Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/OJlsMURLX5tEjxzFUPH3CN7TMdI.roa
File: OJlsMURLX5tEjxzFUPH3CN7TMdI.roa (raw, json)
Hash identifier: fFNO3jTlIBiZcMXmcHjmzfts07kyoemKJauX+0/v8C0=
Subject key identifier: 38:99:6C:31:44:4B:5F:9B:44:8F:1C:C5:50:F1:F7:08:DE:D3:31:D2
Certificate issuer: /CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Certificate serial: 0189F43AE5E866546BA664AC1BD90241A4F0
Authority key identifier: C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/OJlsMURLX5tEjxzFUPH3CN7TMdI.roa
Signing time: Mon 14 Aug 2023 13:27:27 +0000
ROA not before: Mon 14 Aug 2023 13:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204881
IP address blocks: 91.240.163.0/24 maxlen: 24
91.213.235.0/24 maxlen: 24
2a12:fd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:3a:e5:e8:66:54:6b:a6:64:ac:1b:d9:02:41:a4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Validity
Not Before: Aug 14 13:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38996c31444b5f9b448f1cc550f1f708ded331d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4e:ae:ed:bb:27:23:71:bc:c5:be:ac:90:4c:
68:2e:ea:06:52:0d:d4:55:96:d9:46:93:9a:b2:36:
04:7a:96:89:fa:f9:11:8a:1c:17:30:66:22:6f:e2:
19:c8:e9:ce:db:aa:47:9f:f9:55:e6:53:fa:1c:cc:
14:5b:af:4d:90:8c:17:be:fb:09:e5:97:20:7c:8f:
d8:71:31:a2:46:0d:4b:37:0e:d4:68:09:07:f5:d2:
22:d1:d3:a9:6c:64:ec:e7:af:cd:b0:90:61:28:46:
fe:fd:20:6f:61:6d:e0:fb:0d:12:61:8d:1a:27:fe:
33:e1:47:3a:bb:49:09:44:c3:ee:6e:f5:5d:23:ba:
35:1b:e6:9b:67:8d:55:c6:7a:1f:ce:a7:c4:44:7e:
e3:46:ae:b2:b3:bc:b0:d1:9f:44:c5:a9:fb:59:be:
10:39:49:d9:90:e7:ca:3e:20:ce:00:ff:6c:24:e8:
1b:14:fe:3e:2e:33:95:78:55:41:df:95:f8:e0:c4:
70:08:2c:f3:52:3f:a8:d3:fc:74:d3:22:d6:9f:bc:
13:db:3a:2b:62:67:03:e1:79:8e:6a:37:a5:cf:6a:
65:3e:43:c1:13:d1:18:95:eb:4f:a2:49:98:97:6e:
f4:9c:ca:3e:74:28:23:b7:71:2a:55:8a:13:a4:a6:
62:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:99:6C:31:44:4B:5F:9B:44:8F:1C:C5:50:F1:F7:08:DE:D3:31:D2
X509v3 Authority Key Identifier:
keyid:C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/OJlsMURLX5tEjxzFUPH3CN7TMdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/x5p8pEAn0uWtOJ8WntFZNteFEWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.235.0/24
91.240.163.0/24
IPv6:
2a12:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
68:98:2a:f3:9c:5f:bd:78:61:90:d5:97:24:74:8b:59:9a:da:
f4:bc:07:48:4a:b9:52:d7:69:d3:84:34:02:eb:cd:75:ca:aa:
c5:b7:24:16:85:ca:1d:e2:0b:5e:43:3c:fa:ac:b5:e4:8b:8d:
42:1f:77:ec:fb:be:2d:bd:ec:ef:9b:db:e0:77:75:24:f6:d1:
29:56:7b:62:c9:27:7d:dc:77:b8:35:5e:f0:5c:08:0b:ab:dd:
f1:43:98:20:8f:06:f8:9e:49:e2:22:ee:b8:43:27:49:1d:3b:
5b:6e:ec:85:dc:bf:09:98:1f:d3:63:c4:95:ef:fd:1f:40:75:
08:f7:48:bc:46:7a:46:34:a3:75:ba:09:20:2b:cc:03:62:af:
7f:ef:de:c2:c8:ef:21:6d:8a:c6:53:92:29:cb:37:ef:e8:47:
92:60:c9:77:9d:2c:01:09:6e:cc:65:6b:27:68:b1:47:3e:30:
56:5b:c5:76:65:a1:03:71:ee:b9:a1:e2:79:7f:6a:d4:59:96:
2c:56:34:b2:87:6f:2e:62:10:4b:f2:dd:35:29:b6:dd:fe:3c:
30:fa:51:7f:b4:b5:85:e6:28:4b:d6:d8:36:8f:bd:79:1d:a6:
65:c6:85:39:30:e6:e3:ae:cc:7c:91:81:fd:c4:93:05:ca:62:
74:02:5f:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYn0OuXoZlRrpmSsG9kCQaTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OWE3Y2E0NDAyN2QyZTVhZDM4OWYxNjllZDE1OTM2ZDc4
NTExNjYwHhcNMjMwODE0MTMyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk5NmMzMTQ0NGI1ZjliNDQ4ZjFjYzU1MGYxZjcwOGRlZDMzMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU6u7bsnI3G8xb6skExoLuoGUg3U
VZbZRpOasjYEepaJ+vkRihwXMGYib+IZyOnO26pHn/lV5lP6HMwUW69NkIwXvvsJ
5ZcgfI/YcTGiRg1LNw7UaAkH9dIi0dOpbGTs56/NsJBhKEb+/SBvYW3g+w0SYY0a
J/4z4Uc6u0kJRMPubvVdI7o1G+abZ41VxnofzqfERH7jRq6ys7yw0Z9Exan7Wb4Q
OUnZkOfKPiDOAP9sJOgbFP4+LjOVeFVB35X44MRwCCzzUj+o0/x00yLWn7wT2zor
YmcD4XmOajelz2plPkPBE9EYletPokmYl270nMo+dCgjt3EqVYoTpKZiPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDiZbDFES1+bRI8cxVDx9wje0zHSMB8GA1UdIwQY
MBaAFMeafKRAJ9LlrTifFp7RWTbXhRFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2It
NjcxNWY1OGNlZWJmLzEvT0psc01VUkxYNXRFanh6RlVQSDNDTjdUTWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2ItNjcxNWY1OGNlZWJm
LzEveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9XrAwQA
W/CjMA0EAgACMAcDBQMqEv1AMA0GCSqGSIb3DQEBCwUAA4IBAQBomCrznF+9eGGQ
1ZckdItZmtr0vAdISrlS12nThDQC6811yqrFtyQWhcod4gteQzz6rLXki41CH3fs
+74tvezvm9vgd3Uk9tEpVntiySd93He4NV7wXAgLq93xQ5ggjwb4nkniIu64QydJ
HTtbbuyF3L8JmB/TY8SV7/0fQHUI90i8RnpGNKN1ugkgK8wDYq9/797CyO8hbYrG
U5Ipyzfv6EeSYMl3nSwBCW7MZWsnaLFHPjBWW8V2ZaEDce65oeJ5f2rUWZYsVjSy
h28uYhBL8t01Kbbd/jww+lF/tLWF5ihL1tg2j715HaZlxoU5MObjrsx8kYH9xJMF
ymJ0Al8p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:18 2024 by rpki-client on console-ams.rpki-client.org