Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/OazCErrYvdOtesevsSQpFHqPfI0.roa
File: OazCErrYvdOtesevsSQpFHqPfI0.roa (raw, json)
Hash identifier: a6tpoDLPzFNgwptcfuE8UyBsi7J5eTCBS+GA+eiLbjU=
Subject key identifier: 39:AC:C2:12:BA:D8:BD:D3:AD:7A:C7:AF:B1:24:29:14:7A:8F:7C:8D
Certificate issuer: /CN=b1427bdcd47c78431f662a08589005acb50b9341
Certificate serial: 01856BD3385AF82BF4619FF2714018BD7D13
Authority key identifier: B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/OazCErrYvdOtesevsSQpFHqPfI0.roa
Signing time: Sun 01 Jan 2023 05:34:42 +0000
ROA not before: Sun 01 Jan 2023 05:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8749
IP address blocks: 91.235.148.0/24 maxlen: 24
91.236.12.0/24 maxlen: 24
91.234.54.0/24 maxlen: 24
91.235.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:38:5a:f8:2b:f4:61:9f:f2:71:40:18:bd:7d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1427bdcd47c78431f662a08589005acb50b9341
Validity
Not Before: Jan 1 05:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39acc212bad8bdd3ad7ac7afb12429147a8f7c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9c:ce:25:5a:fb:35:35:6b:b2:c9:90:c8:eb:
9e:9d:1a:b0:31:9b:bb:f8:fa:d6:47:2f:94:2b:13:
4a:0a:37:fd:5f:dc:df:35:4a:ae:d1:cc:de:96:15:
c7:45:45:8f:48:be:3d:bc:7d:e4:8a:5d:74:54:b3:
95:91:75:70:1b:f3:84:18:d2:89:a4:41:59:78:32:
3e:b9:31:2b:2c:1c:2b:ce:c7:c6:2a:9a:f4:a0:5b:
24:d1:f7:3f:c5:7c:fd:d7:c1:29:a8:ca:2c:86:8f:
3e:d3:79:47:1e:80:8f:41:60:d5:ae:00:af:48:fe:
2a:0e:e6:69:22:71:fe:b6:9d:26:c4:48:f9:df:9a:
35:af:ef:2f:e4:0c:e0:9f:7c:6f:82:2a:cc:1f:a8:
42:ca:0b:04:85:10:67:b5:9f:b4:52:4c:c1:5c:0f:
06:9f:e7:22:3a:87:a5:83:ae:59:53:d4:12:3b:44:
50:81:76:ae:70:64:db:a4:ac:17:74:90:84:7c:d1:
a1:95:5c:b1:1c:f0:b2:07:9f:fa:02:c3:c5:22:a9:
85:e2:a4:91:71:50:80:25:e3:00:c4:d7:0c:67:4f:
8c:26:20:9e:3a:dd:f4:f7:7c:fe:58:23:3d:e9:34:
1d:df:0c:29:6a:a8:56:02:0f:19:3a:16:8a:6b:8a:
28:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AC:C2:12:BA:D8:BD:D3:AD:7A:C7:AF:B1:24:29:14:7A:8F:7C:8D
X509v3 Authority Key Identifier:
keyid:B1:42:7B:DC:D4:7C:78:43:1F:66:2A:08:58:90:05:AC:B5:0B:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUJ73NR8eEMfZioIWJAFrLULk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/OazCErrYvdOtesevsSQpFHqPfI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/20a767-7b41-463b-a6c9-5fc8e6327889/1/sUJ73NR8eEMfZioIWJAFrLULk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.54.0/24
91.235.148.0/24
91.235.241.0/24
