Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/omhmfpsrhcr5jDOTOxwBH1qm4RE.roa
File: omhmfpsrhcr5jDOTOxwBH1qm4RE.roa (raw, json)
Hash identifier: 0/0eJnSVua/C405XFMe/HaxtPmZPXjZ++3mvrBo5BFw=
Subject key identifier: A2:68:66:7E:9B:2B:85:CA:F9:8C:33:93:3B:1C:01:1F:5A:A6:E1:11
Certificate issuer: /CN=f811fa5eff370bc36d0e3929625e3414081a2392
Certificate serial: 01856EA6C14F1A8D82BF7CCEAB956FF3667F
Authority key identifier: F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/omhmfpsrhcr5jDOTOxwBH1qm4RE.roa
Signing time: Sun 01 Jan 2023 18:45:00 +0000
ROA not before: Sun 01 Jan 2023 18:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42187
IP address blocks: 185.33.120.0/22 maxlen: 22
94.127.94.0/24 maxlen: 24
94.127.92.0/24 maxlen: 24
78.41.88.0/22 maxlen: 22
78.41.92.0/22 maxlen: 24
91.190.232.0/22 maxlen: 24
94.127.88.0/22 maxlen: 24
2a01:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c1:4f:1a:8d:82:bf:7c:ce:ab:95:6f:f3:66:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f811fa5eff370bc36d0e3929625e3414081a2392
Validity
Not Before: Jan 1 18:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a268667e9b2b85caf98c33933b1c011f5aa6e111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2e:a0:62:ee:29:9f:2c:0d:cd:c3:7c:cc:60:
bf:08:b2:80:ae:54:d6:b6:2e:62:fd:dc:ae:47:0d:
2a:2d:1c:e1:c7:2c:4d:bb:e6:02:ab:0e:4b:62:47:
7f:ec:65:d2:75:67:4c:3f:0f:4e:94:f8:c2:64:fb:
17:c3:3a:84:0a:e2:9e:43:a5:59:54:ec:53:d8:23:
0a:02:78:17:92:9a:c5:42:00:6a:9b:88:ba:9c:77:
d9:02:5c:43:cf:b6:43:cf:6a:a4:fc:75:5e:98:6a:
a4:ac:5b:a3:d2:18:bc:d0:0c:ab:88:77:e8:19:b8:
b6:3f:c2:e6:9c:c7:d9:f6:a2:19:00:68:36:6e:ac:
19:fe:ea:12:55:4b:6b:87:62:c3:59:ce:6e:5d:ee:
d2:29:1a:d3:79:18:56:c0:07:10:6c:1f:eb:70:18:
e0:c2:42:27:b9:40:5e:07:eb:05:91:6d:98:c3:de:
f8:12:a4:69:30:66:c0:b5:49:3c:59:86:19:b8:f2:
6a:21:83:1f:18:a9:9d:a3:d7:b5:2c:4f:e8:bb:39:
25:f5:c4:51:2c:13:6d:b8:49:28:6b:9c:bb:7f:3b:
28:b6:38:bb:51:db:66:69:16:da:58:bb:a3:c4:4b:
09:74:fc:e8:15:53:b5:61:c8:2d:3b:c9:a6:c6:ee:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:68:66:7E:9B:2B:85:CA:F9:8C:33:93:3B:1C:01:1F:5A:A6:E1:11
X509v3 Authority Key Identifier:
keyid:F8:11:FA:5E:FF:37:0B:C3:6D:0E:39:29:62:5E:34:14:08:1A:23:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BH6Xv83C8NtDjkpYl40FAgaI5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/omhmfpsrhcr5jDOTOxwBH1qm4RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a293d-2ad3-4114-a2b1-1cc505501a0f/1/1-BH6Xv83C8NtDjkpYl40FAgaI5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.88.0/21
91.190.232.0/22
94.127.88.0-94.127.92.255
94.127.94.0/24
185.33.120.0/22
