Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OpbU2G4_O9Dgc9y8NZgTrpfQ9fs.roa
File: OpbU2G4_O9Dgc9y8NZgTrpfQ9fs.roa (raw, json)
Hash identifier: J78hymPDlt4Kye986SH0/ZR8siudTw3p2F5z4RBlvgE=
Subject key identifier: 3A:96:D4:D8:6E:3F:3B:D0:E0:73:DC:BC:35:98:13:AE:97:D0:F5:FB
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 0186FDA88D53C1456043A058E598B1B63687
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OpbU2G4_O9Dgc9y8NZgTrpfQ9fs.roa
Signing time: Mon 20 Mar 2023 06:15:27 +0000
ROA not before: Mon 20 Mar 2023 06:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210402
IP address blocks: 91.106.36.0/22 maxlen: 22
91.106.36.0/24 maxlen: 24
91.106.37.0/24 maxlen: 24
91.106.38.0/24 maxlen: 24
91.106.39.0/24 maxlen: 24
91.106.38.0/23 maxlen: 23
91.106.57.0/24 maxlen: 24
91.106.58.0/24 maxlen: 24
91.106.53.0/24 maxlen: 24
91.106.54.0/24 maxlen: 24
91.106.55.0/24 maxlen: 24
91.106.56.0/24 maxlen: 24
91.106.56.0/22 maxlen: 22
91.106.52.0/24 maxlen: 24
91.106.60.0/24 maxlen: 24
91.106.61.0/24 maxlen: 24
91.106.62.0/24 maxlen: 24
91.106.63.0/24 maxlen: 24
91.106.59.0/24 maxlen: 24
91.106.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 May 2023 06:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fd:a8:8d:53:c1:45:60:43:a0:58:e5:98:b1:b6:36:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Mar 20 06:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a96d4d86e3f3bd0e073dcbc359813ae97d0f5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b8:24:81:a8:2f:4f:56:45:5f:b7:d8:db:7c:
88:2b:0b:8d:91:8c:7c:6b:9b:11:19:a5:b0:f5:16:
5c:49:12:ee:4e:55:49:2b:0e:ab:19:f9:5b:8c:3a:
b7:ee:88:3d:ff:08:03:ea:25:16:8b:bd:69:c1:ce:
43:13:2f:e0:cc:b8:77:57:15:58:f0:d3:0a:f2:93:
6a:46:61:f7:82:6f:65:13:0c:26:d0:2f:29:1a:51:
0f:49:c0:85:b9:03:ed:a8:0c:16:ef:9e:fb:91:3b:
f4:7c:4c:58:f0:5c:7d:b7:b1:43:c8:b5:c0:b6:99:
01:00:89:1a:91:55:fa:b3:d4:90:eb:b8:82:f6:54:
aa:2b:5b:90:09:b0:3f:7c:9c:bf:c6:1e:f8:81:f9:
bc:38:01:1a:c0:05:5c:6b:de:8a:61:30:b1:99:16:
dd:d2:02:b2:d2:4f:5c:a0:2d:d1:4f:8d:21:e4:d2:
30:ad:ca:eb:af:dc:e4:ed:bf:e3:ce:68:9a:d9:7b:
89:84:49:77:9c:35:d1:26:91:8d:2b:84:23:0f:70:
fd:33:04:00:a7:69:61:e8:8b:21:a3:99:d3:2f:27:
6b:83:df:9d:33:86:9c:40:2d:78:64:65:c8:50:a2:
78:72:a4:df:1b:98:ca:d9:29:b6:fd:2b:a7:36:8e:
db:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:D4:D8:6E:3F:3B:D0:E0:73:DC:BC:35:98:13:AE:97:D0:F5:FB
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OpbU2G4_O9Dgc9y8NZgTrpfQ9fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.36.0/22
91.106.52.0-91.106.63.255
Signature Algorithm: sha256WithRSAEncryption
51:94:b7:5f:62:b5:f6:a9:da:2c:10:75:12:01:b3:4c:39:3f:
20:de:c6:46:2d:9e:55:24:e5:e1:3f:07:b2:14:e2:fb:5d:3e:
cb:16:ae:ef:58:7e:10:98:5f:38:50:9d:77:70:a3:1e:39:c5:
c1:e7:e1:89:4d:06:b9:c1:57:74:1f:79:29:66:bb:78:84:11:
d1:67:48:a6:19:95:40:eb:85:2a:e4:a1:7e:4e:23:69:67:e0:
93:6c:db:9e:bb:1e:2d:e8:21:a8:a7:2a:32:40:76:3b:cd:d7:
fa:bb:00:e1:c0:63:a6:94:ee:c7:10:8a:70:30:77:4b:42:f2:
bc:bb:b7:e7:30:97:93:8f:a8:5a:29:d4:b6:2e:d7:4e:0e:14:
e4:ca:34:61:57:1d:e7:ae:e4:7f:48:3b:e9:e9:20:c4:fe:4f:
0c:9c:b4:5d:2b:4f:cb:50:95:83:a7:d0:d9:06:8f:95:5a:2b:
c7:ae:06:96:36:1d:6a:25:ec:1a:bf:d3:93:53:45:a4:24:20:
61:28:21:c1:59:e6:a1:2f:10:5e:c7:ec:47:8e:91:38:77:83:
e3:c2:2a:92:32:83:38:57:bf:ca:2c:b3:54:c3:06:39:fb:f7:
27:4c:db:29:38:da:b4:0a:c5:6d:18:af:d6:69:70:a7:4a:62:
1c:b1:5c:e6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYb9qI1TwUVgQ6BY5ZixtjaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMwMzIwMDYxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2ZDRkODZlM2YzYmQwZTA3M2RjYmMzNTk4MTNhZTk3ZDBmNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrgkgagvT1ZFX7fY23yIKwuNkYx8
a5sRGaWw9RZcSRLuTlVJKw6rGflbjDq37og9/wgD6iUWi71pwc5DEy/gzLh3VxVY
8NMK8pNqRmH3gm9lEwwm0C8pGlEPScCFuQPtqAwW7577kTv0fExY8Fx9t7FDyLXA
tpkBAIkakVX6s9SQ67iC9lSqK1uQCbA/fJy/xh74gfm8OAEawAVca96KYTCxmRbd
0gKy0k9coC3RT40h5NIwrcrrr9zk7b/jzmia2XuJhEl3nDXRJpGNK4QjD3D9MwQA
p2lh6Isho5nTLydrg9+dM4acQC14ZGXIUKJ4cqTfG5jK2Sm2/SunNo7bRQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDqW1NhuPzvQ4HPcvDWYE66X0PX7MB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvT3BiVTJHNF9POURnYzl5OE5aZ1RycGZROWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW2okMAwD
BAJbajQDBAZbagAwDQYJKoZIhvcNAQELBQADggEBAFGUt19itfap2iwQdRIBs0w5
PyDexkYtnlUk5eE/B7IU4vtdPssWru9YfhCYXzhQnXdwox45xcHn4YlNBrnBV3Qf
eSlmu3iEEdFnSKYZlUDrhSrkoX5OI2ln4JNs2567Hi3oIainKjJAdjvN1/q7AOHA
Y6aU7scQinAwd0tC8ry7t+cwl5OPqFop1LYu104OFOTKNGFXHeeu5H9IO+npIMT+
TwyctF0rT8tQlYOn0NkGj5VaK8euBpY2HWol7Bq/05NTRaQkIGEoIcFZ5qEvEF7H
7EeOkTh3g+PCKpIygzhXv8oss1TDBjn79ydM2yk42rQKxW0Yr9ZpcKdKYhyxXOY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org