Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OA91NtqIjHE-QHsDLdZlaVsqqrc.roa
File: OA91NtqIjHE-QHsDLdZlaVsqqrc.roa (raw, json)
Hash identifier: eE5LtHnBDt/deLmpV8jyQzfQo5pL43BkWJ5wifpJTPI=
Subject key identifier: 38:0F:75:36:DA:88:8C:71:3E:40:7B:03:2D:D6:65:69:5B:2A:AA:B7
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571156177F3AB04529E563BD1E97A22F2
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OA91NtqIjHE-QHsDLdZlaVsqqrc.roa
Signing time: Mon 02 Jan 2023 06:05:04 +0000
ROA not before: Mon 02 Jan 2023 06:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211746
IP address blocks: 78.133.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:61:77:f3:ab:04:52:9e:56:3b:d1:e9:7a:22:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=380f7536da888c713e407b032dd665695b2aaab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:e6:4b:0a:87:c1:ff:a9:1f:d9:e5:3f:08:
09:f3:02:e5:62:a0:f8:ea:41:65:d2:0f:b9:f0:93:
9e:15:92:73:4f:2a:b2:20:c2:bf:ca:28:2d:d1:99:
d7:5f:86:c4:b4:4f:d9:3f:14:ac:ae:fe:b7:d6:2f:
0c:e8:8c:0b:ad:72:d9:84:62:05:4b:d3:9f:6c:e3:
5c:66:c3:1c:fb:ef:b6:4c:5e:44:1a:00:49:6a:94:
e6:7e:35:8b:5e:69:07:b3:a5:6e:7b:5d:57:07:c1:
32:03:9f:c7:32:00:39:9f:a7:c2:8c:2e:8e:a5:86:
13:6d:8a:df:de:b5:d1:29:3e:3b:b8:17:c0:96:9a:
4c:89:06:b6:4b:07:82:84:00:f9:c8:aa:10:ae:a1:
4d:91:e9:54:bc:20:4d:90:15:08:22:8f:d0:91:bd:
29:75:8b:a2:95:49:e0:03:37:b0:b5:3b:4b:98:c7:
d9:15:66:a3:dc:88:32:60:6a:fd:ed:d0:f7:28:76:
7e:20:29:97:02:2d:38:1d:78:ce:65:25:3b:3b:28:
e6:a1:47:24:9d:44:d3:f0:40:ba:42:3b:5f:39:86:
4a:3e:86:63:13:6e:b5:97:fd:68:b0:19:89:94:55:
ee:d9:fc:d7:01:ad:4a:97:24:4a:d0:c7:79:90:5d:
d1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0F:75:36:DA:88:8C:71:3E:40:7B:03:2D:D6:65:69:5B:2A:AA:B7
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/OA91NtqIjHE-QHsDLdZlaVsqqrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.166.0/24
Signature Algorithm: sha256WithRSAEncryption
08:0a:23:c2:1b:af:e7:62:35:63:eb:6a:fc:96:6b:74:22:40:
70:40:3e:9f:8a:b3:76:ed:e7:5c:e4:b7:65:99:5d:0c:bf:fb:
46:82:34:bc:16:d4:93:09:33:4f:94:9c:32:87:17:04:f9:d2:
2f:eb:f8:60:a9:3c:ea:eb:f8:7b:6f:eb:67:26:a0:98:3f:df:
f4:68:4b:12:af:08:31:5f:e0:f5:11:8b:da:f1:a0:5f:31:4e:
81:2d:32:9c:3a:ff:2e:6d:49:b9:ea:99:62:5d:1e:04:80:81:
c0:5d:12:69:60:ab:3d:19:47:9e:22:1f:f0:5f:fe:67:5e:2a:
8e:c2:cf:08:32:b9:97:56:cb:fb:73:84:bc:89:09:ae:c5:ec:
e8:47:29:ad:43:85:e1:d7:f3:67:75:fd:7a:0e:a5:3c:90:61:
2f:c2:67:6f:b6:d0:e1:e9:39:71:6e:4a:7c:d7:1a:c8:4f:cf:
ee:43:64:2b:d8:e7:46:b6:b6:c4:af:67:1d:58:4f:24:d4:10:
b3:08:78:fe:f9:af:a2:1e:ec:18:e7:29:ae:bd:73:81:b2:98:
94:27:ca:1b:c3:2e:b1:28:e5:2c:12:52:53:bc:f2:4c:49:a0:
81:52:40:91:f4:4f:00:a8:f1:74:e0:aa:80:9d:2b:16:46:fc:
3b:cc:6a:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFWF386sEUp5WO9HpeiLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBmNzUzNmRhODg4YzcxM2U0MDdiMDMyZGQ2NjU2OTViMmFhYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdPmSwqHwf+pH9nlPwgJ8wLlYqD4
6kFl0g+58JOeFZJzTyqyIMK/yigt0ZnXX4bEtE/ZPxSsrv631i8M6IwLrXLZhGIF
S9OfbONcZsMc+++2TF5EGgBJapTmfjWLXmkHs6Vue11XB8EyA5/HMgA5n6fCjC6O
pYYTbYrf3rXRKT47uBfAlppMiQa2SweChAD5yKoQrqFNkelUvCBNkBUIIo/Qkb0p
dYuilUngAzewtTtLmMfZFWaj3IgyYGr97dD3KHZ+ICmXAi04HXjOZSU7OyjmoUck
nUTT8EC6QjtfOYZKPoZjE261l/1osBmJlFXu2fzXAa1KlyRK0Md5kF3RPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgPdTbaiIxxPkB7Ay3WZWlbKqq3MB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvT0E5MU50cUlqSEUtUUhzRExkWmxhVnNxcXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToWmMA0G
CSqGSIb3DQEBCwUAA4IBAQAICiPCG6/nYjVj62r8lmt0IkBwQD6firN27edc5Ldl
mV0Mv/tGgjS8FtSTCTNPlJwyhxcE+dIv6/hgqTzq6/h7b+tnJqCYP9/0aEsSrwgx
X+D1EYva8aBfMU6BLTKcOv8ubUm56pliXR4EgIHAXRJpYKs9GUeeIh/wX/5nXiqO
ws8IMrmXVsv7c4S8iQmuxezoRymtQ4Xh1/Nndf16DqU8kGEvwmdvttDh6Tlxbkp8
1xrIT8/uQ2Qr2OdGtrbEr2cdWE8k1BCzCHj++a+iHuwY5ymuvXOBspiUJ8obwy6x
KOUsElJTvPJMSaCBUkCR9E8AqPF04KqAnSsWRvw7zGrb
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org