Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/OhZjU4GxmCeIx8xGWHBOGUWRX0Y.roa
File: OhZjU4GxmCeIx8xGWHBOGUWRX0Y.roa (raw, json)
Hash identifier: O33rljQb1Jsp99xs/mZr+b5S8/uRHgxhVml3lNCG2Iw=
Subject key identifier: 3A:16:63:53:81:B1:98:27:88:C7:CC:46:58:70:4E:19:45:91:5F:46
Certificate issuer: /CN=817cb14ce4014ac3269d70eeea89c87055b176f1
Certificate serial: 018B0FD2A10E879F0B80C21FC6016904E6E9
Authority key identifier: 81:7C:B1:4C:E4:01:4A:C3:26:9D:70:EE:EA:89:C8:70:55:B1:76:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXyxTOQBSsMmnXDu6onIcFWxdvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/OhZjU4GxmCeIx8xGWHBOGUWRX0Y.roa
Signing time: Sun 08 Oct 2023 15:05:43 +0000
ROA not before: Sun 08 Oct 2023 15:05:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42244
IP address blocks: 91.189.82.0/24 maxlen: 24
91.189.84.0/23 maxlen: 23
91.189.80.0/23 maxlen: 23
178.218.210.0/23 maxlen: 23
91.189.86.0/23 maxlen: 23
178.218.208.0/23 maxlen: 23
178.218.212.0/22 maxlen: 22
178.218.218.0/24 maxlen: 24
178.218.216.0/23 maxlen: 23
178.218.222.0/23 maxlen: 23
178.218.220.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0f:d2:a1:0e:87:9f:0b:80:c2:1f:c6:01:69:04:e6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=817cb14ce4014ac3269d70eeea89c87055b176f1
Validity
Not Before: Oct 8 15:05:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a16635381b1982788c7cc4658704e1945915f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:3c:5f:b7:77:09:34:99:a9:7b:bb:6f:93:
b8:87:d5:7d:c8:48:2c:e7:38:ab:fa:08:05:fa:83:
5f:bc:74:ce:fc:6c:0f:9f:08:f9:0d:a1:12:ce:bf:
78:03:24:57:b5:5f:e9:dc:76:61:e0:69:c3:e5:2c:
96:2d:a8:ae:09:24:61:3d:65:c5:42:95:cd:70:18:
88:ed:d4:5d:97:f3:ea:97:bb:bf:2a:94:72:29:9e:
36:81:d5:0d:7d:a7:70:32:08:30:47:fe:69:c1:ab:
fb:70:d6:4b:d6:e7:44:f1:87:9a:13:d2:e8:c0:f0:
f4:24:03:aa:3b:20:f3:e1:8f:be:b2:7d:71:46:73:
bb:af:92:12:c3:ce:da:d4:a7:1c:9c:20:3c:e8:c6:
c7:aa:6e:d4:58:e5:05:66:45:ee:b8:a5:6e:b7:61:
41:bd:83:a9:a8:ab:f9:65:aa:19:76:13:56:61:dc:
62:36:7f:9b:ef:35:57:ef:41:e7:1e:6a:cb:fd:73:
82:2a:ea:a3:e2:b7:2e:4b:58:54:e1:ea:cf:68:6c:
17:f0:3c:2f:7a:87:aa:c6:df:15:1b:d3:6b:9b:47:
31:aa:89:29:72:88:de:54:ca:9f:6f:cb:f7:df:9f:
b9:db:3d:07:2e:59:c1:dc:83:87:44:6f:f0:16:c5:
0b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:16:63:53:81:B1:98:27:88:C7:CC:46:58:70:4E:19:45:91:5F:46
X509v3 Authority Key Identifier:
keyid:81:7C:B1:4C:E4:01:4A:C3:26:9D:70:EE:EA:89:C8:70:55:B1:76:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXyxTOQBSsMmnXDu6onIcFWxdvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/OhZjU4GxmCeIx8xGWHBOGUWRX0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f6f508-4b3e-422d-8fbc-1a2abda1a9e5/1/gXyxTOQBSsMmnXDu6onIcFWxdvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.80.0-91.189.82.255