IPv6:
2a01:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
c3:d2:1e:99:96:45:50:ea:42:b6:8f:58:a9:8c:8e:1f:6f:25:
f0:36:f2:d2:c6:43:f0:fd:6e:74:bc:b7:4c:63:70:31:29:46:
e9:25:32:10:0f:b4:b5:06:41:3a:f6:12:51:eb:f6:75:69:76:
ee:4e:b6:d9:c9:5b:83:ae:21:fc:21:ae:67:07:57:78:74:ad:
fb:e5:39:96:5f:ef:58:4d:f4:17:5b:7e:b6:6b:cb:14:3d:23:
63:34:b7:0d:01:2a:37:c0:ad:26:cd:91:86:f2:09:cf:60:6c:
47:88:3b:91:6c:f1:0e:e4:db:80:c6:db:f6:67:4c:83:b1:92:
90:61:f5:96:ba:78:f2:07:93:84:4c:b9:c7:00:78:98:bf:5a:
b8:5d:3b:24:98:ec:21:2a:f3:1a:ff:73:83:d5:d6:24:94:2e:
cf:12:b3:e5:90:5a:71:b8:be:c1:9c:ff:a4:27:d6:7c:26:9b:
73:29:60:23:db:0a:76:96:78:b6:19:41:89:9b:e7:f8:94:31:
d0:60:76:e1:23:e5:09:57:21:d0:dd:ff:79:55:49:33:75:29:
b4:44:b4:bd:c2:f2:54:4e:b0:6c:83:c1:af:32:f3:fb:74:bf:
61:ce:81:37:13:97:a9:c8:ed:a0:e6:02:fa:6f:76:46:62:6e:
8a:15:a3:ba
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVupsFPGo2Cv3zOq5Vv82Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTFmYTVlZmYzNzBiYzM2ZDBlMzkyOTYyNWUzNDE0MDgx
YTIzOTIwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY4NjY3ZTliMmI4NWNhZjk4YzMzOTMzYjFjMDExZjVhYTZlMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly6gYu4pnywNzcN8zGC/CLKArlTW
ti5i/dyuRw0qLRzhxyxNu+YCqw5LYkd/7GXSdWdMPw9OlPjCZPsXwzqECuKeQ6VZ
VOxT2CMKAngXkprFQgBqm4i6nHfZAlxDz7ZDz2qk/HVemGqkrFuj0hi80AyriHfo
Gbi2P8LmnMfZ9qIZAGg2bqwZ/uoSVUtrh2LDWc5uXe7SKRrTeRhWwAcQbB/rcBjg
wkInuUBeB+sFkW2Yw974EqRpMGbAtUk8WYYZuPJqIYMfGKmdo9e1LE/ouzkl9cRR
LBNtuEkoa5y7fzsotji7UdtmaRbaWLujxEsJdPzoFVO1YcgtO8mmxu5s/QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKJoZn6bK4XK+YwzkzscAR9apuERMB8GA1UdIwQY
MBaAFPgR+l7/NwvDbQ45KWJeNBQIGiOSMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CSDZYdjgzQzhOdERqa3BZbDQwRkFnYUk1SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIx
LTFjYzUwNTUwMWEwZi8xL29taG1mcHNyaGNyNWpET1RPeHdCSDFxbTRSRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNGEyOTNkLTJhZDMtNDExNC1hMmIxLTFjYzUwNTUwMWEw
Zi8xLzEtQkg2WHY4M0M4TnREamtwWWw0MEZBZ2FJNUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYDBANOKVgD
BAJbvugwDAMEA15/WAMEAF5/XAMEAF5/XgMEArkheDANBAIAAjAHAwUAKgGfADAN
BgkqhkiG9w0BAQsFAAOCAQEAw9IemZZFUOpCto9YqYyOH28l8Dby0sZD8P1udLy3
TGNwMSlG6SUyEA+0tQZBOvYSUev2dWl27k622clbg64h/CGuZwdXeHSt++U5ll/v
WE30F1t+tmvLFD0jYzS3DQEqN8CtJs2RhvIJz2BsR4g7kWzxDuTbgMbb9mdMg7GS
kGH1lrp48geThEy5xwB4mL9auF07JJjsISrzGv9zg9XWJJQuzxKz5ZBacbi+wZz/
pCfWfCabcylgI9sKdpZ4thlBiZvn+JQx0GB24SPlCVch0N3/eVVJM3UptES0vcLy
VE6wbIPBrzLz+3S/Yc6BNxOXqcjtoOYC+m92RmJuihWjug==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:52 2024 by rpki-client on console-ams.rpki-client.org