Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/840dc1-83fc-4f9d-be5e-1939883bb1f8/1/OL7D1rIqr1YLxIJlG_s-Sj4mrQ0.roa
File: OL7D1rIqr1YLxIJlG_s-Sj4mrQ0.roa (raw, json)
Hash identifier: M7jUpeECWP6I5PcM7uGd0ZRk5ZkbO2UdzP3riK2fZ+I=
Subject key identifier: 38:BE:C3:D6:B2:2A:AF:56:0B:C4:82:65:1B:FB:3E:4A:3E:26:AD:0D
Certificate issuer: /CN=f3b7dd54dab02fe8cde8a85e569f827088979419
Certificate serial: 01856D0A862A260FF7EE6FB5AFC1A39C3D9D
Authority key identifier: F3:B7:DD:54:DA:B0:2F:E8:CD:E8:A8:5E:56:9F:82:70:88:97:94:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87fdVNqwL-jN6KheVp-CcIiXlBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/840dc1-83fc-4f9d-be5e-1939883bb1f8/1/OL7D1rIqr1YLxIJlG_s-Sj4mrQ0.roa
Signing time: Sun 01 Jan 2023 11:14:44 +0000
ROA not before: Sun 01 Jan 2023 11:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42791
IP address blocks: 91.213.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:86:2a:26:0f:f7:ee:6f:b5:af:c1:a3:9c:3d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b7dd54dab02fe8cde8a85e569f827088979419
Validity
Not Before: Jan 1 11:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38bec3d6b22aaf560bc482651bfb3e4a3e26ad0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:68:69:f1:25:dc:b2:be:03:e6:20:58:13:26:
42:ef:90:b2:2d:85:e8:e7:f9:98:49:c3:bc:d6:0f:
9d:1a:76:e9:94:22:8a:c6:70:c9:7c:bd:e1:6f:a1:
2f:81:74:17:5a:74:a8:87:a6:99:0f:27:12:ca:cf:
a5:fc:c5:3f:84:ed:ac:71:95:a8:d0:d9:c8:5e:12:
27:f9:aa:94:a3:c6:c4:2b:03:35:26:70:4d:be:71:
be:fe:8e:1f:2e:bb:93:b9:4b:da:77:0e:20:c8:89:
35:ff:7f:cc:d6:b7:3d:4b:12:b2:0a:42:07:fe:be:
db:6e:28:aa:05:1b:b7:16:fb:2a:4f:74:e5:c7:07:
d7:1b:07:38:e0:af:73:c5:5d:d0:66:a2:51:b5:e3:
13:f3:3a:27:e7:70:46:c1:86:d8:15:e0:f6:d7:83:
f3:8f:16:10:1f:e7:e8:06:72:b9:d0:12:f9:63:58:
76:a8:46:c5:a1:ba:7c:6b:3d:82:b1:95:51:ed:a4:
73:1f:f6:57:bd:5f:4e:2a:d0:8e:a7:59:dc:f3:ce:
ff:e7:86:c3:d6:a8:d2:be:9e:06:06:cc:06:be:ca:
32:d9:ad:81:9d:79:57:59:ca:de:c0:7c:9b:fe:15:
d3:1a:8f:02:ef:ac:7c:0a:2b:78:f2:87:bf:c8:51:
61:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BE:C3:D6:B2:2A:AF:56:0B:C4:82:65:1B:FB:3E:4A:3E:26:AD:0D
X509v3 Authority Key Identifier:
keyid:F3:B7:DD:54:DA:B0:2F:E8:CD:E8:A8:5E:56:9F:82:70:88:97:94:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87fdVNqwL-jN6KheVp-CcIiXlBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/840dc1-83fc-4f9d-be5e-1939883bb1f8/1/OL7D1rIqr1YLxIJlG_s-Sj4mrQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/840dc1-83fc-4f9d-be5e-1939883bb1f8/1/87fdVNqwL-jN6KheVp-CcIiXlBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.131.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:f8:6c:f9:68:06:d3:3d:8b:16:77:29:73:c2:34:97:a1:e1:
