Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/oIgwJk-BkQ0VJHotM2DJfJJ1MNQ.roa
File: oIgwJk-BkQ0VJHotM2DJfJJ1MNQ.roa (raw, json)
Hash identifier: bnnsyAA1CdK5rfRRU2h12ZA6GDc4pHcmrIMqudoNu3Y=
Subject key identifier: A0:88:30:26:4F:81:91:0D:15:24:7A:2D:33:60:C9:7C:92:75:30:D4
Certificate issuer: /CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Certificate serial: 018CB11515A22FE6711EC417EFEE5C92BA8B
Authority key identifier: 29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/oIgwJk-BkQ0VJHotM2DJfJJ1MNQ.roa
Signing time: Thu 28 Dec 2023 15:39:58 +0000
ROA not before: Thu 28 Dec 2023 15:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210579
IP address blocks: 217.13.111.0/24 maxlen: 24
91.227.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:15:15:a2:2f:e6:71:1e:c4:17:ef:ee:5c:92:ba:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290cc4d0ad5dafc27aa4e342fa80e34814e845c3
Validity
Not Before: Dec 28 15:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a08830264f81910d15247a2d3360c97c927530d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:ae:b1:a5:f9:c1:0e:56:3e:88:12:ed:d0:
68:f6:80:c4:a2:a5:47:4c:3f:34:27:4c:09:ef:63:
b7:a5:0e:36:c2:3b:bc:05:39:f9:45:ac:dd:64:e0:
94:36:86:e4:3d:80:fa:63:8b:8d:7d:38:e3:b9:aa:
68:9b:95:6e:f2:04:2b:f4:e8:83:f8:52:e4:c4:b0:
05:56:63:f6:6c:42:95:df:3d:31:88:f0:60:5e:fb:
03:55:a9:1f:82:61:46:51:5b:d0:c9:b6:ed:8e:4e:
9b:a8:a5:d0:77:10:a7:e0:2b:0d:ad:68:91:fc:eb:
f5:36:36:82:c7:9b:60:69:f8:77:fa:50:be:a8:ed:
72:87:1c:a0:d6:b8:5a:f2:8b:33:0e:39:6b:ce:de:
30:c7:ce:79:cc:69:5d:15:f1:b1:14:3e:cb:6f:31:
16:1e:be:ae:88:f0:57:d2:4c:c1:7c:34:a0:8b:4d:
60:2a:50:55:48:1e:3a:85:52:02:80:51:02:1a:2c:
8e:51:5a:6e:13:df:9d:df:0d:44:a8:e3:41:0a:88:
81:97:cd:58:78:cb:e8:71:09:6a:5b:1b:ba:59:8d:
d1:5e:ac:08:31:be:18:43:58:55:fe:fe:ca:5e:e3:
c5:e0:ed:5c:54:58:87:bc:ae:20:47:d5:87:23:9d:
20:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:88:30:26:4F:81:91:0D:15:24:7A:2D:33:60:C9:7C:92:75:30:D4
X509v3 Authority Key Identifier:
keyid:29:0C:C4:D0:AD:5D:AF:C2:7A:A4:E3:42:FA:80:E3:48:14:E8:45:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQzE0K1dr8J6pONC-oDjSBToRcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/oIgwJk-BkQ0VJHotM2DJfJJ1MNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/92352f-4051-450e-b3a6-2e0078cee182/1/KQzE0K1dr8J6pONC-oDjSBToRcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.138.0/23
217.13.111.0/24
