Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/oHibnJVLuJCfYKgLbAZ8mN2uwQA.roa
File: oHibnJVLuJCfYKgLbAZ8mN2uwQA.roa (raw, json)
Hash identifier: LC01K93A0iTPAp2HNFI5eMu2yu3eTJu6BHbsmQfO1Hw=
Subject key identifier: A0:78:9B:9C:95:4B:B8:90:9F:60:A8:0B:6C:06:7C:98:DD:AE:C1:00
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F1726E3629FBA218AAEF0D7AF6A7
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/oHibnJVLuJCfYKgLbAZ8mN2uwQA.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197476
IP address blocks: 5.157.176.0/21 maxlen: 21
5.157.184.0/21 maxlen: 21
37.35.56.0/21 maxlen: 21
178.157.104.0/22 maxlen: 22
188.74.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f1:72:6e:36:29:fb:a2:18:aa:ef:0d:7a:f6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0789b9c954bb8909f60a80b6c067c98ddaec100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7f:c8:23:ef:f4:33:34:b9:79:9b:33:47:03:
65:68:6f:7e:c0:f9:c5:b6:ac:52:06:2e:e4:c3:c0:
9a:30:b0:41:26:ea:2e:6c:64:9e:26:e5:1b:65:17:
e0:6c:c3:ae:e6:2d:bb:2b:93:41:3d:2f:77:13:e4:
81:60:a5:46:52:78:c9:8d:2b:69:db:29:28:6f:b8:
cd:0f:44:1f:4e:20:9b:92:b0:c8:42:56:e5:c9:6b:
68:eb:5b:ae:74:00:22:4a:11:36:83:9e:0b:2b:e4:
3c:2f:61:3d:45:e5:9f:5f:e7:39:17:b4:42:44:ff:
fd:44:1e:a2:6d:13:f1:ca:bd:5a:31:ba:3d:3c:2d:
2f:37:22:e0:39:32:0b:f6:be:a9:c3:1a:7a:4a:92:
ea:07:34:88:42:63:56:39:c8:05:44:d2:e2:70:90:
6b:ba:cb:52:32:3c:89:72:8a:38:1e:98:aa:92:75:
ac:f8:0e:99:b7:f4:ba:92:da:b6:cd:9d:cb:10:cd:
0b:b0:a6:39:52:65:58:ab:53:64:69:4f:f3:f2:26:
6f:50:1a:cd:29:21:9c:57:8d:4f:13:bc:fb:49:76:
a1:0a:d5:94:e7:87:d4:b3:bd:9d:53:d1:07:58:04:
ab:dc:53:38:47:b9:99:b0:66:9c:75:37:ef:36:5a:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:78:9B:9C:95:4B:B8:90:9F:60:A8:0B:6C:06:7C:98:DD:AE:C1:00
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/oHibnJVLuJCfYKgLbAZ8mN2uwQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.176.0/20
37.35.56.0/21
178.157.104.0/22
188.74.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:24:ec:10:14:16:af:2d:9b:1b:6b:50:da:48:c4:da:47:79:
77:d4:61:dc:fc:b5:05:3b:c8:a4:6a:c3:1c:d0:61:2f:44:77:
d3:48:ac:2a:9b:0a:6b:bf:e9:06:ee:ec:43:05:e6:d6:a2:b1:
ae:6b:68:b1:0e:25:ba:5f:fa:a2:ae:55:f5:6b:cb:f0:b9:51:
0c:ba:ad:d5:7a:13:11:68:19:87:b2:4a:69:5a:03:1e:70:78:
c7:bf:70:e7:60:19:ef:95:ed:2f:71:0f:18:8e:bb:45:43:ad:
25:ca:30:a7:14:37:bb:4d:80:20:28:33:56:76:a3:0d:72:e5:
b3:a0:aa:59:b5:52:80:29:b0:32:fd:2b:e9:71:0f:a8:30:8f:
7c:42:91:c5:68:51:bb:1c:74:59:2c:80:fe:d7:28:82:a8:d4:
25:39:6c:50:48:ba:9a:ec:23:67:cf:d8:47:5a:05:94:7b:2b:
4d:bc:ac:ea:55:5e:e1:d4:b8:f2:9b:44:85:a7:68:11:43:ef:
12:e8:00:02:ba:7a:da:79:bc:a8:fc:93:8a:45:6a:18:47:f2:
53:3a:58:73:ee:35:66:c1:1f:e0:6a:af:1c:b2:2c:1b:17:dc:
90:e5:15:0c:2b:bb:8b:06:36:71:7c:ce:8f:13:80:cd:ad:c9:
b3:1b:3b:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtU/FybjYp+6IYqu8NevanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDc4OWI5Yzk1NGJiODkwOWY2MGE4MGI2YzA2N2M5OGRkYWVjMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH/II+/0MzS5eZszRwNlaG9+wPnF
tqxSBi7kw8CaMLBBJuoubGSeJuUbZRfgbMOu5i27K5NBPS93E+SBYKVGUnjJjStp
2ykob7jND0QfTiCbkrDIQlblyWto61uudAAiShE2g54LK+Q8L2E9ReWfX+c5F7RC
RP/9RB6ibRPxyr1aMbo9PC0vNyLgOTIL9r6pwxp6SpLqBzSIQmNWOcgFRNLicJBr
ustSMjyJcoo4HpiqknWs+A6Zt/S6ktq2zZ3LEM0LsKY5UmVYq1NkaU/z8iZvUBrN
KSGcV41PE7z7SXahCtWU54fUs72dU9EHWASr3FM4R7mZsGacdTfvNloKGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKB4m5yVS7iQn2CoC2wGfJjdrsEAMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvb0hpYm5KVkx1SkNmWUtnTGJBWjhtTjJ1d1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBZ2wAwQD
JSM4AwQCsp1oAwQCvEqwMA0GCSqGSIb3DQEBCwUAA4IBAQBqJOwQFBavLZsba1Da
SMTaR3l31GHc/LUFO8ikasMc0GEvRHfTSKwqmwprv+kG7uxDBebWorGua2ixDiW6
X/qirlX1a8vwuVEMuq3VehMRaBmHskppWgMecHjHv3DnYBnvle0vcQ8YjrtFQ60l
yjCnFDe7TYAgKDNWdqMNcuWzoKpZtVKAKbAy/SvpcQ+oMI98QpHFaFG7HHRZLID+
1yiCqNQlOWxQSLqa7CNnz9hHWgWUeytNvKzqVV7h1Ljym0SFp2gRQ+8S6AACunra
ebyo/JOKRWoYR/JTOlhz7jVmwR/gaq8csiwbF9yQ5RUMK7uLBjZxfM6PE4DNrcmz
Gzu9
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:25 2024 by rpki-client on console-fra.rpki-client.org