Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/o0nXz_LwZXKs3tMsvmT5mIHLsoI.roa
File: o0nXz_LwZXKs3tMsvmT5mIHLsoI.roa (raw, json)
Hash identifier: U+kXycD43QDi3qgvJfeSNK3KBs6GTccTn0OqSShEmGw=
Subject key identifier: A3:49:D7:CF:F2:F0:65:72:AC:DE:D3:2C:BE:64:F9:98:81:CB:B2:82
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83A17B4B1533818EC81DE73FFAD28
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/o0nXz_LwZXKs3tMsvmT5mIHLsoI.roa
Signing time: Sun 01 Jan 2023 09:44:50 +0000
ROA not before: Sun 01 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8953
IP address blocks: 92.180.0.0/17 maxlen: 24
90.84.224.0/20 maxlen: 24
90.95.0.0/16 maxlen: 24
90.84.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3a:17:b4:b1:53:38:18:ec:81:de:73:ff:ad:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a349d7cff2f06572acded32cbe64f99881cbb282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:65:54:02:24:06:23:cc:9d:15:20:3c:84:f9:
dd:54:d4:ff:fb:8f:b8:37:da:08:0f:88:86:26:da:
82:91:98:3c:56:a3:a8:4c:66:09:76:89:49:de:dd:
e9:fa:7c:3a:28:15:e4:6a:9d:fc:8b:c7:c9:88:b2:
ce:83:5d:56:3b:7d:e0:ef:31:d2:15:91:5c:cb:7a:
c0:22:0a:38:c5:67:dd:31:01:97:03:0f:da:ec:dd:
b9:ed:45:52:a2:30:d3:cd:2d:f8:55:bd:f6:fc:2c:
6e:65:13:61:66:e0:a5:5c:c6:ea:e1:97:72:6f:f6:
1b:21:76:98:a7:25:cb:09:0a:08:a5:2b:92:b9:07:
0b:72:07:38:88:20:41:a4:22:3b:04:26:35:3a:d6:
e3:8d:11:e8:0a:0e:89:8f:a6:80:ba:6b:2d:2d:bd:
91:c7:37:2e:5c:b9:6f:5c:b2:7a:97:5f:e0:5e:af:
39:6b:a9:17:a9:17:0b:51:66:9d:73:f6:45:20:9e:
ab:b4:1d:38:3a:b9:8e:b6:b0:ad:af:71:32:7b:da:
df:03:6e:59:7e:b4:64:e2:8c:62:bb:4d:86:e5:a0:
f1:dc:55:3d:bd:60:2d:9c:b6:a2:d4:1f:5c:9c:d7:
32:8f:30:dc:5f:b3:72:db:16:74:5c:8e:68:bb:01:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:49:D7:CF:F2:F0:65:72:AC:DE:D3:2C:BE:64:F9:98:81:CB:B2:82
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/o0nXz_LwZXKs3tMsvmT5mIHLsoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.208.0/21
90.84.224.0/20
90.95.0.0/16
92.180.0.0/17
Signature Algorithm: sha256WithRSAEncryption
27:90:55:59:63:43:82:b6:e6:f4:83:0b:58:71:71:18:a4:75:
50:7b:a8:b0:35:5e:a6:7a:d2:20:3a:71:81:04:9e:6a:e0:37:
da:89:3d:2d:67:15:b7:66:7e:e5:bf:8c:e2:2b:ad:bc:be:ac:
c8:7b:cd:bc:b9:d0:f6:8b:47:1a:e2:2e:c9:e1:3b:16:60:2d:
a1:dc:26:57:dd:77:ce:91:b8:03:67:ad:6c:46:3e:af:ff:d3:
63:3c:12:0c:38:ba:69:9b:03:3a:79:b6:6c:27:c7:26:87:58:
35:fc:8a:c1:87:cc:db:2b:a3:e6:e6:49:1d:df:75:5d:2e:98:
3c:ed:0e:6a:a0:e9:a4:04:4a:c0:ea:da:df:0c:10:f5:4e:cb:
4f:fc:57:ef:d7:11:a2:b2:88:bf:02:de:fc:5b:d9:12:13:03:
fe:35:0b:ce:73:6d:e8:48:6d:68:21:46:1c:bb:5e:49:1a:3d:
5b:1e:b8:fe:00:30:7e:24:bf:2a:83:17:60:5f:7e:fd:da:aa:
65:e5:49:46:d4:b4:db:66:8f:cc:0f:db:cc:2e:23:7c:2d:67:
1d:84:1d:76:53:02:7e:cf:9c:e0:f5:28:29:ef:c5:42:36:fd:
03:54:5a:cf:7c:43:78:57:09:83:93:05:1d:52:0d:1c:43:62:
85:93:53:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsuDoXtLFTOBjsgd5z/60oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ5ZDdjZmYyZjA2NTcyYWNkZWQzMmNiZTY0Zjk5ODgxY2JiMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmVUAiQGI8ydFSA8hPndVNT/+4+4
N9oID4iGJtqCkZg8VqOoTGYJdolJ3t3p+nw6KBXkap38i8fJiLLOg11WO33g7zHS
FZFcy3rAIgo4xWfdMQGXAw/a7N257UVSojDTzS34Vb32/CxuZRNhZuClXMbq4Zdy
b/YbIXaYpyXLCQoIpSuSuQcLcgc4iCBBpCI7BCY1OtbjjRHoCg6Jj6aAumstLb2R
xzcuXLlvXLJ6l1/gXq85a6kXqRcLUWadc/ZFIJ6rtB04OrmOtrCtr3Eye9rfA25Z
frRk4oxiu02G5aDx3FU9vWAtnLai1B9cnNcyjzDcX7Ny2xZ0XI5ouwGAjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNJ18/y8GVyrN7TLL5k+ZiBy7KCMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbzBuWHpfTHdaWEtzM3RNc3ZtVDVtSUhMc29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQDWlTQAwQE
WlTgAwMAWl8DBAdctAAwDQYJKoZIhvcNAQELBQADggEBACeQVVljQ4K25vSDC1hx
cRikdVB7qLA1XqZ60iA6cYEEnmrgN9qJPS1nFbdmfuW/jOIrrby+rMh7zby50PaL
RxriLsnhOxZgLaHcJlfdd86RuANnrWxGPq//02M8Egw4ummbAzp5tmwnxyaHWDX8
isGHzNsro+bmSR3fdV0umDztDmqg6aQESsDq2t8MEPVOy0/8V+/XEaKyiL8C3vxb
2RITA/41C85zbehIbWghRhy7XkkaPVseuP4AMH4kvyqDF2Bffv3aqmXlSUbUtNtm
j8wP28wuI3wtZx2EHXZTAn7PnOD1KCnvxUI2/QNUWs98Q3hXCYOTBR1SDRxDYoWT
U+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org