Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/oqcHQJ8DwnkRIDWRkOVyVLqd63w.roa
File: oqcHQJ8DwnkRIDWRkOVyVLqd63w.roa (raw, json)
Hash identifier: PDTaA2/GcCE0+tP2FGTnlv0Da3vvMIzF5r9uXbYxYDw=
Subject key identifier: A2:A7:07:40:9F:03:C2:79:11:20:35:91:90:E5:72:54:BA:9D:EB:7C
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0185714C118F12B94457DF6300E8AE49B4A6
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/oqcHQJ8DwnkRIDWRkOVyVLqd63w.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205430
IP address blocks: 91.106.28.0/24 maxlen: 24
94.240.41.0/24 maxlen: 24
94.240.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:11:8f:12:b9:44:57:df:63:00:e8:ae:49:b4:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a707409f03c2791120359190e57254ba9deb7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:a8:68:3e:91:6f:5f:a2:d6:92:43:c7:43:
bc:6c:22:15:fe:a7:50:cf:c0:24:d6:b3:d2:79:65:
82:9c:1a:6a:7c:b1:a2:61:1c:3f:b6:7d:48:ed:c4:
ce:75:93:43:66:65:d5:31:d6:46:b4:4f:a6:49:82:
e2:db:3c:8c:f2:1f:c5:a7:2b:1c:d4:fb:db:e2:05:
3e:10:6e:3f:58:d6:25:9e:f5:9f:c8:ba:3a:8b:90:
be:34:67:af:50:da:a7:e0:e4:26:91:68:07:70:3d:
ac:1e:d7:eb:fd:47:96:3e:1b:45:47:25:ce:1d:91:
21:8e:33:7a:99:09:c2:a9:1f:10:e4:56:a4:31:49:
a0:37:4f:9b:00:47:86:06:59:59:d6:2d:51:63:d8:
50:a9:44:f2:2f:06:ed:61:f2:c3:c1:58:e4:f5:ba:
39:55:21:01:b1:b8:9a:cc:0b:f7:f1:21:08:9e:01:
35:f6:78:77:1f:6d:17:43:df:d8:ac:a5:65:10:4e:
e0:0b:38:cd:90:bd:96:9a:50:93:85:8d:a2:5d:61:
c6:77:1f:ef:39:d2:60:cd:ce:ac:3a:d4:c0:4f:e6:
24:7c:4d:9f:7a:21:4e:02:48:12:ef:71:ff:f2:d7:
13:7a:86:3f:38:f1:ba:3b:fa:50:2a:7f:35:ad:62:
1f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A7:07:40:9F:03:C2:79:11:20:35:91:90:E5:72:54:BA:9D:EB:7C
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/oqcHQJ8DwnkRIDWRkOVyVLqd63w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.28.0/24
94.240.41.0/24
94.240.43.0/24
Signature Algorithm: sha256WithRSAEncryption
03:82:eb:24:ef:aa:69:15:61:7c:7c:99:b0:32:0f:8d:d3:6b:
a2:7e:4c:c1:57:0d:e4:85:85:c9:1f:40:d3:d4:c4:79:93:75:
be:9a:5a:6b:af:a2:dd:6b:f3:4d:cf:76:5a:1c:0a:13:5b:35:
46:28:06:25:d9:bf:e9:af:f5:82:ae:00:7e:48:9f:f1:aa:39:
c8:e9:13:b6:98:ac:ca:6d:ba:26:09:2c:80:a8:22:07:d2:35:
d2:9d:de:f5:b9:14:da:18:18:f3:fc:7a:43:61:1b:5d:16:63:
73:8f:c8:2f:e8:1f:ca:d6:f8:76:d8:d5:6d:a7:3f:b2:27:9f:
62:38:72:b2:df:59:78:7d:c5:74:cd:9d:a0:43:9a:4c:62:3f:
46:6c:c8:e5:ca:30:35:bd:d5:2c:29:39:b4:22:6e:f9:30:e4:
04:42:a1:fa:a9:c0:9d:b9:6b:b8:ff:ec:3b:78:ea:cc:4b:1e:
45:ac:05:5c:91:b0:81:3f:3e:59:12:94:f4:5a:10:f9:a1:99:
d1:12:e8:a5:6f:00:5c:5b:9f:75:2d:02:97:e7:48:e0:38:7d:
87:ab:5d:0e:a4:6d:74:69:3f:e2:bd:c8:b2:38:50:80:c9:7c:
8d:dc:c9:7a:f6:a8:26:af:25:c9:27:21:f2:7d:95:bc:2c:32:
bc:dd:f7:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxTBGPErlEV99jAOiuSbSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE3MDc0MDlmMDNjMjc5MTEyMDM1OTE5MGU1NzI1NGJhOWRlYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk6oaD6Rb1+i1pJDx0O8bCIV/qdQ
z8Ak1rPSeWWCnBpqfLGiYRw/tn1I7cTOdZNDZmXVMdZGtE+mSYLi2zyM8h/Fpysc
1Pvb4gU+EG4/WNYlnvWfyLo6i5C+NGevUNqn4OQmkWgHcD2sHtfr/UeWPhtFRyXO
HZEhjjN6mQnCqR8Q5FakMUmgN0+bAEeGBllZ1i1RY9hQqUTyLwbtYfLDwVjk9bo5
VSEBsbiazAv38SEIngE19nh3H20XQ9/YrKVlEE7gCzjNkL2WmlCThY2iXWHGdx/v
OdJgzc6sOtTAT+YkfE2feiFOAkgS73H/8tcTeoY/OPG6O/pQKn81rWIfyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKKnB0CfA8J5ESA1kZDlclS6net8MB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvb3FjSFFKOER3bmtSSURXUmtPVnlWTHFkNjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW2ocAwQA
XvApAwQAXvArMA0GCSqGSIb3DQEBCwUAA4IBAQADgusk76ppFWF8fJmwMg+N02ui
fkzBVw3khYXJH0DT1MR5k3W+mlprr6Lda/NNz3ZaHAoTWzVGKAYl2b/pr/WCrgB+
SJ/xqjnI6RO2mKzKbbomCSyAqCIH0jXSnd71uRTaGBjz/HpDYRtdFmNzj8gv6B/K
1vh22NVtpz+yJ59iOHKy31l4fcV0zZ2gQ5pMYj9GbMjlyjA1vdUsKTm0Im75MOQE
QqH6qcCduWu4/+w7eOrMSx5FrAVckbCBPz5ZEpT0WhD5oZnREuilbwBcW591LQKX
50jgOH2Hq10OpG10aT/ivciyOFCAyXyN3Ml69qgmryXJJyHyfZW8LDK83fel
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org