Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0QGRmtYNPIZ0xFV-LfdHqvN91FM.roa
File: 0QGRmtYNPIZ0xFV-LfdHqvN91FM.roa (raw, json)
Hash identifier: 8CsT4vsmjA/Zq0BwjHzFw5qprWGa98CXQ3CXnfhA57I=
Subject key identifier: D1:01:91:9A:D6:0D:3C:86:74:C4:55:7E:2D:F7:47:AA:F3:7D:D4:53
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018CC56E048AB367CC5A6DE9F4A6C702D8DB
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0QGRmtYNPIZ0xFV-LfdHqvN91FM.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211440
IP address blocks: 91.234.192.0/24 maxlen: 24
45.9.152.0/22 maxlen: 24
178.239.28.0/23 maxlen: 24
45.87.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:07:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:04:8a:b3:67:cc:5a:6d:e9:f4:a6:c7:02:d8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d101919ad60d3c8674c4557e2df747aaf37dd453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:d7:67:2f:78:eb:4a:50:53:e6:93:9b:71:
2f:cd:45:62:08:69:f2:f2:03:03:6d:51:4e:c9:18:
73:35:df:e4:08:4b:b2:61:f7:3d:f1:ad:14:8a:24:
75:33:68:85:eb:06:aa:2f:cc:df:11:00:72:0a:b5:
51:91:3a:fa:9b:e8:19:82:ea:fc:ff:39:19:ee:12:
50:42:0f:05:41:eb:ed:dd:c7:6c:33:c2:92:d6:04:
90:68:8e:f7:90:66:2b:ab:d3:b9:ae:4e:36:0f:8c:
31:96:88:32:4d:ad:17:e6:76:6a:ba:cd:80:9a:00:
12:a9:8b:aa:ee:1d:25:ac:dd:38:e0:5a:d3:fe:7c:
3a:9f:8a:af:0a:41:de:81:6a:b9:40:e0:f8:a7:fd:
d6:a9:07:e7:e7:1a:42:42:f3:4e:d9:0d:b6:d1:4d:
00:9c:b7:08:c8:98:b1:05:63:b0:ab:72:72:59:bf:
95:13:3a:d4:7b:37:52:55:de:fb:9c:c8:8a:27:4e:
d8:ae:1e:29:30:f8:b6:d4:4b:c7:1a:98:28:8e:99:
b7:21:63:1e:c0:82:4b:cf:8b:bc:57:b5:d8:05:96:
4e:09:bf:b4:6f:52:43:68:76:7f:ff:e6:e5:2c:5c:
ad:02:b5:72:9a:6d:50:06:d0:9d:ac:36:26:d4:11:
a2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:01:91:9A:D6:0D:3C:86:74:C4:55:7E:2D:F7:47:AA:F3:7D:D4:53
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/0QGRmtYNPIZ0xFV-LfdHqvN91FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.152.0/22
45.87.44.0/22
91.234.192.0/24
178.239.28.0/23
Signature Algorithm: sha256WithRSAEncryption
63:26:b5:53:09:05:71:d8:a6:a3:f9:ad:b0:6c:6e:f1:da:de:
2c:88:d1:0c:e6:08:51:67:4e:b8:45:cd:b0:fa:de:5c:6e:6d:
c9:ec:af:e8:04:f2:d3:85:03:d1:23:18:db:1d:09:31:df:41:
e7:90:0a:6e:f9:6c:f1:c9:e6:38:17:f4:d5:1e:72:40:6d:53:
ef:d2:f8:6c:e7:e8:17:29:97:3f:82:7c:01:04:48:56:6f:b7:
23:f8:6f:21:5e:28:f0:59:49:9c:7d:14:11:1e:fd:a5:3e:7a:
12:44:2b:c6:db:82:c0:b8:b7:0f:df:f9:0c:2f:d1:9f:1b:b2:
91:ba:82:4a:a2:14:d2:aa:0c:f5:60:3f:24:23:40:7f:5c:0c:
d7:bf:d1:59:d3:e9:7c:90:b3:75:9b:3c:c8:ab:56:9d:6f:92:
e3:04:47:f9:60:fa:d4:94:b1:e2:85:07:d4:0b:8d:b5:e0:4b:
7b:b8:14:7c:88:1b:45:86:0d:f0:be:d6:80:76:b5:60:df:66:
ee:08:35:29:75:9b:d0:f2:56:ff:37:9f:91:fb:d6:6e:f8:9e:
db:ef:fb:31:c2:bc:36:d8:21:6b:d2:86:ae:15:14:cb:87:97:
29:26:07:83:d1:ae:11:2f:04:d9:73:d9:75:26:c1:18:9d:4c:
ad:bd:52:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbgSKs2fMWm3p9KbHAtjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTAxOTE5YWQ2MGQzYzg2NzRjNDU1N2UyZGY3NDdhYWYzN2RkNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0PXZy9460pQU+aTm3EvzUViCGny
8gMDbVFOyRhzNd/kCEuyYfc98a0UiiR1M2iF6waqL8zfEQByCrVRkTr6m+gZgur8
/zkZ7hJQQg8FQevt3cdsM8KS1gSQaI73kGYrq9O5rk42D4wxlogyTa0X5nZqus2A
mgASqYuq7h0lrN044FrT/nw6n4qvCkHegWq5QOD4p/3WqQfn5xpCQvNO2Q220U0A
nLcIyJixBWOwq3JyWb+VEzrUezdSVd77nMiKJ07Yrh4pMPi21EvHGpgojpm3IWMe
wIJLz4u8V7XYBZZOCb+0b1JDaHZ//+blLFytArVymm1QBtCdrDYm1BGiLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNEBkZrWDTyGdMRVfi33R6rzfdRTMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMFFHUm10WU5QSVoweEZWLUxmZEhxdk45MUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQmYAwQC
LVcsAwQAW+rAAwQBsu8cMA0GCSqGSIb3DQEBCwUAA4IBAQBjJrVTCQVx2Kaj+a2w
bG7x2t4siNEM5ghRZ064Rc2w+t5cbm3J7K/oBPLThQPRIxjbHQkx30HnkApu+Wzx
yeY4F/TVHnJAbVPv0vhs5+gXKZc/gnwBBEhWb7cj+G8hXijwWUmcfRQRHv2lPnoS
RCvG24LAuLcP3/kML9GfG7KRuoJKohTSqgz1YD8kI0B/XAzXv9FZ0+l8kLN1mzzI
q1adb5LjBEf5YPrUlLHihQfUC4214Et7uBR8iBtFhg3wvtaAdrVg32buCDUpdZvQ
8lb/N5+R+9Zu+J7b7/sxwrw22CFr0oauFRTLh5cpJgeD0a4RLwTZc9l1JsEYnUyt
vVK4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org