Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/7c871d-853e-4a2d-a8d4-bf813cf081b7/1/Og-XyFC0VrIhySp6hA_hE7AWyxo.roa
File: Og-XyFC0VrIhySp6hA_hE7AWyxo.roa (raw, json)
Hash identifier: kDHRCGxLYCy+C+NfSWDN7yiH7CuPowNgMJcQKTq3OUg=
Subject key identifier: 3A:0F:97:C8:50:B4:56:B2:21:C9:2A:7A:84:0F:E1:13:B0:16:CB:1A
Certificate issuer: /CN=1c98955128bcbc7693eb1a937ff28b40eb3448a0
Certificate serial: 0185729EF0E0438B212CCCFE5DB1E8F96329
Authority key identifier: 1C:98:95:51:28:BC:BC:76:93:EB:1A:93:7F:F2:8B:40:EB:34:48:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJiVUSi8vHaT6xqTf_KLQOs0SKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/7c871d-853e-4a2d-a8d4-bf813cf081b7/1/Og-XyFC0VrIhySp6hA_hE7AWyxo.roa
Signing time: Mon 02 Jan 2023 13:14:57 +0000
ROA not before: Mon 02 Jan 2023 13:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43887
IP address blocks: 91.198.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:f0:e0:43:8b:21:2c:cc:fe:5d:b1:e8:f9:63:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c98955128bcbc7693eb1a937ff28b40eb3448a0
Validity
Not Before: Jan 2 13:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a0f97c850b456b221c92a7a840fe113b016cb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:56:fb:5f:c1:1e:61:ed:97:cf:cf:58:9a:e7:
27:2a:81:ac:1c:f3:e9:6d:cf:d8:87:61:50:73:07:
1d:eb:46:ef:00:7e:bb:88:9b:c2:3e:ab:c8:33:c4:
0a:87:04:e9:1d:36:6e:36:48:c8:b9:6b:ab:c4:31:
97:59:ee:d1:3c:0b:f2:82:56:bd:97:39:a9:2c:0f:
ec:15:8c:8d:16:c6:65:75:84:0c:6d:00:e5:d9:27:
60:e3:41:49:53:a0:d4:fb:16:b5:d6:22:63:92:f7:
e9:56:a6:11:0d:eb:c9:34:c5:0c:b0:ea:7c:52:a4:
98:9c:c8:88:87:7e:66:a0:02:aa:ce:23:cf:64:56:
cb:ed:00:22:d2:0d:e6:28:8b:43:b1:ba:b3:4b:90:
bd:0c:e2:b9:a3:68:f7:33:69:1e:6e:79:56:97:07:
82:f8:65:72:34:6c:20:19:82:9f:46:fc:b0:10:32:
10:04:06:d6:1a:59:00:4a:d8:89:5e:a0:90:97:ce:
c6:22:20:18:50:4c:5b:e6:a7:38:5c:8f:de:d0:8c:
5f:47:6f:32:60:63:3e:51:3a:c4:e7:df:51:81:60:
4d:46:2f:ff:90:b0:74:e8:c4:f2:d2:12:99:09:24:
31:1c:b0:f7:e2:67:34:bd:3d:9b:40:48:ab:b7:83:
45:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0F:97:C8:50:B4:56:B2:21:C9:2A:7A:84:0F:E1:13:B0:16:CB:1A
X509v3 Authority Key Identifier:
keyid:1C:98:95:51:28:BC:BC:76:93:EB:1A:93:7F:F2:8B:40:EB:34:48:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJiVUSi8vHaT6xqTf_KLQOs0SKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/7c871d-853e-4a2d-a8d4-bf813cf081b7/1/Og-XyFC0VrIhySp6hA_hE7AWyxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/7c871d-853e-4a2d-a8d4-bf813cf081b7/1/HJiVUSi8vHaT6xqTf_KLQOs0SKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.182.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:40:14:7b:00:4f:86:8c:8f:22:50:bb:75:1f:8c:41:cf:db:
