Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/e46168-9818-4b51-94ad-c618dec07462/1/OR6p5atrfgr6SwF3ySQSmPCRQaU.roa
File: OR6p5atrfgr6SwF3ySQSmPCRQaU.roa (raw, json)
Hash identifier: /D4Mw39yI3/1kcDWJVSDNbQTOPrfzk+yEP9qErdy7xA=
Subject key identifier: 39:1E:A9:E5:AB:6B:7E:0A:FA:4B:01:77:C9:24:12:98:F0:91:41:A5
Certificate issuer: /CN=c0d0437cdf7cba9f3967eb328a08686d06e47d56
Certificate serial: 0191472CBC9F6C1837159D314254E7D20A0F
Authority key identifier: C0:D0:43:7C:DF:7C:BA:9F:39:67:EB:32:8A:08:68:6D:06:E4:7D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNBDfN98up85Z-syighobQbkfVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/e46168-9818-4b51-94ad-c618dec07462/1/OR6p5atrfgr6SwF3ySQSmPCRQaU.roa
Signing time: Mon 12 Aug 2024 15:19:59 +0000
ROA not before: Mon 12 Aug 2024 15:19:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196863
IP address blocks: 91.223.88.0/24 maxlen: 24
91.227.206.0/23 maxlen: 23
91.234.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:2c:bc:9f:6c:18:37:15:9d:31:42:54:e7:d2:0a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d0437cdf7cba9f3967eb328a08686d06e47d56
Validity
Not Before: Aug 12 15:19:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391ea9e5ab6b7e0afa4b0177c9241298f09141a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:1d:9f:4c:44:ec:fb:2d:13:66:ae:be:c3:c9:
ca:71:15:21:e8:66:12:90:cf:23:7a:b0:3f:0c:68:
34:7f:8e:75:1f:1b:ec:ad:22:61:b8:fe:04:df:7f:
89:24:c6:91:d6:37:60:48:12:1d:a5:72:62:6e:37:
11:b6:fd:0e:24:af:e1:3d:be:de:3d:09:2d:f6:1f:
bb:a6:32:4a:a8:04:49:37:69:92:16:2e:7e:1f:91:
94:30:30:b2:6d:5f:05:0e:a9:41:39:30:5f:8c:22:
48:19:c3:5f:bf:0c:40:d1:4d:0e:d3:39:f3:87:de:
12:51:ff:84:2e:cb:31:4e:1c:da:22:8c:d8:5d:2d:
98:97:62:01:e3:41:be:ba:7d:1b:32:25:78:d6:a6:
2e:a6:7a:04:af:8e:39:3e:09:e1:90:db:58:df:e0:
d8:95:3c:97:ab:75:46:37:d9:60:42:10:76:87:96:
c5:7f:de:9d:bd:2a:3a:f1:94:3f:59:a8:2f:0a:cd:
c0:86:ba:e0:cd:6a:13:13:60:e1:ac:62:7b:25:4d:
f4:5c:1b:60:89:83:a8:60:86:8c:98:8f:84:6d:b7:
4b:6d:4e:4b:83:e2:b3:26:21:d5:f2:ce:f3:45:af:
71:45:72:c2:0f:51:e6:7e:f4:00:b0:1f:b8:fc:eb:
24:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1E:A9:E5:AB:6B:7E:0A:FA:4B:01:77:C9:24:12:98:F0:91:41:A5
X509v3 Authority Key Identifier:
keyid:C0:D0:43:7C:DF:7C:BA:9F:39:67:EB:32:8A:08:68:6D:06:E4:7D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNBDfN98up85Z-syighobQbkfVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e46168-9818-4b51-94ad-c618dec07462/1/OR6p5atrfgr6SwF3ySQSmPCRQaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e46168-9818-4b51-94ad-c618dec07462/1/wNBDfN98up85Z-syighobQbkfVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.88.0/24
