Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tQ8nGCzM_URvX7jpZJj4E1n-orw.roa
File: tQ8nGCzM_URvX7jpZJj4E1n-orw.roa (raw, json)
Hash identifier: I/q0GazeO2cw5hGNePKn5XpwcnCXXyClKuVbKfSv/ok=
Subject key identifier: B5:0F:27:18:2C:CC:FD:44:6F:5F:B8:E9:64:98:F8:13:59:FE:A2:BC
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB8492C065383637DE92CB55BAC713E
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tQ8nGCzM_URvX7jpZJj4E1n-orw.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31204
IP address blocks: 92.181.0.0/17 maxlen: 24
92.181.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:49:2c:06:53:83:63:7d:e9:2c:b5:5b:ac:71:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b50f27182cccfd446f5fb8e96498f81359fea2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:08:7e:99:a2:8b:60:75:69:34:9c:51:b2:27:
81:bd:f5:a7:88:0a:f4:7a:85:70:66:41:0c:b6:25:
73:00:83:cf:e6:1a:cc:a8:02:30:0b:e7:e2:fa:92:
c4:9c:8c:ef:a7:1d:30:36:01:07:5a:7b:72:ea:a0:
6a:c5:04:61:5a:df:b8:39:28:66:af:18:b7:00:0e:
fe:a8:89:ab:d9:96:f3:b8:b2:72:a4:05:62:84:bd:
5c:f8:28:40:fe:db:e9:75:cf:0b:c5:f7:e6:63:08:
f0:cc:88:97:00:10:0a:a5:7e:4b:83:31:7d:43:8e:
ff:bb:f0:a4:f5:29:3c:df:fb:9c:4e:50:76:85:98:
76:c4:9c:fe:2a:8e:cb:39:24:79:5e:0a:fa:3e:ed:
f9:1e:0d:c1:63:6a:0c:0b:28:59:f9:c4:4e:ca:44:
7b:1c:58:d8:86:c5:b6:1f:8d:72:ba:8c:d5:0e:b3:
7b:5b:4d:20:83:14:5f:c9:94:c7:88:a0:a9:23:50:
4e:4e:e8:0e:06:4c:53:12:12:9b:1d:52:4b:57:2a:
0f:a7:e2:2c:4a:22:08:9c:84:f8:bb:28:4f:45:79:
d2:68:71:35:9b:a9:0b:b8:3e:e3:3b:26:d3:9e:0e:
e3:62:2d:f2:6a:e9:18:88:88:39:9a:3a:bb:ee:70:
ed:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0F:27:18:2C:CC:FD:44:6F:5F:B8:E9:64:98:F8:13:59:FE:A2:BC
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/tQ8nGCzM_URvX7jpZJj4E1n-orw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.181.0.0-92.181.159.255
Signature Algorithm: sha256WithRSAEncryption
24:44:65:4f:80:2d:80:1a:86:02:3a:cf:d1:ec:4a:11:50:11:
79:94:2f:b8:b7:e2:44:78:c4:53:e2:c6:00:54:64:99:30:9c:
b6:09:27:e2:61:49:08:f0:38:13:8b:d7:ad:6b:76:37:fb:4a:
ad:86:62:6a:9a:65:e2:6b:b1:37:6f:1d:0f:b4:73:b8:d3:b3:
b5:03:c1:5f:3f:6e:8a:b6:7f:e8:b9:a8:f5:18:2c:d5:7d:ad:
74:76:83:01:88:3d:7b:59:84:14:d5:64:85:9f:82:ff:f5:4a:
70:0f:b9:7e:5e:35:2c:09:1c:1e:38:1d:66:9a:12:5c:02:50:
79:41:87:66:b5:40:3b:f9:f1:6d:93:90:0e:62:ff:92:e2:15:
28:e8:1f:d5:85:c3:11:66:5a:01:7c:7c:a7:39:59:d9:6d:eb:
b6:de:cd:24:a2:d0:5b:bf:0f:f6:25:42:32:b2:25:a4:e6:8f:
bf:0d:ab:2f:b1:ae:67:a0:34:16:5a:e8:26:5a:e4:58:7e:1e:
81:b8:16:b8:b6:5d:54:74:2e:e4:07:20:53:5d:9f:26:5c:5a:
dd:a2:15:d6:e2:6d:cf:a4:42:7b:de:cf:54:ac:84:15:9f:89:
3e:ed:cd:3d:11:3e:7b:8b:d6:a5:da:34:cc:55:91:c5:08:79:
be:f2:94:c7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVsuEksBlODY33pLLVbrHE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTBmMjcxODJjY2NmZDQ0NmY1ZmI4ZTk2NDk4ZjgxMzU5ZmVhMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgh+maKLYHVpNJxRsieBvfWniAr0
eoVwZkEMtiVzAIPP5hrMqAIwC+fi+pLEnIzvpx0wNgEHWnty6qBqxQRhWt+4OShm
rxi3AA7+qImr2ZbzuLJypAVihL1c+ChA/tvpdc8LxffmYwjwzIiXABAKpX5LgzF9
Q47/u/Ck9Sk83/ucTlB2hZh2xJz+Ko7LOSR5Xgr6Pu35Hg3BY2oMCyhZ+cROykR7
HFjYhsW2H41yuozVDrN7W00ggxRfyZTHiKCpI1BOTugOBkxTEhKbHVJLVyoPp+Is
SiIInIT4uyhPRXnSaHE1m6kLuD7jOybTng7jYi3yaukYiIg5mjq77nDtGwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFLUPJxgszP1Eb1+46WSY+BNZ/qK8MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvdFE4bkdDek1fVVJ2WDdqcFpKajRFMW4tb3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwBctQME
BVy1gDANBgkqhkiG9w0BAQsFAAOCAQEAJERlT4AtgBqGAjrP0exKEVAReZQvuLfi
RHjEU+LGAFRkmTCctgkn4mFJCPA4E4vXrWt2N/tKrYZiappl4muxN28dD7RzuNOz
tQPBXz9uirZ/6Lmo9Rgs1X2tdHaDAYg9e1mEFNVkhZ+C//VKcA+5fl41LAkcHjgd
ZpoSXAJQeUGHZrVAO/nxbZOQDmL/kuIVKOgf1YXDEWZaAXx8pzlZ2W3rtt7NJKLQ
W78P9iVCMrIlpOaPvw2rL7GuZ6A0FlroJlrkWH4egbgWuLZdVHQu5AcgU12fJlxa
3aIV1uJtz6RCe97PVKyEFZ+JPu3NPRE+e4vWpdo0zFWRxQh5vvKUxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org