Signature Algorithm: sha256WithRSAEncryption
18:fa:fb:e3:6b:06:d2:3c:b8:17:a8:96:f4:f1:5c:07:e9:81:
58:60:b1:cb:e8:22:d7:19:a9:35:7b:54:35:ea:30:00:ba:80:
25:8a:0d:5b:e8:ad:9b:0c:50:f6:4c:6e:ab:60:ed:fc:72:c2:
ad:b9:f1:04:5e:07:5f:d7:e8:cc:c5:31:1f:15:23:ac:06:04:
06:48:02:e8:f3:a7:44:b9:8b:64:84:dc:59:8a:93:16:e6:96:
34:ba:cf:3b:42:49:23:6f:50:e7:b1:19:1f:2d:ee:b5:1b:cc:
0e:6a:b6:af:dc:85:f7:33:13:c3:a7:1c:b4:89:d0:e5:85:ea:
5f:15:ad:d7:04:4b:38:6b:ac:82:36:f9:9f:dd:05:7c:36:3a:
83:99:b3:74:9e:4e:83:27:eb:a8:e6:21:25:60:d3:2c:bc:1e:
93:05:c4:8b:01:f7:88:78:cf:58:fc:f9:d7:68:b5:7e:93:cc:
5d:89:85:55:14:09:08:58:ef:60:c4:8b:2f:9d:cb:6c:15:1f:
48:69:dd:10:52:5f:55:4c:cf:96:a6:a2:86:6d:7b:b1:fa:c9:
44:51:14:5f:43:88:9f:2f:26:01:87:b8:ae:c5:78:14:ff:f4:
fe:e1:8a:db:34:72:70:c6:a5:92:47:ce:ae:3a:06:ba:b8:e5:
a5:65:63:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyxFRWiL+ZxHsQX7+5ckrqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGNjNGQwYWQ1ZGFmYzI3YWE0ZTM0MmZhODBlMzQ4MTRl
ODQ1YzMwHhcNMjMxMjI4MTUzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg4MzAyNjRmODE5MTBkMTUyNDdhMmQzMzYwYzk3YzkyNzUzMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIiusaX5wQ5WPogS7dBo9oDEoqVH
TD80J0wJ72O3pQ42wju8BTn5RazdZOCUNobkPYD6Y4uNfTjjuapom5Vu8gQr9OiD
+FLkxLAFVmP2bEKV3z0xiPBgXvsDVakfgmFGUVvQybbtjk6bqKXQdxCn4CsNrWiR
/Ov1NjaCx5tgafh3+lC+qO1yhxyg1rha8oszDjlrzt4wx855zGldFfGxFD7LbzEW
Hr6uiPBX0kzBfDSgi01gKlBVSB46hVICgFECGiyOUVpuE9+d3w1EqONBCoiBl81Y
eMvocQlqWxu6WY3RXqwIMb4YQ1hV/v7KXuPF4O1cVFiHvK4gR9WHI50gmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKCIMCZPgZENFSR6LTNgyXySdTDUMB8GA1UdIwQY
MBaAFCkMxNCtXa/CeqTjQvqA40gU6EXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYt
MmUwMDc4Y2VlMTgyLzEvb0lnd0prLUJrUTBWSkhvdE0yREpmSkoxTU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85MjM1MmYtNDA1MS00NTBlLWIzYTYtMmUwMDc4Y2VlMTgy
LzEvS1F6RTBLMWRyOEo2cE9OQy1vRGpTQlRvUmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+OKAwQA
2Q1vMA0GCSqGSIb3DQEBCwUAA4IBAQAY+vvjawbSPLgXqJb08VwH6YFYYLHL6CLX
Gak1e1Q16jAAuoAlig1b6K2bDFD2TG6rYO38csKtufEEXgdf1+jMxTEfFSOsBgQG
SALo86dEuYtkhNxZipMW5pY0us87Qkkjb1DnsRkfLe61G8wOarav3IX3MxPDpxy0
idDlhepfFa3XBEs4a6yCNvmf3QV8NjqDmbN0nk6DJ+uo5iElYNMsvB6TBcSLAfeI
eM9Y/PnXaLV+k8xdiYVVFAkIWO9gxIsvnctsFR9Iad0QUl9VTM+WpqKGbXux+slE
URRfQ4ifLyYBh7iuxXgU//T+4YrbNHJwxqWSR86uOga6uOWlZWOq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:24 2024 by rpki-client on console-ams.rpki-client.org