Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/oMebgPhPvbvAG2ZIb2cTvuYMrFE.roa
File: oMebgPhPvbvAG2ZIb2cTvuYMrFE.roa (raw, json)
Hash identifier: eFbySA7TIcfqL6ydo4aoNgIUhJ0dgvi3kmo+bEIbLEM=
Subject key identifier: A0:C7:9B:80:F8:4F:BD:BB:C0:1B:66:48:6F:67:13:BE:E6:0C:AC:51
Certificate issuer: /CN=168731917170c4b81bee351d0455c32cbad63b26
Certificate serial: 018570F0704DD42C27D1261B2C0B3BA932FE
Authority key identifier: 16:87:31:91:71:70:C4:B8:1B:EE:35:1D:04:55:C3:2C:BA:D6:3B:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FocxkXFwxLgb7jUdBFXDLLrWOyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/oMebgPhPvbvAG2ZIb2cTvuYMrFE.roa
Signing time: Mon 02 Jan 2023 05:24:43 +0000
ROA not before: Mon 02 Jan 2023 05:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209707
IP address blocks: 91.132.76.0/22 maxlen: 22
2a09:c180::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:70:4d:d4:2c:27:d1:26:1b:2c:0b:3b:a9:32:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168731917170c4b81bee351d0455c32cbad63b26
Validity
Not Before: Jan 2 05:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0c79b80f84fbdbbc01b66486f6713bee60cac51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:35:46:2e:ba:b8:72:1b:76:75:d3:33:ec:92:
c2:e2:23:4b:bc:17:82:87:a8:d8:f4:8f:74:7e:58:
07:1a:eb:54:62:ac:b8:d6:be:1a:8c:4f:da:cd:ce:
bb:8a:3a:02:ce:5a:c1:9e:0d:0c:60:63:51:75:3e:
7f:cc:70:73:bc:66:fb:b2:d6:41:5e:b0:99:14:a4:
13:f6:f7:f7:ac:7e:53:13:2b:b7:fd:8b:d9:07:f6:
44:39:8b:30:2b:58:f1:75:cc:53:2e:8c:e9:61:c7:
c3:18:1d:0a:ac:2f:58:08:37:b2:70:f0:13:7f:0e:
db:ab:00:0e:5f:5e:ad:0b:ee:94:e8:9a:ba:f7:cf:
b3:2d:c6:86:0f:a2:cc:02:91:91:6a:f4:4b:b7:e4:
13:ac:68:f1:b8:1f:9f:92:b4:33:45:68:9b:23:24:
ef:22:69:8a:37:f1:31:a2:89:85:6b:5b:08:9c:40:
54:55:5e:e1:2f:6d:02:64:f6:65:62:96:94:8d:a6:
54:d7:cb:80:e7:f0:90:5c:cb:03:bd:65:d1:85:2e:
db:01:26:a7:e3:c8:07:45:e0:0e:09:6a:03:0a:59:
6e:be:36:ed:a5:c4:5e:e0:98:ae:a5:62:60:be:90:
dc:1d:34:16:7f:37:67:76:75:23:5e:3c:54:be:cb:
50:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C7:9B:80:F8:4F:BD:BB:C0:1B:66:48:6F:67:13:BE:E6:0C:AC:51
X509v3 Authority Key Identifier:
keyid:16:87:31:91:71:70:C4:B8:1B:EE:35:1D:04:55:C3:2C:BA:D6:3B:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FocxkXFwxLgb7jUdBFXDLLrWOyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/oMebgPhPvbvAG2ZIb2cTvuYMrFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b837f3-0852-4d7f-9c0e-b2d466697ac4/1/FocxkXFwxLgb7jUdBFXDLLrWOyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.76.0/22
IPv6:
2a09:c180::/29
