Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OJm4WnQYKsbkCai7SfCxXe6rPjc.roa
File: OJm4WnQYKsbkCai7SfCxXe6rPjc.roa (raw, json)
Hash identifier: YfJuOXQwU/EcPaGq+WVkvJ6NFwdtSC+I0s7v4HYheB4=
Subject key identifier: 38:99:B8:5A:74:18:2A:C6:E4:09:A8:BB:49:F0:B1:5D:EE:AB:3E:37
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 018570677649E29D8ED312CE9B3FC1865EFA
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OJm4WnQYKsbkCai7SfCxXe6rPjc.roa
Signing time: Mon 02 Jan 2023 02:55:06 +0000
ROA not before: Mon 02 Jan 2023 02:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60798
IP address blocks: 37.156.244.0/24 maxlen: 24
185.116.60.0/24 maxlen: 24
2a0c:79c0:3::/48 maxlen: 48
2a0c:79c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 Nov 2023 15:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:76:49:e2:9d:8e:d3:12:ce:9b:3f:c1:86:5e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 2 02:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3899b85a74182ac6e409a8bb49f0b15deeab3e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:ed:c0:bf:e5:02:0e:2d:da:57:0d:7a:7e:
d6:e6:bd:9e:78:f0:c8:36:e7:fa:ac:ec:7d:45:52:
06:53:35:8a:fa:5c:d5:3f:4b:de:74:8a:7e:cb:71:
91:73:b8:59:47:79:ec:10:55:2a:5b:74:7a:33:79:
cc:2f:d6:ff:5a:26:70:6a:ce:18:67:0b:9c:8c:8c:
27:18:28:bb:ed:5d:76:8b:78:34:12:39:81:2c:98:
ed:61:78:e5:d0:64:53:d6:7d:d4:75:c1:48:ef:24:
50:3e:35:e7:08:8f:6e:26:d6:c5:b9:d2:ba:fe:62:
e9:d8:4b:e0:f1:c3:2c:72:73:4d:35:ba:6c:35:77:
54:e0:f8:9b:87:9b:17:39:d5:c0:ca:bc:e2:f3:bc:
93:dc:fd:1d:48:5c:de:6d:96:7b:2d:9c:17:b6:64:
c8:ce:3c:d2:ab:0c:12:46:7e:99:1f:da:56:03:b3:
63:81:3b:24:83:de:40:74:ed:af:f7:e5:05:b7:7d:
c8:63:05:56:21:5e:3f:2e:8a:bd:c1:49:99:b3:c2:
fb:39:d6:19:31:bc:b8:71:1c:af:ef:75:1d:cf:be:
d3:f5:73:a3:20:59:ad:87:3f:b3:b8:fb:c4:2a:d1:
ca:ae:57:e8:f3:8a:93:dd:fd:99:d8:ad:bc:b5:be:
df:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:99:B8:5A:74:18:2A:C6:E4:09:A8:BB:49:F0:B1:5D:EE:AB:3E:37
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OJm4WnQYKsbkCai7SfCxXe6rPjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.244.0/24
185.116.60.0/24
IPv6:
2a0c:79c0:1::/48
2a0c:79c0:3::/48
Signature Algorithm: sha256WithRSAEncryption
ad:5a:a5:00:47:00:52:37:88:d4:4b:f2:86:67:e2:69:19:fd:
28:37:74:cf:9b:92:ca:a7:4c:f5:7c:d9:9c:af:39:3d:6a:3b:
80:cc:89:70:9b:84:3e:49:37:6e:60:5a:56:7c:48:ea:95:d8:
50:59:97:7a:ca:b1:6a:47:c3:78:48:2a:55:cc:81:f2:45:c8:
6b:e4:1c:6d:c7:dc:9d:dc:93:0e:d8:85:fd:61:94:ef:6a:35:
35:de:bf:a1:80:1f:55:87:89:de:9f:9d:bd:36:8d:9d:75:b8:
27:01:d8:12:37:59:d2:9b:90:57:1b:9f:c9:65:cf:23:02:2a:
1e:5b:47:3e:6f:c7:10:27:72:55:78:3d:be:26:04:f3:56:89:
85:e1:bd:ab:f4:5b:7f:be:8e:5d:28:c3:7c:fc:aa:c9:49:d1:
6d:f8:b7:89:89:1d:5d:a3:6a:03:4e:25:21:64:c8:6d:03:16:
6f:36:cb:c5:b2:f0:13:ca:33:23:f0:cd:1a:ce:44:7a:6f:b6:
97:9a:a5:b7:e0:64:50:e9:aa:50:a9:32:3d:a5:71:1b:9e:c5:
05:fa:cb:0d:7c:2c:7e:f1:ed:5c:ba:95:53:4d:f9:90:a1:5b:
c3:51:f4:66:d5:de:57:2f:be:d5:e3:e9:28:be:a2:d2:d9:dc:
88:cb:fe:46
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwZ3ZJ4p2O0xLOmz/Bhl76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjMwMTAyMDI1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk5Yjg1YTc0MTgyYWM2ZTQwOWE4YmI0OWYwYjE1ZGVlYWIzZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEntwL/lAg4t2lcNen7W5r2eePDI
Nuf6rOx9RVIGUzWK+lzVP0vedIp+y3GRc7hZR3nsEFUqW3R6M3nML9b/WiZwas4Y
ZwucjIwnGCi77V12i3g0EjmBLJjtYXjl0GRT1n3UdcFI7yRQPjXnCI9uJtbFudK6
/mLp2Evg8cMscnNNNbpsNXdU4Pibh5sXOdXAyrzi87yT3P0dSFzebZZ7LZwXtmTI
zjzSqwwSRn6ZH9pWA7NjgTskg95AdO2v9+UFt33IYwVWIV4/Loq9wUmZs8L7OdYZ
Mby4cRyv73Udz77T9XOjIFmthz+zuPvEKtHKrlfo84qT3f2Z2K28tb7fLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDiZuFp0GCrG5Amou0nwsV3uqz43MB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvT0ptNFduUVlLc2JrQ2FpN1NmQ3hYZTZyUGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAJZz0AwQA
uXQ8MBgEAgACMBIDBwAqDHnAAAEDBwAqDHnAAAMwDQYJKoZIhvcNAQELBQADggEB
AK1apQBHAFI3iNRL8oZn4mkZ/Sg3dM+bksqnTPV82ZyvOT1qO4DMiXCbhD5JN25g
WlZ8SOqV2FBZl3rKsWpHw3hIKlXMgfJFyGvkHG3H3J3ckw7Yhf1hlO9qNTXev6GA
H1WHid6fnb02jZ11uCcB2BI3WdKbkFcbn8llzyMCKh5bRz5vxxAnclV4Pb4mBPNW
iYXhvav0W3++jl0ow3z8qslJ0W34t4mJHV2jagNOJSFkyG0DFm82y8Wy8BPKMyPw
zRrORHpvtpeapbfgZFDpqlCpMj2lcRuexQX6yw18LH7x7Vy6lVNN+ZChW8NR9GbV
3lcvvtXj6Si+otLZ3IjL/kY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:18 2024 by rpki-client on console-fra.rpki-client.org