91.236.12.0/24
Signature Algorithm: sha256WithRSAEncryption
67:63:00:8a:a4:bd:75:21:3a:8a:e2:0d:a5:b5:e0:7e:9d:d2:
75:bf:67:fb:b4:88:a7:ff:c7:5b:17:4a:2a:2b:d3:ee:a2:0f:
99:06:ec:99:36:12:52:f6:25:09:03:8a:5d:8f:06:15:bf:62:
f9:48:4b:fb:36:d7:37:4c:3a:f3:31:84:c8:69:e7:5c:e4:ab:
a3:97:2b:56:cc:1a:d5:d8:79:f9:81:38:43:ec:62:28:e7:1d:
e1:2b:e3:2d:64:f5:42:d6:ba:ee:3c:41:c2:0f:47:b3:c5:16:
82:3b:fa:cf:f1:5f:fb:6a:32:5c:d7:4f:8a:1e:05:69:1a:8d:
c4:f1:ea:eb:60:da:a1:4a:56:a2:b2:1e:d7:49:c7:58:80:3a:
91:4b:dc:83:2e:f4:eb:3f:63:34:2c:77:da:4b:94:17:4e:6e:
ca:5d:6e:b3:9c:6f:2f:8a:dd:43:bc:49:65:4a:cf:2f:c5:4e:
fe:7d:38:31:a3:b5:37:99:4e:7b:7c:f0:b6:c6:c5:3a:c7:97:
a9:e9:19:8b:31:a8:c8:e8:3a:de:05:d2:e2:09:8e:87:eb:84:
6e:31:b5:c7:7a:6d:2c:8f:99:f8:c1:ac:e9:03:2f:74:eb:17:
e0:55:d0:03:1c:3b:6f:bb:dc:d5:fe:9c:e7:26:e0:e6:8b:70:
32:74:de:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVr0zha+Cv0YZ/ycUAYvX0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDI3YmRjZDQ3Yzc4NDMxZjY2MmEwODU4OTAwNWFjYjUw
YjkzNDEwHhcNMjMwMTAxMDUzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFjYzIxMmJhZDhiZGQzYWQ3YWM3YWZiMTI0MjkxNDdhOGY3YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5zOJVr7NTVrssmQyOuenRqwMZu7
+PrWRy+UKxNKCjf9X9zfNUqu0czelhXHRUWPSL49vH3kil10VLOVkXVwG/OEGNKJ
pEFZeDI+uTErLBwrzsfGKpr0oFsk0fc/xXz918EpqMosho8+03lHHoCPQWDVrgCv
SP4qDuZpInH+tp0mxEj535o1r+8v5Azgn3xvgirMH6hCygsEhRBntZ+0UkzBXA8G
n+ciOoelg65ZU9QSO0RQgXaucGTbpKwXdJCEfNGhlVyxHPCyB5/6AsPFIqmF4qSR
cVCAJeMAxNcMZ0+MJiCeOt3093z+WCM96TQd3wwpaqhWAg8ZOhaKa4oo2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDmswhK62L3TrXrHr7EkKRR6j3yNMB8GA1UdIwQY
MBaAFLFCe9zUfHhDH2YqCFiQBay1C5NBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2Yzkt
NWZjOGU2MzI3ODg5LzEvT2F6Q0Vycll2ZE90ZXNldnNTUXBGSHFQZkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMGE3NjctN2I0MS00NjNiLWE2YzktNWZjOGU2MzI3ODg5
LzEvc1VKNzNOUjhlRU1mWmlvSVdKQUZyTFVMazBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+o2AwQA
W+uUAwQAW+vxAwQAW+wMMA0GCSqGSIb3DQEBCwUAA4IBAQBnYwCKpL11ITqK4g2l
teB+ndJ1v2f7tIin/8dbF0oqK9Puog+ZBuyZNhJS9iUJA4pdjwYVv2L5SEv7Ntc3
TDrzMYTIaedc5KujlytWzBrV2Hn5gThD7GIo5x3hK+MtZPVC1rruPEHCD0ezxRaC
O/rP8V/7ajJc10+KHgVpGo3E8errYNqhSlaish7XScdYgDqRS9yDLvTrP2M0LHfa
S5QXTm7KXW6znG8vit1DvEllSs8vxU7+fTgxo7U3mU57fPC2xsU6x5ep6RmLMajI
6DreBdLiCY6H64RuMbXHem0sj5n4wazpAy906xfgVdADHDtvu9zV/pznJuDmi3Ay
dN6A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:59 2024 by rpki-client on console-fra.rpki-client.org