Signature Algorithm: sha256WithRSAEncryption
1b:8f:f8:7e:cb:12:e6:e0:de:07:2a:bf:e1:61:e0:82:50:a5:
63:b3:50:37:70:01:e5:ce:50:b5:bf:bd:81:fe:76:63:38:14:
66:18:b8:ea:8e:84:7e:cd:78:ab:4f:6f:d3:b2:ae:1e:50:cf:
d4:3f:06:f8:ba:a6:b4:4a:3b:2a:70:ab:36:c5:f6:07:14:f3:
76:cb:60:40:94:e4:b2:06:47:fc:c6:69:7c:b7:8e:d5:71:aa:
d3:c5:b2:30:47:40:a9:52:93:10:f5:b9:cd:db:f1:52:72:d6:
94:dd:c2:80:4b:9a:42:2f:d7:fc:1d:cc:a5:78:6e:4e:0c:06:
64:2e:e4:e1:69:2f:16:e1:4e:6e:13:75:8d:80:53:48:41:46:
30:93:ff:e6:ba:7e:dc:21:a8:74:1c:9a:3e:dd:04:8c:61:33:
34:10:ba:48:67:0d:bd:66:d6:93:c9:11:97:96:ec:e3:d5:fa:
c5:57:4f:04:cb:dd:39:58:94:a7:e8:38:0b:b9:bc:9f:cc:c9:
23:70:f3:d0:f1:98:8e:5b:97:17:b6:10:68:ee:d4:c8:08:68:
2d:f4:d7:c9:59:19:38:62:46:f6:fb:aa:10:82:3e:c2:1e:52:
45:46:43:32:ba:9e:a2:76:a2:3c:1a:b7:7a:7d:fe:0f:d5:04:
cf:65:55:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw8HBN1Cwn0SYbLAs7qTL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODczMTkxNzE3MGM0YjgxYmVlMzUxZDA0NTVjMzJjYmFk
NjNiMjYwHhcNMjMwMTAyMDUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM3OWI4MGY4NGZiZGJiYzAxYjY2NDg2ZjY3MTNiZWU2MGNhYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzVGLrq4cht2ddMz7JLC4iNLvBeC
h6jY9I90flgHGutUYqy41r4ajE/azc67ijoCzlrBng0MYGNRdT5/zHBzvGb7stZB
XrCZFKQT9vf3rH5TEyu3/YvZB/ZEOYswK1jxdcxTLozpYcfDGB0KrC9YCDeycPAT
fw7bqwAOX16tC+6U6Jq698+zLcaGD6LMApGRavRLt+QTrGjxuB+fkrQzRWibIyTv
ImmKN/ExoomFa1sInEBUVV7hL20CZPZlYpaUjaZU18uA5/CQXMsDvWXRhS7bASan
48gHReAOCWoDClluvjbtpcRe4JiupWJgvpDcHTQWfzdndnUjXjxUvstQ1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKDHm4D4T727wBtmSG9nE77mDKxRMB8GA1UdIwQY
MBaAFBaHMZFxcMS4G+41HQRVwyy61jsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9jeGtYRnd4TGdiN2pVZEJGWERMTHJXT3lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iODM3ZjMtMDg1Mi00ZDdmLTljMGUt
YjJkNDY2Njk3YWM0LzEvb01lYmdQaFB2YnZBRzJaSWIyY1R2dVlNckZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iODM3ZjMtMDg1Mi00ZDdmLTljMGUtYjJkNDY2Njk3YWM0
LzEvRm9jeGtYRnd4TGdiN2pVZEJGWERMTHJXT3lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW4RMMA0E
AgACMAcDBQMqCcGAMA0GCSqGSIb3DQEBCwUAA4IBAQAbj/h+yxLm4N4HKr/hYeCC
UKVjs1A3cAHlzlC1v72B/nZjOBRmGLjqjoR+zXirT2/Tsq4eUM/UPwb4uqa0Sjsq
cKs2xfYHFPN2y2BAlOSyBkf8xml8t47VcarTxbIwR0CpUpMQ9bnN2/FSctaU3cKA
S5pCL9f8HcyleG5ODAZkLuThaS8W4U5uE3WNgFNIQUYwk//mun7cIah0HJo+3QSM
YTM0ELpIZw29ZtaTyRGXluzj1frFV08Ey905WJSn6DgLubyfzMkjcPPQ8ZiOW5cX
thBo7tTICGgt9NfJWRk4Ykb2+6oQgj7CHlJFRkMyup6idqI8Grd6ff4P1QTPZVU9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:25 2024 by rpki-client on console-fra.rpki-client.org