Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/OsvhX_BeQBlYr6MBbzZyFXP3IGM.roa
File: OsvhX_BeQBlYr6MBbzZyFXP3IGM.roa (raw, json)
Hash identifier: DQyqg5Hf1DR8KqA1NtLFAri9LyPDQrx/ulyuv3aYxac=
Subject key identifier: 3A:CB:E1:5F:F0:5E:40:19:58:AF:A3:01:6F:36:72:15:73:F7:20:63
Certificate issuer: /CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Certificate serial: 018CC6B902C94072265BD5FF41D657C33207
Authority key identifier: 9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/OsvhX_BeQBlYr6MBbzZyFXP3IGM.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34259
IP address blocks: 91.195.120.0/24 maxlen: 24
91.195.121.0/24 maxlen: 24
193.111.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:02:c9:40:72:26:5b:d5:ff:41:d6:57:c3:32:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7edeac0c6c20ea49d492990e4858541d190ff1
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3acbe15ff05e401958afa3016f36721573f72063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1b:92:b5:55:86:0a:aa:98:02:ef:91:81:c5:
c9:9c:b8:6f:0c:66:8b:9c:c6:c1:94:f7:95:eb:23:
60:8c:2b:94:01:3c:cb:d6:f3:72:01:88:43:e2:16:
c6:77:0a:99:0b:65:1c:fb:0c:e2:47:08:f0:58:fc:
81:b1:d6:71:e8:e1:20:a1:60:90:c9:ff:fe:59:6b:
12:79:09:2c:c4:88:26:dc:71:a0:1b:27:d8:bd:1a:
33:8c:f8:dc:67:44:57:d7:b5:2e:6a:b5:e2:59:91:
bf:18:19:54:81:8a:b6:b8:4f:8b:38:c3:0a:f8:1e:
23:0b:7e:33:c5:4a:56:c4:80:9b:a2:cf:36:0b:cc:
cc:58:6b:2f:17:23:4a:97:42:f0:bf:a5:50:13:bc:
43:7f:7b:d6:70:15:02:7c:70:36:9b:5d:b9:75:d8:
c7:e1:78:b0:ef:ba:97:2a:6f:72:3f:64:21:8f:cd:
a2:ab:cc:b0:22:a2:c8:ff:ae:0e:1a:34:7a:78:a2:
9b:63:88:03:c2:e7:09:14:92:3e:fd:28:f4:cf:70:
73:6e:87:92:5f:2c:9e:04:56:b6:e7:88:da:d0:b2:
8f:37:ad:44:76:9c:79:99:c9:a2:4f:b9:7a:6e:31:
3f:a0:5e:cb:bc:c6:2c:b7:97:6e:9f:06:63:48:0f:
cb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CB:E1:5F:F0:5E:40:19:58:AF:A3:01:6F:36:72:15:73:F7:20:63
X509v3 Authority Key Identifier:
keyid:9A:7E:DE:AC:0C:6C:20:EA:49:D4:92:99:0E:48:58:54:1D:19:0F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/OsvhX_BeQBlYr6MBbzZyFXP3IGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5a8e04-dd07-435a-b1bf-adedcaa3d26e/1/mn7erAxsIOpJ1JKZDkhYVB0ZD_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.120.0/23
193.111.83.0/24
Signature Algorithm: sha256WithRSAEncryption
65:19:7a:29:e4:a2:d2:81:e6:a2:c5:4d:ce:78:6e:ba:19:01:
