Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/OLI7kWASN6lf0QbMv63_TTxyR2I.roa
File: OLI7kWASN6lf0QbMv63_TTxyR2I.roa (raw, json)
Hash identifier: GMM9C+Ehz45d7NAbmevIZ5l4wdl46rBYqZBXg6isnvQ=
Subject key identifier: 38:B2:3B:91:60:12:37:A9:5F:D1:06:CC:BF:AD:FF:4D:3C:72:47:62
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018A6574CD31B0CABF4D37F4CC2C6C0C4B2A
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/OLI7kWASN6lf0QbMv63_TTxyR2I.roa
Signing time: Tue 05 Sep 2023 13:07:48 +0000
ROA not before: Tue 05 Sep 2023 13:07:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 91.216.169.0/24 maxlen: 24
91.217.135.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.216.190.0/24 maxlen: 24
45.83.236.0/24 maxlen: 24
45.10.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 14:59:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:74:cd:31:b0:ca:bf:4d:37:f4:cc:2c:6c:0c:4b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Sep 5 13:07:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38b23b91601237a95fd106ccbfadff4d3c724762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:78:2e:6f:aa:bc:aa:0e:ff:94:7e:3d:99:
aa:dc:33:8e:15:22:0b:13:91:1b:d4:f8:2b:23:db:
ea:45:eb:76:b2:eb:e2:5c:10:45:cf:b4:f3:26:42:
10:0d:a0:e0:d9:bf:b6:28:b1:16:51:88:7b:ea:c5:
7b:27:b8:7e:b1:34:9a:09:c1:2e:5b:69:bf:ab:be:
e7:11:d2:1e:c3:f6:73:35:78:7e:a6:42:26:02:d2:
b1:e7:75:41:d4:76:39:84:a9:bc:c3:40:ae:d7:d8:
74:ee:66:8a:5d:55:fd:7f:c2:9c:bc:c0:31:11:ce:
3c:cf:12:76:a4:3a:9c:9d:b8:29:ca:4c:b1:50:55:
5f:8e:a2:37:22:09:44:dc:57:d8:7a:92:2c:27:af:
0f:94:a7:ee:8a:31:ad:68:50:ee:28:4a:46:4c:c9:
42:e3:a3:7f:25:01:fd:db:e8:20:86:57:fd:a3:0a:
25:a0:8e:13:df:b0:75:9c:9d:df:ec:85:f6:1f:61:
d9:48:36:f9:29:e2:8e:ec:8a:06:72:88:83:69:72:
d8:18:52:85:b8:54:f4:c9:26:16:19:e6:bf:10:7e:
30:f9:03:76:e7:98:e5:b3:fa:9e:0f:26:39:be:36:
52:0c:7f:95:2d:40:1f:e0:ab:e9:de:32:cd:bb:dd:
d0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B2:3B:91:60:12:37:A9:5F:D1:06:CC:BF:AD:FF:4D:3C:72:47:62
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/OLI7kWASN6lf0QbMv63_TTxyR2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.68.0/24
45.83.236.0/24
91.213.200.0/24
91.216.169.0/24
91.216.190.0/24
91.217.135.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:f4:04:bf:72:95:8f:00:53:be:64:0e:3d:c2:a5:0f:d6:86:
71:0d:93:b1:fe:56:30:dc:55:65:0e:61:89:d4:c5:fd:7e:39:
a9:2b:d1:d7:71:3e:fc:6f:cd:75:61:36:12:48:e5:a9:2b:21:
b5:d2:1b:4a:e9:55:9d:ff:9f:8b:58:a7:72:22:12:0c:43:a8:
13:fc:6f:28:4c:49:f7:db:db:11:68:d8:bf:76:51:a3:2e:ea:
f6:d9:23:a4:ab:b0:8c:18:15:52:99:dc:74:d5:6d:ad:6d:97:
9a:20:7b:d1:06:d1:9b:ae:87:52:06:8a:28:48:1c:30:77:1d:
d5:ad:e7:75:bf:43:52:36:e5:6e:c7:88:68:37:3e:38:c5:72:
ef:c4:21:40:d4:f2:23:70:ce:a2:38:aa:81:41:e5:3c:5a:c6:
1b:11:13:1f:ef:4c:88:bf:78:21:7f:9e:b9:b0:8a:ca:fa:1f:
d1:2c:83:81:28:b7:36:e0:30:34:5a:90:cd:cb:d7:6d:9e:8c:
a7:08:42:b0:ca:a6:76:b2:e3:79:d8:d7:59:ff:6b:ce:49:28:
ec:7a:8c:bb:1d:fe:4c:a4:ab:6f:01:f0:53:5e:b6:9f:b0:59:
28:7a:12:5b:3d:80:b9:6c:85:58:7b:ce:29:77:0f:74:1c:e0:
c9:88:77:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYpldM0xsMq/TTf0zCxsDEsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwOTA1MTMwNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIyM2I5MTYwMTIzN2E5NWZkMTA2Y2NiZmFkZmY0ZDNjNzI0NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndR4Lm+qvKoO/5R+PZmq3DOOFSIL
E5Eb1PgrI9vqRet2suviXBBFz7TzJkIQDaDg2b+2KLEWUYh76sV7J7h+sTSaCcEu
W2m/q77nEdIew/ZzNXh+pkImAtKx53VB1HY5hKm8w0Cu19h07maKXVX9f8KcvMAx
Ec48zxJ2pDqcnbgpykyxUFVfjqI3IglE3FfYepIsJ68PlKfuijGtaFDuKEpGTMlC
46N/JQH92+gghlf9owoloI4T37B1nJ3f7IX2H2HZSDb5KeKO7IoGcoiDaXLYGFKF
uFT0ySYWGea/EH4w+QN255jls/qeDyY5vjZSDH+VLUAf4Kvp3jLNu93QZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDiyO5FgEjepX9EGzL+t/008ckdiMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvT0xJN2tXQVNONmxmMFFiTXY2M19UVHh5UjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQpEAwQA
LVPsAwQAW9XIAwQAW9ipAwQAW9i+AwQAW9mHMA0GCSqGSIb3DQEBCwUAA4IBAQA7
9AS/cpWPAFO+ZA49wqUP1oZxDZOx/lYw3FVlDmGJ1MX9fjmpK9HXcT78b811YTYS
SOWpKyG10htK6VWd/5+LWKdyIhIMQ6gT/G8oTEn329sRaNi/dlGjLur22SOkq7CM
GBVSmdx01W2tbZeaIHvRBtGbrodSBoooSBwwdx3Vred1v0NSNuVux4hoNz44xXLv
xCFA1PIjcM6iOKqBQeU8WsYbERMf70yIv3ghf565sIrK+h/RLIOBKLc24DA0WpDN
y9dtnoynCEKwyqZ2suN52NdZ/2vOSSjseoy7Hf5MpKtvAfBTXrafsFkoehJbPYC5
bIVYe84pdw90HODJiHdz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org