEckXFnpqkbuU4IOh17129LDD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org