Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/On-OX_6NXpv3xavwCo4surKzbOY.roa
File: On-OX_6NXpv3xavwCo4surKzbOY.roa (raw, json)
Hash identifier: OkkV0jhg6AKzalBjxCaEu7i9SQiRILnsEWVrMt+vf+w=
Subject key identifier: 3A:7F:8E:5F:FE:8D:5E:9B:F7:C5:AB:F0:0A:8E:2C:BA:B2:B3:6C:E6
Certificate issuer: /CN=cb335dc6feb385f6a23344056a13c2c595028e91
Certificate serial: 018759C25B6B44CFA129C56985025B0427FF
Authority key identifier: CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/On-OX_6NXpv3xavwCo4surKzbOY.roa
Signing time: Fri 07 Apr 2023 03:28:42 +0000
ROA not before: Fri 07 Apr 2023 03:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41652
IP address blocks: 45.80.2.0/24 maxlen: 24
45.80.0.0/22 maxlen: 22
2a0e:3780::/29 maxlen: 29
2a0e:3780::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:59:c2:5b:6b:44:cf:a1:29:c5:69:85:02:5b:04:27:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb335dc6feb385f6a23344056a13c2c595028e91
Validity
Not Before: Apr 7 03:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a7f8e5ffe8d5e9bf7c5abf00a8e2cbab2b36ce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:11:67:ee:c1:79:fe:3b:6e:cd:cb:a4:61:
0a:36:4f:fa:1f:1b:2f:57:f5:5a:13:44:a9:15:86:
0b:45:54:49:50:17:fc:9a:56:16:b5:98:35:cf:06:
35:21:5e:bb:f4:f8:05:3b:7a:be:1a:54:45:47:40:
a8:55:9e:0e:c9:d1:01:dd:2e:b6:23:b7:68:a8:31:
22:50:ed:59:d5:95:b2:1d:30:f5:8e:38:9d:a9:62:
47:b3:bb:27:aa:77:4f:cf:92:6a:9d:a8:c1:ea:18:
d3:33:42:d3:dd:7e:ca:18:1c:62:57:fa:f0:cd:46:
16:63:e1:95:19:9b:b9:14:d5:72:ec:ba:a7:6b:57:
e9:ef:a8:01:4d:fa:b8:fe:d2:06:83:32:d3:d0:b7:
24:63:b0:fa:dc:a5:80:5e:e9:9f:bc:59:46:01:c3:
35:20:aa:98:31:cd:c7:26:71:39:db:71:e2:08:2d:
00:b9:94:b9:a8:a0:c1:d9:b1:c8:54:e2:a8:79:c1:
06:9b:3e:b2:85:c3:c6:89:1c:e2:21:76:ea:83:dc:
1c:95:47:1e:59:8a:d0:82:b9:66:40:03:4c:bc:6f:
fb:ad:e6:7c:d2:82:cd:10:d8:e9:43:6b:f7:67:bc:
7b:ff:0b:d3:0e:77:e4:70:42:17:e1:4b:77:03:fc:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7F:8E:5F:FE:8D:5E:9B:F7:C5:AB:F0:0A:8E:2C:BA:B2:B3:6C:E6
X509v3 Authority Key Identifier:
keyid:CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/On-OX_6NXpv3xavwCo4surKzbOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/yzNdxv6zhfaiM0QFahPCxZUCjpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.0.0/22
IPv6:
2a0e:3780::/29
Signature Algorithm: sha256WithRSAEncryption