91.227.206.0/23
91.234.0.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:cb:d5:a7:db:f1:0d:f6:83:49:2c:1e:c3:a7:8e:43:69:ee:
d1:28:98:bd:03:87:3c:2e:ee:9f:f5:02:e1:05:18:81:a3:dd:
80:3b:33:84:07:ef:08:39:82:1e:e3:8a:61:de:7f:bc:34:5a:
26:43:1c:dc:aa:27:56:7e:35:b8:0c:06:06:a4:46:70:0e:e3:
64:cf:40:15:8c:f7:bf:a2:37:76:97:33:d5:b4:fb:56:22:01:
3b:a2:02:5d:eb:49:61:75:9c:21:d4:93:3d:9a:bc:ca:7a:b8:
a1:ac:d5:95:76:24:1e:95:fd:c8:bb:3e:f9:c2:c7:96:34:4e:
b0:c4:70:03:bd:bc:60:f5:84:b9:14:24:6c:16:66:48:9d:cc:
24:d6:ce:37:ee:06:84:ff:04:27:8c:1c:d6:8f:93:b6:c1:ee:
6f:6c:72:57:9f:c8:fb:4d:16:b4:af:64:64:54:c7:6d:30:43:
bb:29:63:40:a8:cd:ce:ee:c6:98:94:ae:72:7f:89:1d:ed:6a:
36:35:f9:9e:c0:10:a1:c1:79:a3:de:f6:84:53:a9:62:ae:e6:
5c:38:58:d1:7a:f0:48:aa:bf:36:a1:ab:43:e4:ed:aa:7b:5c:
ca:e8:b6:17:9c:ea:af:e1:cf:f0:f1:fd:fb:78:0c:4e:1c:2e:
78:18:9a:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFHLLyfbBg3FZ0xQlTn0goPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZDA0MzdjZGY3Y2JhOWYzOTY3ZWIzMjhhMDg2ODZkMDZl
NDdkNTYwHhcNMjQwODEyMTUxOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFlYTllNWFiNmI3ZTBhZmE0YjAxNzdjOTI0MTI5OGYwOTE0MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+h2fTETs+y0TZq6+w8nKcRUh6GYS
kM8jerA/DGg0f451HxvsrSJhuP4E33+JJMaR1jdgSBIdpXJibjcRtv0OJK/hPb7e
PQkt9h+7pjJKqARJN2mSFi5+H5GUMDCybV8FDqlBOTBfjCJIGcNfvwxA0U0O0znz
h94SUf+ELssxThzaIozYXS2Yl2IB40G+un0bMiV41qYupnoEr445PgnhkNtY3+DY
lTyXq3VGN9lgQhB2h5bFf96dvSo68ZQ/WagvCs3AhrrgzWoTE2DhrGJ7JU30XBtg
iYOoYIaMmI+EbbdLbU5Lg+KzJiHV8s7zRa9xRXLCD1HmfvQAsB+4/OskZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDkeqeWra34K+ksBd8kkEpjwkUGlMB8GA1UdIwQY
MBaAFMDQQ3zffLqfOWfrMooIaG0G5H1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd05CRGZOOTh1cDg1Wi1zeWlnaG9iUWJrZlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lNDYxNjgtOTgxOC00YjUxLTk0YWQt
YzYxOGRlYzA3NDYyLzEvT1I2cDVhdHJmZ3I2U3dGM3lTUVNtUENSUWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lNDYxNjgtOTgxOC00YjUxLTk0YWQtYzYxOGRlYzA3NDYy
LzEvd05CRGZOOTh1cDg1Wi1zeWlnaG9iUWJrZlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW99YAwQB
W+POAwQCW+oAMA0GCSqGSIb3DQEBCwUAA4IBAQALy9Wn2/EN9oNJLB7Dp45Dae7R
KJi9A4c8Lu6f9QLhBRiBo92AOzOEB+8IOYIe44ph3n+8NFomQxzcqidWfjW4DAYG
pEZwDuNkz0AVjPe/ojd2lzPVtPtWIgE7ogJd60lhdZwh1JM9mrzKerihrNWVdiQe
lf3Iuz75wseWNE6wxHADvbxg9YS5FCRsFmZIncwk1s437gaE/wQnjBzWj5O2we5v
bHJXn8j7TRa0r2RkVMdtMEO7KWNAqM3O7saYlK5yf4kd7Wo2NfmewBChwXmj3vaE
U6liruZcOFjRevBIqr82oatD5O2qe1zK6LYXnOqv4c/w8f37eAxOHC54GJq2
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:46 2025 by rpki-client