Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Osy4bzyHlPaIK-uTBB2Tz0tRjVM.roa
File: Osy4bzyHlPaIK-uTBB2Tz0tRjVM.roa (raw, json)
Hash identifier: 2ETamd8Dk6tjIXBKRjoOB84QzyNTV76o/iHzGJJjrpI=
Subject key identifier: 3A:CC:B8:6F:3C:87:94:F6:88:2B:EB:93:04:1D:93:CF:4B:51:8D:53
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018AA6F7771007659D50ED4A0FA401EAEACA
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Osy4bzyHlPaIK-uTBB2Tz0tRjVM.roa
Signing time: Mon 18 Sep 2023 06:25:50 +0000
ROA not before: Mon 18 Sep 2023 06:25:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197077
IP address blocks: 45.13.202.0/23 maxlen: 23
217.198.192.0/20 maxlen: 24
91.220.70.0/24 maxlen: 24
2a04:a450::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:f7:77:10:07:65:9d:50:ed:4a:0f:a4:01:ea:ea:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Sep 18 06:25:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3accb86f3c8794f6882beb93041d93cf4b518d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:73:1f:4c:d8:16:d6:34:fd:cd:2c:7c:38:ba:
bd:f8:fa:9d:78:05:13:5f:ca:58:1a:b2:5b:47:03:
7a:b1:40:3b:a8:fc:8f:1c:f0:32:c8:10:91:80:4d:
55:3a:6f:77:23:f5:8b:7c:ed:c9:2c:e0:5a:06:53:
e3:df:1c:a0:dd:2f:88:39:7d:8f:94:3f:70:e4:45:
71:dc:67:40:41:03:26:3f:0c:01:fc:d5:4d:50:15:
ae:47:78:3e:98:3e:99:47:89:93:4f:bd:4e:d6:88:
f5:7d:29:a2:25:29:31:c2:61:59:a3:eb:eb:7e:4a:
34:c1:7a:30:68:47:ad:2a:97:69:e3:18:03:99:49:
e2:ca:40:b1:3c:6e:07:39:4f:14:33:35:d8:96:df:
7e:e9:d5:08:e6:3a:f2:9c:b8:7e:23:1e:f1:4a:74:
ab:8a:69:c2:4e:b5:ac:96:e9:9e:62:17:4a:56:a3:
85:78:f8:15:91:f8:84:ce:d8:26:3e:bc:8c:64:23:
9b:ce:67:e6:3b:bf:ff:11:a2:de:69:1d:1e:2f:d4:
10:ce:11:a6:02:51:85:22:15:78:9e:2d:6c:25:1b:
15:48:44:2b:f0:2b:e8:d0:fa:b7:c8:e3:90:b6:de:
ff:f2:47:a9:72:15:eb:21:91:97:72:19:58:ff:8b:
4b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CC:B8:6F:3C:87:94:F6:88:2B:EB:93:04:1D:93:CF:4B:51:8D:53
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Osy4bzyHlPaIK-uTBB2Tz0tRjVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.202.0/23
91.220.70.0/24
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
b6:84:a6:41:c0:dc:4e:c5:a6:01:87:3d:cf:ea:b6:ce:00:a4:
87:0e:2f:fe:b7:07:11:ea:11:93:57:72:f3:75:82:65:6f:e9:
ce:77:db:a3:52:ae:ce:0e:45:53:02:3b:a8:0b:72:7b:47:d6:
30:62:10:0c:49:de:0a:5c:ab:39:ef:30:24:8d:7f:3b:8d:61:
79:9b:2a:b4:bc:ae:ec:59:3a:ad:c0:fc:9f:02:68:d0:ad:2d:
d9:59:7a:4c:6f:5f:0c:29:12:03:39:1a:78:99:2f:bc:df:6f:
67:98:c2:9c:b9:5e:0e:ae:30:d6:cf:b0:ac:1f:d7:27:7f:36:
da:55:cf:38:15:05:93:a1:fc:5c:15:80:5d:b2:0c:2a:14:13:
af:d5:62:ac:fe:e1:0b:ac:99:36:88:70:ff:77:6b:b9:dc:95:
db:e2:19:81:51:54:b6:aa:e6:af:a9:00:dd:c9:24:99:cc:3f:
a5:4c:70:7a:22:b2:d5:fa:93:01:ce:67:db:74:44:2a:d7:7c:
59:7a:42:9d:89:95:b1:2f:1f:0d:d9:55:d0:0b:52:9b:5e:7e:
20:ee:13:a3:d1:9e:4b:23:86:a4:ac:72:8b:f5:78:c5:f2:bc:
52:62:61:d6:99:39:64:78:55:60:92:de:61:58:1d:da:b4:20:
b4:b8:46:93
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqm93cQB2WdUO1KD6QB6urKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwOTE4MDYyNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNjYjg2ZjNjODc5NGY2ODgyYmViOTMwNDFkOTNjZjRiNTE4ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3MfTNgW1jT9zSx8OLq9+PqdeAUT
X8pYGrJbRwN6sUA7qPyPHPAyyBCRgE1VOm93I/WLfO3JLOBaBlPj3xyg3S+IOX2P
lD9w5EVx3GdAQQMmPwwB/NVNUBWuR3g+mD6ZR4mTT71O1oj1fSmiJSkxwmFZo+vr
fko0wXowaEetKpdp4xgDmUniykCxPG4HOU8UMzXYlt9+6dUI5jrynLh+Ix7xSnSr
imnCTrWslumeYhdKVqOFePgVkfiEztgmPryMZCObzmfmO7//EaLeaR0eL9QQzhGm
AlGFIhV4ni1sJRsVSEQr8Cvo0Pq3yOOQtt7/8kepchXrIZGXchlY/4tLIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDrMuG88h5T2iCvrkwQdk89LUY1TMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvT3N5NGJ6eUhsUGFJSy11VEJCMlR6MHRSalZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLQ3KAwQA
W9xGAwQE2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEBCwUAA4IBAQC2hKZB
wNxOxaYBhz3P6rbOAKSHDi/+twcR6hGTV3LzdYJlb+nOd9ujUq7ODkVTAjuoC3J7
R9YwYhAMSd4KXKs57zAkjX87jWF5myq0vK7sWTqtwPyfAmjQrS3ZWXpMb18MKRID
ORp4mS+8329nmMKcuV4OrjDWz7CsH9cnfzbaVc84FQWTofxcFYBdsgwqFBOv1WKs
/uELrJk2iHD/d2u53JXb4hmBUVS2quavqQDdySSZzD+lTHB6IrLV+pMBzmfbdEQq
13xZekKdiZWxLx8N2VXQC1KbXn4g7hOj0Z5LI4akrHKL9XjF8rxSYmHWmTlkeFVg
kt5hWB3atCC0uEaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org