Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/OXPDlzpa44PTL-gWHfFCvkvsrXI.roa
File: OXPDlzpa44PTL-gWHfFCvkvsrXI.roa (raw, json)
Hash identifier: gpIIS8gXcKJ1EpFbPfdpZJlbv/x4gQr2586Lg5xrJEY=
Subject key identifier: 39:73:C3:97:3A:5A:E3:83:D3:2F:E8:16:1D:F1:42:BE:4B:EC:AD:72
Certificate issuer: /CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Certificate serial: 01856F14DD0F6B3AFFD12385A50D36165A89
Authority key identifier: 27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/OXPDlzpa44PTL-gWHfFCvkvsrXI.roa
Signing time: Sun 01 Jan 2023 20:45:16 +0000
ROA not before: Sun 01 Jan 2023 20:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 195.34.94.0/23 maxlen: 23
91.204.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 May 2023 15:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:dd:0f:6b:3a:ff:d1:23:85:a5:0d:36:16:5a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a7d1f0d73fe481c2188d28def0e858e715697e
Validity
Not Before: Jan 1 20:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3973c3973a5ae383d32fe8161df142be4becad72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:07:03:35:65:8c:e8:7f:01:c9:30:f1:7d:fc:
c2:92:46:f0:b4:b1:09:4d:71:e5:e2:23:9c:8d:e2:
2f:bd:83:e7:eb:42:db:1a:9e:41:5d:ac:06:ea:81:
1c:3b:c9:5c:77:1f:e9:78:32:10:ba:48:f2:8f:b0:
eb:62:de:5f:c7:05:89:16:97:54:5b:24:97:fd:76:
57:60:1c:2b:18:29:71:bd:54:e9:7a:cb:6f:c0:73:
1b:74:a2:f6:b3:80:6d:f3:fb:8a:62:b7:83:ad:b9:
dd:5f:69:98:c5:e5:07:8c:95:f3:4c:6e:33:e3:d7:
41:ca:8d:12:46:2f:75:38:b1:5b:66:9a:74:15:c3:
a1:ea:13:8e:f4:23:83:97:82:e7:2a:f7:c9:0e:1a:
2b:91:2e:18:09:c4:06:8a:3f:18:c7:db:7a:39:62:
c4:62:60:71:2f:80:c3:3a:de:a2:c5:c3:66:e2:3b:
d5:a0:2d:1a:63:b9:d1:9a:23:20:b6:1b:b6:07:c6:
17:39:fe:8b:44:83:5a:8c:34:a0:b2:ad:f6:76:0c:
2b:01:e1:eb:4f:52:df:5c:90:cb:79:5b:80:ff:e6:
b0:5f:5d:21:81:e7:dc:d2:47:8c:6a:78:00:7e:07:
7d:c0:d1:55:fb:93:af:b4:0c:09:53:d4:6e:f6:04:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:73:C3:97:3A:5A:E3:83:D3:2F:E8:16:1D:F1:42:BE:4B:EC:AD:72
X509v3 Authority Key Identifier:
keyid:27:A7:D1:F0:D7:3F:E4:81:C2:18:8D:28:DE:F0:E8:58:E7:15:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/OXPDlzpa44PTL-gWHfFCvkvsrXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d82ef6-836a-47c7-a6c1-d6eaafc6b4f5/1/J6fR8Nc_5IHCGI0o3vDoWOcVaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.76.0/22
