Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OmW95X7HYCn6Tb5RkuBkno_M8_I.roa
File: OmW95X7HYCn6Tb5RkuBkno_M8_I.roa (raw, json)
Hash identifier: vqyQuGga5CdXlgR5XWM2B3PwrAoPoex/F5DJs5Fgkyg=
Subject key identifier: 3A:65:BD:E5:7E:C7:60:29:FA:4D:BE:51:92:E0:64:9E:8F:CC:F3:F2
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AE7BEAB0779C20512C48476A9D388
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OmW95X7HYCn6Tb5RkuBkno_M8_I.roa
Signing time: Sun 01 Jan 2023 11:15:09 +0000
ROA not before: Sun 01 Jan 2023 11:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12389
IP address blocks: 82.137.176.0/21 maxlen: 21
82.137.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e7:be:ab:07:79:c2:05:12:c4:84:76:a9:d3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a65bde57ec76029fa4dbe5192e0649e8fccf3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5b:01:ce:1e:cf:db:81:eb:58:f5:c5:80:7d:
04:50:e6:62:3a:9b:77:11:5a:07:6d:55:38:d3:f9:
d4:01:f7:17:80:90:20:1a:66:97:be:34:c3:ab:4a:
72:9d:6e:5f:78:da:ea:26:2e:d6:59:19:0c:fa:97:
42:c5:35:4c:c3:76:c3:93:5b:0d:83:3d:21:d0:e0:
f7:af:e0:f9:6a:98:d3:ef:c9:ec:ac:78:ac:f5:c2:
8f:b1:aa:13:16:f0:d1:38:e9:75:47:22:7c:ea:38:
a2:54:ba:f2:be:d4:65:31:f3:85:ed:cd:cd:16:7a:
ec:c9:ae:d2:5a:68:26:09:13:e4:ec:d5:a3:33:0a:
12:16:64:26:fb:e8:f0:37:5a:83:19:fa:e0:67:11:
dc:a8:f7:f1:4e:c0:5a:f9:28:29:35:5b:08:9b:05:
29:ea:74:99:d1:8f:83:e8:98:d2:6b:62:a4:3d:4c:
89:54:72:62:d7:56:9c:cd:31:5d:de:dd:5e:dc:d6:
e8:e8:4b:e8:c1:18:59:08:c2:c8:c1:4a:0b:56:ef:
1b:b3:b7:3f:0e:3a:0f:fc:38:a8:0b:f4:c0:31:bb:
00:80:05:96:16:07:41:81:b3:bf:fc:79:cb:c1:fe:
08:0b:fe:3c:9e:74:80:89:1d:2a:6b:b9:55:56:e8:
3d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:65:BD:E5:7E:C7:60:29:FA:4D:BE:51:92:E0:64:9E:8F:CC:F3:F2
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OmW95X7HYCn6Tb5RkuBkno_M8_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.137.176.0/20
Signature Algorithm: sha256WithRSAEncryption
54:b7:a2:48:fe:16:58:30:45:76:e1:47:75:e7:a8:0c:b4:7a:
7c:7d:24:dc:9e:47:d8:4f:08:dc:d8:dc:dd:2c:2a:22:9e:66:
46:66:68:94:9c:7b:98:c8:2a:c4:32:18:8b:ba:f2:5e:a9:23:
19:a0:76:00:27:16:38:e7:71:40:b7:63:38:fe:f2:5d:7e:8f:
b6:13:3d:59:10:9f:16:07:83:ae:dd:45:b1:74:d4:cc:ab:dd:
af:4a:3d:14:37:a6:2e:fd:d8:c2:c5:a6:a0:6b:70:cc:82:1b:
39:dd:b5:c4:0b:61:39:f5:91:0e:62:83:36:39:86:ca:c0:68:
b7:bc:d6:07:83:a6:43:f8:74:c9:ae:ed:5f:d4:c2:3d:89:d8:
91:c2:70:79:7d:d3:fe:67:b3:ca:65:5e:b9:62:c5:1c:0a:fd:
32:35:93:a4:77:38:31:29:5e:c0:9a:58:b4:69:aa:e9:8d:a7:
3a:08:e7:e6:0b:14:3a:d5:95:0c:c3:d5:e0:db:d9:d0:9a:53:
16:2a:fe:7b:00:79:bb:94:46:10:85:5b:4c:02:31:ec:70:5d:
de:41:ff:84:bc:09:f8:ab:66:21:f7:1b:5d:ce:a4:74:7f:df:
36:a9:1c:e8:38:49:1d:53:f9:76:15:9b:35:f7:60:fa:37:a8:
d2:84:1d:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCue+qwd5wgUSxIR2qdOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY1YmRlNTdlYzc2MDI5ZmE0ZGJlNTE5MmUwNjQ5ZThmY2NmM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVsBzh7P24HrWPXFgH0EUOZiOpt3
EVoHbVU40/nUAfcXgJAgGmaXvjTDq0pynW5feNrqJi7WWRkM+pdCxTVMw3bDk1sN
gz0h0OD3r+D5apjT78nsrHis9cKPsaoTFvDROOl1RyJ86jiiVLryvtRlMfOF7c3N
Fnrsya7SWmgmCRPk7NWjMwoSFmQm++jwN1qDGfrgZxHcqPfxTsBa+SgpNVsImwUp
6nSZ0Y+D6JjSa2KkPUyJVHJi11aczTFd3t1e3Nbo6EvowRhZCMLIwUoLVu8bs7c/
DjoP/DioC/TAMbsAgAWWFgdBgbO//HnLwf4IC/48nnSAiR0qa7lVVug9GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDplveV+x2Ap+k2+UZLgZJ6PzPPyMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvT21XOTVYN0hZQ242VGI1Umt1Qmtub19NOF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUomwMA0G
CSqGSIb3DQEBCwUAA4IBAQBUt6JI/hZYMEV24Ud156gMtHp8fSTcnkfYTwjc2Nzd
LCoinmZGZmiUnHuYyCrEMhiLuvJeqSMZoHYAJxY453FAt2M4/vJdfo+2Ez1ZEJ8W
B4Ou3UWxdNTMq92vSj0UN6Yu/djCxaaga3DMghs53bXEC2E59ZEOYoM2OYbKwGi3
vNYHg6ZD+HTJru1f1MI9idiRwnB5fdP+Z7PKZV65YsUcCv0yNZOkdzgxKV7Amli0
aarpjac6COfmCxQ61ZUMw9Xg29nQmlMWKv57AHm7lEYQhVtMAjHscF3eQf+EvAn4
q2Yh9xtdzqR0f982qRzoOEkdU/l2FZs192D6N6jShB0C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org