90:8d:61:76:c6:26:04:df:b8:1c:a0:5d:9b:b8:fc:65:27:39:
17:d8:b8:98:99:4f:8c:22:e1:32:8f:e6:ac:b9:5c:e4:15:bd:
92:52:b4:02:e9:a5:e3:1d:cb:e0:d3:42:50:6c:f8:43:29:5b:
9e:57:f9:c2:8f:ec:15:c8:c5:86:f3:60:c4:8b:3f:17:94:9f:
b9:1c:50:22:27:c9:53:f9:e8:04:94:c1:6d:3c:b8:f6:9f:3b:
99:d0:da:dc:c6:48:58:ee:de:88:74:a3:1d:0e:4e:17:b2:9a:
39:fd:92:0f:2d:2a:08:15:71:70:f5:93:a0:01:4a:d2:53:62:
8d:b4:28:7c:59:00:ea:d0:80:8d:22:c7:6b:99:69:40:dc:01:
d4:9d:9e:4b:71:14:13:86:54:40:8c:81:ac:90:87:c7:87:24:
c3:fd:56:2c:5d:fd:1f:dd:98:fb:81:c4:e6:75:d6:da:68:d4:
49:c7:d8:ab:0a:22:2e:f0:26:2f:5b:df:06:da:94:79:e8:ec:
10:09:22:e0:06:68:4e:54:5f:cb:2d:2c:17:65:37:4c:3f:47:
79:2e:f5:f9:a7:7a:50:91:3a:9a:01:ce:1f:58:de:9a:c5:a9:
e1:2f:6d:2e:23:35:e8:3b:46:c5:69:87:49:de:94:d2:53:36:
2f:9e:88:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdZwltrRM+hKcVphQJbBCf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzM1ZGM2ZmViMzg1ZjZhMjMzNDQwNTZhMTNjMmM1OTUw
MjhlOTEwHhcNMjMwNDA3MDMyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdmOGU1ZmZlOGQ1ZTliZjdjNWFiZjAwYThlMmNiYWIyYjM2Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEIRZ+7Bef47bs3LpGEKNk/6Hxsv
V/VaE0SpFYYLRVRJUBf8mlYWtZg1zwY1IV679PgFO3q+GlRFR0CoVZ4OydEB3S62
I7doqDEiUO1Z1ZWyHTD1jjidqWJHs7snqndPz5JqnajB6hjTM0LT3X7KGBxiV/rw
zUYWY+GVGZu5FNVy7Lqna1fp76gBTfq4/tIGgzLT0LckY7D63KWAXumfvFlGAcM1
IKqYMc3HJnE523HiCC0AuZS5qKDB2bHIVOKoecEGmz6yhcPGiRziIXbqg9wclUce
WYrQgrlmQANMvG/7reZ80oLNENjpQ2v3Z7x7/wvTDnfkcEIX4Ut3A/w6GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDp/jl/+jV6b98Wr8AqOLLqys2zmMB8GA1UdIwQY
MBaAFMszXcb+s4X2ojNEBWoTwsWVAo6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmIt
ODg1NGM4MmI1NDVkLzEvT24tT1hfNk5YcHYzeGF2d0NvNHN1ckt6Yk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmItODg1NGM4MmI1NDVk
LzEveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVAAMA0E
AgACMAcDBQMqDjeAMA0GCSqGSIb3DQEBCwUAA4IBAQCQjWF2xiYE37gcoF2buPxl
JzkX2LiYmU+MIuEyj+asuVzkFb2SUrQC6aXjHcvg00JQbPhDKVueV/nCj+wVyMWG
82DEiz8XlJ+5HFAiJ8lT+egElMFtPLj2nzuZ0NrcxkhY7t6IdKMdDk4Xspo5/ZIP
LSoIFXFw9ZOgAUrSU2KNtCh8WQDq0ICNIsdrmWlA3AHUnZ5LcRQThlRAjIGskIfH
hyTD/VYsXf0f3Zj7gcTmddbaaNRJx9irCiIu8CYvW98G2pR56OwQCSLgBmhOVF/L
LSwXZTdMP0d5LvX5p3pQkTqaAc4fWN6axanhL20uIzXoO0bFaYdJ3pTSUzYvnoif
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:54 2024 by rpki-client on console-ams.rpki-client.org