95:f2:5a:3d:5e:ab:d0:55:d2:2f:b8:50:0f:47:cf:95:d6:cd:
97:05:75:44:79:ec:97:6a:83:32:ed:4f:22:02:29:4f:89:3d:
b2:3c:e6:b2:fe:d5:85:d0:7f:cc:c2:34:94:46:07:49:9e:3e:
93:ab:bd:96:1c:c5:7e:cc:03:74:58:53:c9:14:05:df:36:5c:
3f:80:08:9b:33:d1:31:09:f5:b6:57:26:d4:7a:48:fa:a5:fd:
ae:18:27:7c:e2:92:92:5d:14:ef:27:d6:29:c3:ee:4d:d4:12:
95:77:0a:ac:b4:cd:7f:bd:35:7c:a3:ab:99:e2:88:62:dc:d1:
81:cc:f2:8b:8f:ee:3c:d3:68:8e:5b:f4:bc:ce:4a:34:64:85:
ee:5c:10:f7:96:3d:1f:a0:79:ee:e1:d3:cf:ff:d8:e0:4b:dd:
5f:12:42:11:4e:4f:8d:1a:3b:9b:70:fd:ad:10:7b:e3:ed:d8:
f3:d9:41:c9:97:83:c5:e6:d7:85:39:01:17:b4:3c:26:e6:fc:
6f:67:c6:2c:89:2e:e9:a6:d8:79:6e:20:c3:77:9c:44:40:5f:
c8:f0:62:0f:67:0a:da:4b:8c:f3:e9:82:e6:65:26:31:4c:17:
41:12:b0:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQLJQHImW9X/QdZXwzIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2VkZWFjMGM2YzIwZWE0OWQ0OTI5OTBlNDg1ODU0MWQx
OTBmZjEwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNiZTE1ZmYwNWU0MDE5NThhZmEzMDE2ZjM2NzIxNTczZjcyMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRuStVWGCqqYAu+RgcXJnLhvDGaL
nMbBlPeV6yNgjCuUATzL1vNyAYhD4hbGdwqZC2Uc+wziRwjwWPyBsdZx6OEgoWCQ
yf/+WWsSeQksxIgm3HGgGyfYvRozjPjcZ0RX17UuarXiWZG/GBlUgYq2uE+LOMMK
+B4jC34zxUpWxICbos82C8zMWGsvFyNKl0Lwv6VQE7xDf3vWcBUCfHA2m125ddjH
4Xiw77qXKm9yP2Qhj82iq8ywIqLI/64OGjR6eKKbY4gDwucJFJI+/Sj0z3BzboeS
XyyeBFa254ja0LKPN61Edpx5mcmiT7l6bjE/oF7LvMYst5dunwZjSA/LHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrL4V/wXkAZWK+jAW82chVz9yBjMB8GA1UdIwQY
MBaAFJp+3qwMbCDqSdSSmQ5IWFQdGQ/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYt
YWRlZGNhYTNkMjZlLzEvT3N2aFhfQmVRQmxZcjZNQmJ6WnlGWFAzSUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81YThlMDQtZGQwNy00MzVhLWIxYmYtYWRlZGNhYTNkMjZl
LzEvbW43ZXJBeHNJT3BKMUpLWkRraFlWQjBaRF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8N4AwQA
wW9TMA0GCSqGSIb3DQEBCwUAA4IBAQBlGXop5KLSgeaixU3OeG66GQGV8lo9XqvQ
VdIvuFAPR8+V1s2XBXVEeeyXaoMy7U8iAilPiT2yPOay/tWF0H/MwjSURgdJnj6T
q72WHMV+zAN0WFPJFAXfNlw/gAibM9ExCfW2VybUekj6pf2uGCd84pKSXRTvJ9Yp
w+5N1BKVdwqstM1/vTV8o6uZ4ohi3NGBzPKLj+4802iOW/S8zko0ZIXuXBD3lj0f
oHnu4dPP/9jgS91fEkIRTk+NGjubcP2tEHvj7djz2UHJl4PF5teFOQEXtDwm5vxv
Z8YsiS7ppth5biDDd5xEQF/I8GIPZwraS4zz6YLmZSYxTBdBErCx
-----END CERTIFICATE-----
Generated at Thu Jun 20 12:17:54 2024 by rpki-client on console-ams.rpki-client.org