Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/Oni459Hg1BlPkrsVYRzVw4P2dnk.roa
File: Oni459Hg1BlPkrsVYRzVw4P2dnk.roa (raw, json)
Hash identifier: UpEjQk0dp0fVc1OxC/S5JezDlznEGJHbvtIwh/3YmL0=
Subject key identifier: 3A:78:B8:E7:D1:E0:D4:19:4F:92:BB:15:61:1C:D5:C3:83:F6:76:79
Certificate issuer: /CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Certificate serial: 0185D988C8FC6579F48CF53D3D68CD75490E
Authority key identifier: 9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/Oni459Hg1BlPkrsVYRzVw4P2dnk.roa
Signing time: Sun 22 Jan 2023 12:51:38 +0000
ROA not before: Sun 22 Jan 2023 12:51:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51825
IP address blocks: 46.31.98.0/23 maxlen: 23
46.31.96.0/21 maxlen: 21
46.31.96.0/23 maxlen: 23
46.31.96.0/24 maxlen: 24
46.31.97.0/24 maxlen: 24
46.31.98.0/24 maxlen: 24
46.31.102.0/23 maxlen: 23
46.31.103.0/24 maxlen: 24
46.31.100.0/23 maxlen: 23
46.31.99.0/24 maxlen: 24
46.31.100.0/24 maxlen: 24
46.31.101.0/24 maxlen: 24
46.31.102.0/24 maxlen: 24
185.24.206.0/23 maxlen: 23
185.24.204.0/24 maxlen: 24
185.24.204.0/22 maxlen: 22
185.24.204.0/23 maxlen: 23
185.24.205.0/24 maxlen: 24
185.24.206.0/24 maxlen: 24
185.24.207.0/24 maxlen: 24
213.137.65.0/24 maxlen: 24
213.137.66.0/24 maxlen: 24
213.137.67.0/24 maxlen: 24
213.137.70.0/24 maxlen: 24
213.137.71.0/24 maxlen: 24
213.137.72.0/23 maxlen: 23
213.137.64.0/24 maxlen: 24
213.137.64.0/20 maxlen: 20
2a02:5080::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d9:88:c8:fc:65:79:f4:8c:f5:3d:3d:68:cd:75:49:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Validity
Not Before: Jan 22 12:51:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a78b8e7d1e0d4194f92bb15611cd5c383f67679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:55:74:8f:1b:eb:a0:28:c4:55:a9:56:9c:7b:
b9:a2:ee:ce:5f:3e:f9:55:3a:fa:20:6a:6c:f4:32:
15:2b:d7:32:8e:55:3b:ff:d4:17:ae:1a:cb:9c:38:
9b:0c:d9:b2:50:80:f1:d2:5b:86:cc:93:aa:3a:52:
3c:5a:38:37:47:5f:d7:68:b9:af:5f:6a:cd:aa:92:
a4:27:66:e6:71:fb:04:ba:32:bd:af:31:14:80:70:
a3:47:a1:99:f0:a8:90:12:5a:22:e7:fb:9a:35:f5:
9f:2f:18:7d:66:de:1b:12:fd:08:ee:79:41:a1:6e:
5d:e6:3d:23:c0:a5:bf:b6:ca:80:c3:d1:e1:9a:92:
a7:d7:f8:2f:cb:bf:cd:98:1b:2b:1a:7c:a5:64:f8:
6d:06:58:13:52:c7:46:94:1c:59:22:46:82:35:36:
7a:7e:cf:9b:c4:b1:50:41:f8:a1:2f:3d:a6:71:3e:
e8:55:1d:2c:17:22:15:41:93:4c:3c:f5:9c:f9:c4:
6e:70:36:f8:c6:dd:75:ae:b5:d9:9d:33:86:3f:20:
76:06:55:fe:53:0d:da:c8:d6:84:8a:8c:dc:b9:7a:
57:3d:ed:ba:67:7f:90:9f:23:83:a9:6b:86:32:f1:
06:b5:60:52:8f:90:ef:fb:8f:f4:72:92:95:47:ca:
78:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:78:B8:E7:D1:E0:D4:19:4F:92:BB:15:61:1C:D5:C3:83:F6:76:79