195.34.94.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:be:ea:af:5f:91:b7:36:ba:67:91:49:37:20:4a:ff:c7:70:
cd:0d:28:ff:20:76:85:3f:b6:17:67:d7:b8:c9:dc:24:e2:71:
ea:50:d9:41:b4:60:59:6b:97:09:0b:0b:83:4f:57:b2:b6:66:
0e:bc:1c:b3:79:d9:e5:d3:4e:c5:54:80:f6:ef:5e:66:ce:a3:
c6:20:5c:e8:9a:7e:48:fc:c4:bb:57:6e:93:50:d7:7b:14:4a:
8d:e5:ef:3a:ef:43:4d:8b:c0:62:c1:1b:7b:b4:57:c3:0d:53:
f7:7e:09:41:bc:31:ea:af:e0:c6:ac:65:c1:45:67:bd:4a:93:
7c:69:e8:12:09:db:54:7b:79:47:ef:09:5a:1a:71:fb:89:c2:
d4:fe:90:b1:17:aa:d0:6d:81:e7:a9:bc:8d:19:97:de:3f:c9:
6c:60:11:dc:c3:f0:4a:d4:2f:2d:01:fe:99:f7:7f:3b:b3:07:
ec:20:3a:71:4b:01:c7:fc:69:99:52:c0:ad:59:9c:87:59:64:
42:e0:67:96:cf:fc:b0:82:54:1e:83:28:d9:0c:d9:3a:8a:af:
8a:3a:8a:27:44:4c:3f:a3:ba:3d:f9:05:3b:aa:f6:19:f1:94:
87:fc:33:ab:78:7c:99:cd:c2:61:1f:39:9b:ca:26:9e:ef:70:
c0:78:f4:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFN0Pazr/0SOFpQ02FlqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTdkMWYwZDczZmU0ODFjMjE4OGQyOGRlZjBlODU4ZTcx
NTY5N2UwHhcNMjMwMTAxMjA0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTczYzM5NzNhNWFlMzgzZDMyZmU4MTYxZGYxNDJiZTRiZWNhZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggcDNWWM6H8ByTDxffzCkkbwtLEJ
TXHl4iOcjeIvvYPn60LbGp5BXawG6oEcO8lcdx/peDIQukjyj7DrYt5fxwWJFpdU
WySX/XZXYBwrGClxvVTpestvwHMbdKL2s4Bt8/uKYreDrbndX2mYxeUHjJXzTG4z
49dByo0SRi91OLFbZpp0FcOh6hOO9CODl4LnKvfJDhorkS4YCcQGij8Yx9t6OWLE
YmBxL4DDOt6ixcNm4jvVoC0aY7nRmiMgthu2B8YXOf6LRINajDSgsq32dgwrAeHr
T1LfXJDLeVuA/+awX10hgefc0keMangAfgd9wNFV+5OvtAwJU9Ru9gQkDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlzw5c6WuOD0y/oFh3xQr5L7K1yMB8GA1UdIwQY
MBaAFCen0fDXP+SBwhiNKN7w6FjnFWl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEt
ZDZlYWFmYzZiNGY1LzEvT1hQRGx6cGE0NFBUTC1nV0hmRkN2a3ZzclhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kODJlZjYtODM2YS00N2M3LWE2YzEtZDZlYWFmYzZiNGY1
LzEvSjZmUjhOY181SUhDR0kwbzN2RG9XT2NWYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8xMAwQB
wyJeMA0GCSqGSIb3DQEBCwUAA4IBAQC8vuqvX5G3NrpnkUk3IEr/x3DNDSj/IHaF
P7YXZ9e4ydwk4nHqUNlBtGBZa5cJCwuDT1eytmYOvByzednl007FVID2715mzqPG
IFzomn5I/MS7V26TUNd7FEqN5e8670NNi8BiwRt7tFfDDVP3fglBvDHqr+DGrGXB
RWe9SpN8aegSCdtUe3lH7wlaGnH7icLU/pCxF6rQbYHnqbyNGZfeP8lsYBHcw/BK
1C8tAf6Z9387swfsIDpxSwHH/GmZUsCtWZyHWWRC4GeWz/ywglQegyjZDNk6iq+K
OoonREw/o7o9+QU7qvYZ8ZSH/DOreHyZzcJhHzmbyiae73DAePTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:38 2024 by rpki-client on console-ams.rpki-client.org