91.189.84.0/22
178.218.208.0-178.218.218.255
178.218.220.0/22
Signature Algorithm: sha256WithRSAEncryption
51:02:2c:4d:38:76:a3:44:b2:47:fd:2e:8c:11:ca:33:09:94:
31:14:99:70:53:77:58:ca:4a:2d:d1:e3:28:d1:2c:28:e2:68:
93:11:5e:17:9d:ce:99:c9:5e:f3:e1:3c:eb:9e:6f:22:8d:bd:
27:87:ab:19:f2:7d:ca:7f:4d:12:93:9c:56:d9:43:ed:08:81:
3c:b6:2f:94:3a:ea:6c:00:47:ba:b1:71:21:f3:21:98:bc:bb:
68:3a:8a:05:fd:21:ea:54:c7:16:24:2d:ab:cf:35:f3:1e:65:
a1:3d:17:6e:0e:b8:e2:8f:83:af:ef:55:59:34:77:55:92:fc:
cb:b5:93:a2:8c:58:81:ce:47:ab:a5:92:63:44:4c:28:09:fb:
79:99:c3:08:c4:86:79:77:ca:ca:4b:55:e4:fe:1f:74:63:85:
a8:1b:d7:ef:04:68:ae:b5:3d:12:67:91:6d:7e:0d:1a:a9:f4:
42:a9:a4:0c:cd:dc:3a:21:fe:11:cd:28:87:8c:31:88:ec:28:
38:01:e7:ec:97:ba:8d:03:ab:8c:1e:e5:12:a5:77:8e:81:d4:
b9:b7:f6:4b:68:56:5a:2e:e5:7a:b7:a4:10:eb:a7:ca:ab:99:
2c:89:af:f3:36:70:b7:a4:ff:4d:ee:5f:7d:7a:86:67:98:0e:
57:7a:85:6a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYsP0qEOh58LgMIfxgFpBObpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxN2NiMTRjZTQwMTRhYzMyNjlkNzBlZWVhODljODcwNTVi
MTc2ZjEwHhcNMjMxMDA4MTUwNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE2NjM1MzgxYjE5ODI3ODhjN2NjNDY1ODcwNGUxOTQ1OTE1ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiM8X7d3CTSZqXu7b5O4h9V9yEgs
5zir+ggF+oNfvHTO/GwPnwj5DaESzr94AyRXtV/p3HZh4GnD5SyWLaiuCSRhPWXF
QpXNcBiI7dRdl/Pql7u/KpRyKZ42gdUNfadwMggwR/5pwav7cNZL1udE8YeaE9Lo
wPD0JAOqOyDz4Y++sn1xRnO7r5ISw87a1KccnCA86MbHqm7UWOUFZkXuuKVut2FB
vYOpqKv5ZaoZdhNWYdxiNn+b7zVX70HnHmrL/XOCKuqj4rcuS1hU4erPaGwX8Dwv
eoeqxt8VG9Nrm0cxqokpcojeVMqfb8v335+52z0HLlnB3IOHRG/wFsULJQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDoWY1OBsZgniMfMRlhwThlFkV9GMB8GA1UdIwQY
MBaAFIF8sUzkAUrDJp1w7uqJyHBVsXbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1h5eFRPUUJTc01tblhEdTZvbkljRld4ZHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mNmY1MDgtNGIzZS00MjJkLThmYmMt
MWEyYWJkYTFhOWU1LzEvT2haalU0R3htQ2VJeDh4R1dIQk9HVVdSWDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mNmY1MDgtNGIzZS00MjJkLThmYmMtMWEyYWJkYTFhOWU1
LzEvZ1h5eFRPUUJTc01tblhEdTZvbkljRld4ZHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBARbvVAD
BABbvVIDBAJbvVQwDAMEBLLa0AMEALLa2gMEArLa3DANBgkqhkiG9w0BAQsFAAOC
AQEAUQIsTTh2o0SyR/0ujBHKMwmUMRSZcFN3WMpKLdHjKNEsKOJokxFeF53Omcle
8+E8655vIo29J4erGfJ9yn9NEpOcVtlD7QiBPLYvlDrqbABHurFxIfMhmLy7aDqK
Bf0h6lTHFiQtq8818x5loT0Xbg644o+Dr+9VWTR3VZL8y7WTooxYgc5Hq6WSY0RM
KAn7eZnDCMSGeXfKyktV5P4fdGOFqBvX7wRorrU9EmeRbX4NGqn0QqmkDM3cOiH+
Ec0oh4wxiOwoOAHn7Je6jQOrjB7lEqV3joHUubf2S2hWWi7lerekEOunyquZLImv
8zZwt6T/Te5ffXqGZ5gOV3qFag==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:47 2024 by rpki-client on console-ams.rpki-client.org