ee:ff:27:0d:38:46:07:f7:76:1f:a2:16:bf:b5:e7:6d:48:bc:
d3:cc:48:0c:05:33:97:ac:31:4c:8f:a5:32:a2:84:ec:62:4a:
ac:d3:d8:2b:68:02:96:19:00:94:15:c8:da:1e:b2:d9:b6:16:
f8:e2:60:fd:cf:8d:1e:9e:5f:a1:97:8c:ec:dd:dd:c1:db:8d:
cd:76:5f:4b:51:39:72:b3:fe:c8:c2:44:a6:d5:f7:7f:47:21:
c1:15:c9:93:41:17:a5:9c:fc:58:6b:98:ad:45:f3:b3:4b:c6:
40:6d:4c:51:58:ea:00:db:5a:ff:32:9f:8a:97:15:37:ed:f3:
de:f8:89:f1:32:7d:bd:17:63:3f:91:99:a5:ca:13:83:b4:79:
37:ef:7c:fa:b9:69:93:8f:b8:3a:8c:e3:87:bb:06:7a:fc:14:
28:45:1b:86:9d:b7:1b:21:ad:8a:3e:e8:7d:32:df:ce:f7:1c:
8e:5e:e4:4a:6e:87:6a:2b:4e:cf:67:a1:b8:75:c2:c3:9a:00:
85:28:e6:b4:57:66:0a:83:96:dd:7d:ab:58:19:18:f3:d7:5c:
04:6e:31:b6:30:74:33:50:1d:1e:3a:5e:23:0f:1f:ad:c5:33:
84:dd:ae:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCoYqJg/37m+1r8GjnD2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjdkZDU0ZGFiMDJmZThjZGU4YTg1ZTU2OWY4MjcwODg5
Nzk0MTkwHhcNMjMwMTAxMTExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJlYzNkNmIyMmFhZjU2MGJjNDgyNjUxYmZiM2U0YTNlMjZhZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWhp8SXcsr4D5iBYEyZC75CyLYXo
5/mYScO81g+dGnbplCKKxnDJfL3hb6EvgXQXWnSoh6aZDycSys+l/MU/hO2scZWo
0NnIXhIn+aqUo8bEKwM1JnBNvnG+/o4fLruTuUvadw4gyIk1/3/M1rc9SxKyCkIH
/r7bbiiqBRu3FvsqT3TlxwfXGwc44K9zxV3QZqJRteMT8zon53BGwYbYFeD214Pz
jxYQH+foBnK50BL5Y1h2qEbFobp8az2CsZVR7aRzH/ZXvV9OKtCOp1nc887/54bD
1qjSvp4GBswGvsoy2a2BnXlXWcrewHyb/hXTGo8C76x8Cit48oe/yFFh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDi+w9ayKq9WC8SCZRv7Pko+Jq0NMB8GA1UdIwQY
MBaAFPO33VTasC/ozeioXlafgnCIl5QZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdmZFZOcXdMLWpONktoZVZwLUNjSWlYbEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS84NDBkYzEtODNmYy00ZjlkLWJlNWUt
MTkzOTg4M2JiMWY4LzEvT0w3RDFySXFyMVlMeElKbEdfcy1TajRtclEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS84NDBkYzEtODNmYy00ZjlkLWJlNWUtMTkzOTg4M2JiMWY4
LzEvODdmZFZOcXdMLWpONktoZVZwLUNjSWlYbEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9WDMA0G
CSqGSIb3DQEBCwUAA4IBAQDU+Gz5aAbTPYsWdylzwjSXoeHu/ycNOEYH93Yfoha/
tedtSLzTzEgMBTOXrDFMj6UyooTsYkqs09graAKWGQCUFcjaHrLZthb44mD9z40e
nl+hl4zs3d3B243Ndl9LUTlys/7IwkSm1fd/RyHBFcmTQRelnPxYa5itRfOzS8ZA
bUxRWOoA21r/Mp+KlxU37fPe+InxMn29F2M/kZmlyhODtHk373z6uWmTj7g6jOOH
uwZ6/BQoRRuGnbcbIa2KPuh9Mt/O9xyOXuRKbodqK07PZ6G4dcLDmgCFKOa0V2YK
g5bdfatYGRjz11wEbjG2MHQzUB0eOl4jDx+txTOE3a7N
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:15 2024 by rpki-client on console-ams.rpki-client.org