X509v3 Authority Key Identifier:
keyid:9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/Oni459Hg1BlPkrsVYRzVw4P2dnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.96.0/21
185.24.204.0/22
213.137.64.0/20
IPv6:
2a02:5080::/32
Signature Algorithm: sha256WithRSAEncryption
0b:52:e6:57:4c:3c:f2:52:53:3f:f1:86:f6:47:22:c3:5a:2e:
8f:ca:f4:8e:fa:34:a0:ad:94:96:fb:61:57:83:21:b1:ff:e9:
67:b9:5c:64:e7:84:ea:60:f5:d4:75:7e:41:72:b8:7d:d0:eb:
b2:dc:c8:d2:ce:ff:00:0c:4c:17:3f:5b:40:2a:66:a9:4a:dd:
44:97:23:ea:5c:64:37:c8:14:0d:24:48:a7:10:8f:f9:36:2b:
67:6a:9b:28:95:fe:1c:8c:7d:35:26:bb:46:ca:f6:2f:0c:8c:
6a:6a:9f:c1:28:cd:9c:88:8d:1f:63:e8:7a:29:53:b6:8d:d8:
05:3c:7d:c7:12:0d:c0:1f:70:2f:ad:a5:d6:99:5d:98:52:dc:
70:38:8d:76:d2:cb:d4:df:40:a2:91:2b:f1:8e:cb:73:0f:bb:
fe:73:3e:4c:7c:28:53:98:40:a4:9e:f0:03:9c:17:f7:df:0d:
d3:f5:68:fc:88:80:f1:f8:8a:09:6e:3c:60:f5:52:8e:d5:cf:
4d:a3:00:f1:75:61:c8:21:46:ec:cb:50:af:77:85:d0:2e:c3:
91:61:f2:c1:3d:83:51:27:e5:3f:cf:99:0a:dc:4b:db:6a:dc:
4b:d1:54:b0:6f:d6:9b:94:ca:1c:d4:33:ff:9a:d3:0e:25:59:
0f:ad:97:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYXZiMj8ZXn0jPU9PWjNdUkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTg5NWU3ZjZhNmQ0YWJhOWM5NjFmNzEzYjJlNzk3MTVm
MDIxZjAwHhcNMjMwMTIyMTI1MTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc4YjhlN2QxZTBkNDE5NGY5MmJiMTU2MTFjZDVjMzgzZjY3Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31V0jxvroCjEValWnHu5ou7OXz75
VTr6IGps9DIVK9cyjlU7/9QXrhrLnDibDNmyUIDx0luGzJOqOlI8Wjg3R1/XaLmv
X2rNqpKkJ2bmcfsEujK9rzEUgHCjR6GZ8KiQEloi5/uaNfWfLxh9Zt4bEv0I7nlB
oW5d5j0jwKW/tsqAw9HhmpKn1/gvy7/NmBsrGnylZPhtBlgTUsdGlBxZIkaCNTZ6
fs+bxLFQQfihLz2mcT7oVR0sFyIVQZNMPPWc+cRucDb4xt11rrXZnTOGPyB2BlX+
Uw3ayNaEiozcuXpXPe26Z3+QnyODqWuGMvEGtWBSj5Dv+4/0cpKVR8p4EwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDp4uOfR4NQZT5K7FWEc1cOD9nZ5MB8GA1UdIwQY
MBaAFJtYlef2ptSrqclh9xOy55cV8CHwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDIt
ZmMyYTk3YjdkNTNlLzEvT25pNDU5SGcxQmxQa3JzVllSelZ3NFAyZG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDItZmMyYTk3YjdkNTNl
LzEvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLh9gAwQC
uRjMAwQE1YlAMA0EAgACMAcDBQAqAlCAMA0GCSqGSIb3DQEBCwUAA4IBAQALUuZX
TDzyUlM/8Yb2RyLDWi6PyvSO+jSgrZSW+2FXgyGx/+lnuVxk54TqYPXUdX5Bcrh9
0Ouy3MjSzv8ADEwXP1tAKmapSt1ElyPqXGQ3yBQNJEinEI/5Nitnapsolf4cjH01
JrtGyvYvDIxqap/BKM2ciI0fY+h6KVO2jdgFPH3HEg3AH3AvraXWmV2YUtxwOI12
0svU30CikSvxjstzD7v+cz5MfChTmECknvADnBf33w3T9Wj8iIDx+IoJbjxg9VKO
1c9NowDxdWHIIUbsy1Cvd4XQLsORYfLBPYNRJ+U/z5kK3EvbatxL0VSwb9ablMoc
1DP/mtMOJVkPrZeU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:56 2023 by rpki-client on console-ams.rpki-client.org