fc:e5:ab:59:d4:af:5a:64:85:50:1d:ae:55:c5:e0:84:a7:cf:
dc:fd:b5:32:73:4c:20:28:2e:f1:f2:d0:58:50:07:25:f6:d3:
02:78:22:cd:d5:3e:8d:75:97:04:66:a6:bd:41:18:59:02:1f:
62:5d:61:fb:12:d8:99:87:58:34:9f:65:ef:99:25:28:7f:e1:
66:82:dc:48:29:97:ec:ba:bb:cb:06:62:37:b7:95:17:bf:9a:
d6:14:69:0a:06:d9:bf:28:1d:3d:ab:c5:8f:5c:ae:d4:55:52:
06:4f:73:80:c3:f9:48:9c:fc:53:1c:e7:c2:57:80:9b:65:1c:
b0:81:70:44:65:2d:31:fc:b8:04:bc:2a:91:2c:eb:9e:72:11:
6a:72:20:f8:d1:3b:3d:ff:ea:81:ed:1f:93:5d:67:ad:ec:f9:
af:4e:4f:90:21:05:85:79:a1:2d:07:28:8a:b2:79:b9:39:b7:
f1:81:a7:04:8a:03:9d:39:79:b4:f3:8f:6b:db:cc:27:6a:d0:
e1:b6:a6:28:c1:3b:88:51:3d:f7:c6:79:b9:39:3a:82:75:b5:
ee:2d:1a:75:b3:f0:41:be:8b:30:63:8b:05:ae:30:7d:47:30:
50:c1:f3:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynvDgQ4shLMz+XbHo+WMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTg5NTUxMjhiY2JjNzY5M2ViMWE5MzdmZjI4YjQwZWIz
NDQ4YTAwHhcNMjMwMTAyMTMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBmOTdjODUwYjQ1NmIyMjFjOTJhN2E4NDBmZTExM2IwMTZjYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1b7X8EeYe2Xz89YmucnKoGsHPPp
bc/Yh2FQcwcd60bvAH67iJvCPqvIM8QKhwTpHTZuNkjIuWurxDGXWe7RPAvygla9
lzmpLA/sFYyNFsZldYQMbQDl2Sdg40FJU6DU+xa11iJjkvfpVqYRDevJNMUMsOp8
UqSYnMiIh35moAKqziPPZFbL7QAi0g3mKItDsbqzS5C9DOK5o2j3M2kebnlWlweC
+GVyNGwgGYKfRvywEDIQBAbWGlkAStiJXqCQl87GIiAYUExb5qc4XI/e0IxfR28y
YGM+UTrE599RgWBNRi//kLB06MTy0hKZCSQxHLD34mc0vT2bQEirt4NF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoPl8hQtFayIckqeoQP4ROwFssaMB8GA1UdIwQY
MBaAFByYlVEovLx2k+sak3/yi0DrNEigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEppVlVTaTh2SGFUNnhxVGZfS0xRT3MwU0tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83Yzg3MWQtODUzZS00YTJkLWE4ZDQt
YmY4MTNjZjA4MWI3LzEvT2ctWHlGQzBWckloeVNwNmhBX2hFN0FXeXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83Yzg3MWQtODUzZS00YTJkLWE4ZDQtYmY4MTNjZjA4MWI3
LzEvSEppVlVTaTh2SGFUNnhxVGZfS0xRT3MwU0tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8a2MA0G
CSqGSIb3DQEBCwUAA4IBAQBKQBR7AE+GjI8iULt1H4xBz9v85atZ1K9aZIVQHa5V
xeCEp8/c/bUyc0wgKC7x8tBYUAcl9tMCeCLN1T6NdZcEZqa9QRhZAh9iXWH7EtiZ
h1g0n2XvmSUof+FmgtxIKZfsurvLBmI3t5UXv5rWFGkKBtm/KB09q8WPXK7UVVIG
T3OAw/lInPxTHOfCV4CbZRywgXBEZS0x/LgEvCqRLOuechFqciD40Ts9/+qB7R+T
XWet7PmvTk+QIQWFeaEtByiKsnm5ObfxgacEigOdOXm0849r28wnatDhtqYowTuI
UT33xnm5OTqCdbXuLRp1s/BBvoswY4sFrjB9RzBQwfNe
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:13 2024 by rpki-client on console-ams.rpki-client.org