Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7a681a-60ae-4ef3-b957-7a994dd3d32a/1/OXGBcre9LKztRRkj9EzHil3H7pc.roa
File: OXGBcre9LKztRRkj9EzHil3H7pc.roa (raw, json)
Hash identifier: c1h49AZ37jkGqxm+0WQkiG9JXF18FML3RSMf9uhzFUk=
Subject key identifier: 39:71:81:72:B7:BD:2C:AC:ED:45:19:23:F4:4C:C7:8A:5D:C7:EE:97
Certificate issuer: /CN=83b31e4956a84e6b2a41244016acbc43ce81abbc
Certificate serial: 0185720C7FE2FB062C4377E286F74CCC3086
Authority key identifier: 83:B3:1E:49:56:A8:4E:6B:2A:41:24:40:16:AC:BC:43:CE:81:AB:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7MeSVaoTmsqQSRAFqy8Q86Bq7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7a681a-60ae-4ef3-b957-7a994dd3d32a/1/OXGBcre9LKztRRkj9EzHil3H7pc.roa
Signing time: Mon 02 Jan 2023 10:34:59 +0000
ROA not before: Mon 02 Jan 2023 10:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48642
IP address blocks: 91.193.148.0/22 maxlen: 22
195.206.226.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:7f:e2:fb:06:2c:43:77:e2:86:f7:4c:cc:30:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83b31e4956a84e6b2a41244016acbc43ce81abbc
Validity
Not Before: Jan 2 10:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39718172b7bd2caced451923f44cc78a5dc7ee97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:67:43:7a:73:21:d8:68:bd:17:5d:d3:07:cf:
ef:60:fd:88:a2:d5:cd:9b:6c:e9:9c:49:b0:44:07:
5c:0e:6d:75:2b:7b:cb:ec:78:6f:8b:6a:43:64:23:
58:4d:99:f8:57:78:c8:0d:52:09:34:91:2c:30:35:
40:0d:d1:22:e0:50:08:9d:42:45:61:d0:f5:75:a2:
27:85:29:c5:06:53:5e:bb:cc:82:c5:27:9e:58:09:
db:54:6a:3a:8b:15:27:03:74:1d:c4:85:9f:fd:ca:
ac:1a:96:01:21:cf:24:3e:70:76:88:7f:c2:50:e4:
be:39:83:3e:36:f2:ec:a6:b1:9f:1e:04:bb:7b:31:
b7:e5:19:f2:de:cf:cb:c0:6c:8a:69:cb:a1:bd:b0:
52:8d:8c:4f:de:3a:de:15:89:69:f5:cb:8a:5e:6d:
f8:35:62:e3:87:95:16:83:d1:62:b1:05:03:d5:ce:
de:06:ad:86:49:f6:42:95:c4:a2:a0:24:5a:10:b3:
02:2e:5b:16:34:ed:3e:b1:2c:8a:3a:49:5d:d6:de:
6b:5e:13:d1:ab:94:45:26:00:f9:95:89:19:93:e6:
e4:a0:e5:46:d0:c1:bc:e8:b8:ae:9c:d3:9b:a6:81:
7c:3d:ff:5c:87:0a:c4:93:95:db:ef:1d:28:f6:44:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:71:81:72:B7:BD:2C:AC:ED:45:19:23:F4:4C:C7:8A:5D:C7:EE:97
X509v3 Authority Key Identifier:
keyid:83:B3:1E:49:56:A8:4E:6B:2A:41:24:40:16:AC:BC:43:CE:81:AB:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7MeSVaoTmsqQSRAFqy8Q86Bq7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7a681a-60ae-4ef3-b957-7a994dd3d32a/1/OXGBcre9LKztRRkj9EzHil3H7pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7a681a-60ae-4ef3-b957-7a994dd3d32a/1/g7MeSVaoTmsqQSRAFqy8Q86Bq7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.148.0/22
