Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ol0XsQtP8jOwYMknDA3tZcsZ4Cs.roa
File: ol0XsQtP8jOwYMknDA3tZcsZ4Cs.roa (raw, json)
Hash identifier: n7OgtE38gvzrULrA0lxMK4sx0SMJCDB7X6eKCfgjJoI=
Subject key identifier: A2:5D:17:B1:0B:4F:F2:33:B0:60:C9:27:0C:0D:ED:65:CB:19:E0:2B
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018BEECE9310B99A8095868F123AE7CB6B86
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ol0XsQtP8jOwYMknDA3tZcsZ4Cs.roa
Signing time: Mon 20 Nov 2023 22:16:37 +0000
ROA not before: Mon 20 Nov 2023 22:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.150.55.0/24 maxlen: 24
91.239.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 05:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:ce:93:10:b9:9a:80:95:86:8f:12:3a:e7:cb:6b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Nov 20 22:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a25d17b10b4ff233b060c9270c0ded65cb19e02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:f4:c4:07:95:99:9f:26:4f:cc:bf:a3:47:
09:e2:70:22:57:06:0f:2e:f9:a9:d4:1b:95:23:cc:
67:45:a3:a5:74:9f:ed:50:c8:1e:a8:38:76:a6:87:
79:33:5e:0c:ec:85:e5:ee:80:2a:07:ae:8d:9b:21:
bf:9d:1b:f6:8d:94:d4:cd:86:b6:c5:9a:74:4a:78:
21:12:4a:48:6d:c7:e6:61:bd:1b:a5:ed:30:0e:4c:
2b:f3:85:78:73:00:29:4f:eb:be:34:c7:34:47:c3:
f0:9f:e7:12:09:32:74:a1:22:d4:09:8c:ee:63:7f:
f2:7e:08:c3:f6:5b:4e:52:9b:f0:86:24:e5:e0:e1:
b4:4e:a0:ff:d2:5d:ca:53:2e:f2:99:b6:04:5f:e2:
64:bd:fd:e4:5b:70:40:f7:6f:b6:b4:25:b6:f3:b9:
b6:cd:9f:a0:ed:9b:4c:75:ab:93:49:f3:90:76:56:
90:a9:ed:8f:e5:c5:7d:2f:2b:6d:87:78:a8:c5:f9:
05:19:d0:7f:7d:78:9e:e0:30:9c:30:d0:9c:87:86:
a0:1f:2e:e0:80:a1:ec:2d:91:2f:d7:2f:5d:57:0d:
3a:c3:5b:be:a9:f1:5c:91:8a:1e:48:9f:0b:fe:4b:
9a:e1:c9:9f:61:20:5b:33:1d:fb:8c:53:5a:78:cd:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5D:17:B1:0B:4F:F2:33:B0:60:C9:27:0C:0D:ED:65:CB:19:E0:2B
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ol0XsQtP8jOwYMknDA3tZcsZ4Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.55.0/24
91.239.149.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:eb:84:b5:25:1a:97:9c:0b:10:bd:44:a1:b7:88:68:c3:95:
c9:44:48:18:4d:a5:72:7f:9e:2d:2c:69:ea:e9:ea:7d:07:27:
fe:9c:e1:49:28:e4:48:f5:05:30:55:82:c5:50:38:b4:67:c6:
ea:4d:cf:8b:ea:62:17:a1:21:d8:62:11:f6:4f:9b:cc:b6:12:
72:a9:61:03:b6:61:c5:60:4d:4f:b4:6f:82:a1:1d:b2:33:57:
ba:ab:b4:6c:f2:ee:50:37:ab:b0:af:70:04:ad:5a:fa:c5:ea:
6c:6e:72:57:45:21:9d:b0:f8:e2:16:49:27:58:f1:29:30:96:
1d:3c:61:e4:ce:6e:5e:87:37:24:51:82:3b:75:00:b3:0b:94:
db:26:30:ed:ac:82:7c:0b:86:29:d1:df:26:ca:64:28:9a:48:
62:9c:27:bf:26:2a:b2:f8:72:a7:00:6d:e7:e7:8a:14:32:eb:
a3:0e:79:b0:98:c0:25:20:72:f0:19:71:6a:25:55:ff:23:16:
85:8c:8c:19:73:81:ad:a3:88:08:6b:97:f2:33:b4:da:0b:17:
16:de:13:e4:ae:11:be:ee:04:72:1f:13:b4:dc:91:1a:97:a0:
c7:7c:1e:ff:a5:26:c2:32:c2:fb:3a:cb:e7:76:64:de:27:1f:
e0:79:02:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvuzpMQuZqAlYaPEjrny2uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMxMTIwMjIxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjVkMTdiMTBiNGZmMjMzYjA2MGM5MjcwYzBkZWQ2NWNiMTllMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvor0xAeVmZ8mT8y/o0cJ4nAiVwYP
Lvmp1BuVI8xnRaOldJ/tUMgeqDh2pod5M14M7IXl7oAqB66NmyG/nRv2jZTUzYa2
xZp0SnghEkpIbcfmYb0bpe0wDkwr84V4cwApT+u+NMc0R8Pwn+cSCTJ0oSLUCYzu
Y3/yfgjD9ltOUpvwhiTl4OG0TqD/0l3KUy7ymbYEX+Jkvf3kW3BA92+2tCW287m2
zZ+g7ZtMdauTSfOQdlaQqe2P5cV9Lytth3ioxfkFGdB/fXie4DCcMNCch4agHy7g
gKHsLZEv1y9dVw06w1u+qfFckYoeSJ8L/kua4cmfYSBbMx37jFNaeM1N0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJdF7ELT/IzsGDJJwwN7WXLGeArMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvb2wwWHNRdFA4ak93WU1rbkRBM3RaY3NaNENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZY3AwQA
W++VMA0GCSqGSIb3DQEBCwUAA4IBAQDC64S1JRqXnAsQvUSht4how5XJREgYTaVy
f54tLGnq6ep9Byf+nOFJKORI9QUwVYLFUDi0Z8bqTc+L6mIXoSHYYhH2T5vMthJy
qWEDtmHFYE1PtG+CoR2yM1e6q7Rs8u5QN6uwr3AErVr6xepsbnJXRSGdsPjiFkkn
WPEpMJYdPGHkzm5ehzckUYI7dQCzC5TbJjDtrIJ8C4Yp0d8mymQomkhinCe/Jiqy
+HKnAG3n54oUMuujDnmwmMAlIHLwGXFqJVX/IxaFjIwZc4Gto4gIa5fyM7TaCxcW
3hPkrhG+7gRyHxO03JEal6DHfB7/pSbCMsL7OsvndmTeJx/geQKN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:49 2024 by rpki-client on console-ams.rpki-client.org