195.206.226.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:0f:a0:66:53:c9:08:4c:37:68:9e:73:e4:f5:29:cf:12:86:
b3:ae:0f:84:4b:ef:dc:94:d4:10:cb:b9:7d:f9:fd:67:d7:75:
46:65:85:60:a4:00:2c:fc:b9:fe:1e:68:61:1c:b4:26:7b:c3:
56:85:0f:af:3d:7f:75:cd:50:e7:e2:52:1e:60:9b:d2:25:fd:
0b:12:62:03:e6:a1:e2:6e:e5:88:77:a8:96:f9:ac:13:8b:fa:
12:45:9d:74:77:60:36:b1:ba:a0:ee:b4:cf:f4:f4:bf:4d:d3:
90:e0:b6:bf:b4:0a:e2:62:74:60:60:62:ce:af:32:f9:cf:0c:
11:4b:ab:c4:df:ca:14:3a:a9:97:ed:ec:8e:af:4e:8f:e5:18:
1a:29:55:ef:68:84:c6:81:90:3b:76:f9:45:77:ab:e7:5c:ce:
2c:b2:86:19:f9:8c:f8:57:be:6a:97:1b:b6:dc:96:dd:a6:db:
00:6d:36:de:6d:ee:2b:fb:6e:fb:95:77:8a:c4:44:b6:f4:8e:
52:54:2d:b8:a8:6f:2b:4b:75:cd:74:47:70:e5:d0:5f:45:1a:
c8:2c:28:e9:bc:6c:5c:aa:6e:67:bc:c0:63:cc:c6:16:3d:8c:
98:51:57:bb:3f:84:60:90:48:2c:d2:d3:fe:a5:11:0a:f7:0e:
23:f4:37:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyDH/i+wYsQ3fihvdMzDCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYjMxZTQ5NTZhODRlNmIyYTQxMjQ0MDE2YWNiYzQzY2U4
MWFiYmMwHhcNMjMwMTAyMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTcxODE3MmI3YmQyY2FjZWQ0NTE5MjNmNDRjYzc4YTVkYzdlZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWdDenMh2Gi9F13TB8/vYP2IotXN
m2zpnEmwRAdcDm11K3vL7Hhvi2pDZCNYTZn4V3jIDVIJNJEsMDVADdEi4FAInUJF
YdD1daInhSnFBlNeu8yCxSeeWAnbVGo6ixUnA3QdxIWf/cqsGpYBIc8kPnB2iH/C
UOS+OYM+NvLsprGfHgS7ezG35Rny3s/LwGyKacuhvbBSjYxP3jreFYlp9cuKXm34
NWLjh5UWg9FisQUD1c7eBq2GSfZClcSioCRaELMCLlsWNO0+sSyKOkld1t5rXhPR
q5RFJgD5lYkZk+bkoOVG0MG86LiunNObpoF8Pf9chwrEk5Xb7x0o9kRGlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlxgXK3vSys7UUZI/RMx4pdx+6XMB8GA1UdIwQY
MBaAFIOzHklWqE5rKkEkQBasvEPOgau8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzdNZVNWYW9UbXNxUVNSQUZxeThRODZCcTd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83YTY4MWEtNjBhZS00ZWYzLWI5NTct
N2E5OTRkZDNkMzJhLzEvT1hHQmNyZTlMS3p0UlJrajlFekhpbDNIN3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83YTY4MWEtNjBhZS00ZWYzLWI5NTctN2E5OTRkZDNkMzJh
LzEvZzdNZVNWYW9UbXNxUVNSQUZxeThRODZCcTd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8GUAwQB
w87iMA0GCSqGSIb3DQEBCwUAA4IBAQAMD6BmU8kITDdonnPk9SnPEoazrg+ES+/c
lNQQy7l9+f1n13VGZYVgpAAs/Ln+HmhhHLQme8NWhQ+vPX91zVDn4lIeYJvSJf0L
EmID5qHibuWId6iW+awTi/oSRZ10d2A2sbqg7rTP9PS/TdOQ4La/tAriYnRgYGLO
rzL5zwwRS6vE38oUOqmX7eyOr06P5RgaKVXvaITGgZA7dvlFd6vnXM4ssoYZ+Yz4
V75qlxu23JbdptsAbTbebe4r+277lXeKxES29I5SVC24qG8rS3XNdEdw5dBfRRrI
LCjpvGxcqm5nvMBjzMYWPYyYUVe7P4RgkEgs0tP+pREK9w4j9Dfu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:59 2024 by rpki-client on console-ams.rpki-client.org