Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OmxYwqGZHi4QgV0Xyc0ZU7iTi34.roa
File: OmxYwqGZHi4QgV0Xyc0ZU7iTi34.roa (raw, json)
Hash identifier: BWeA1FeBT0i+XEKQ7ukuNjtVdI5grSKKHNtMgT433uc=
Subject key identifier: 3A:6C:58:C2:A1:99:1E:2E:10:81:5D:17:C9:CD:19:53:B8:93:8B:7E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188053F3A1B7B746FF8FDFFF68D5E241BEB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OmxYwqGZHi4QgV0Xyc0ZU7iTi34.roa
Signing time: Wed 10 May 2023 10:40:09 +0000
ROA not before: Wed 10 May 2023 10:40:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 185.251.229.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 09:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:3f:3a:1b:7b:74:6f:f8:fd:ff:f6:8d:5e:24:1b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 10 10:40:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6c58c2a1991e2e10815d17c9cd1953b8938b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f7:3b:55:ce:29:ed:13:90:4d:f7:17:0a:e8:
25:e5:c8:1c:f9:9b:7f:4a:db:c8:0d:5b:9a:f2:15:
85:ad:a0:e2:6b:93:65:1f:4b:f7:e0:3d:b6:7e:03:
5c:37:d7:fc:fb:6c:71:65:f9:93:05:a3:61:90:2e:
58:e0:15:94:c6:50:58:b6:3b:bb:45:53:f3:db:a5:
8d:5d:b7:7d:ab:3e:cc:7d:fd:9d:a7:1d:21:cb:3a:
1a:1b:10:50:6b:9c:f8:5b:37:cd:4a:2c:42:c2:24:
89:8c:25:81:6a:1d:2b:67:bf:8b:7a:1a:30:ab:d8:
52:73:c0:f7:75:88:12:5c:93:4d:1e:57:8b:7a:47:
51:f2:b2:a4:f1:74:50:61:cc:86:10:d4:83:5c:79:
10:f8:f8:c8:0c:1b:ae:dd:40:a0:e1:2e:f5:37:a5:
c5:14:94:47:2e:51:e8:09:56:e8:ff:9f:3f:cb:d5:
b4:c1:e8:30:47:b0:d2:6e:67:9c:14:9a:b3:f9:57:
d1:b8:ad:f3:1e:bf:56:81:fe:84:aa:ad:7d:73:75:
e1:50:51:c5:c8:36:eb:f1:10:86:ce:a4:48:0c:01:
b1:a7:06:18:45:fc:b1:0f:5e:76:0c:10:3a:c6:57:
b2:40:60:31:d4:1d:f1:b6:92:07:70:a9:3f:5f:52:
5e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6C:58:C2:A1:99:1E:2E:10:81:5D:17:C9:CD:19:53:B8:93:8B:7E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OmxYwqGZHi4QgV0Xyc0ZU7iTi34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.134.0/24
185.251.229.0/24
Signature Algorithm: sha256WithRSAEncryption
24:26:5a:8a:d6:a1:53:75:ca:e6:09:04:ab:ae:32:0e:7f:62:
9b:8b:6b:33:cb:08:c0:e5:4a:8e:07:74:9d:16:51:3f:1b:f4:
f4:95:3d:04:d0:1b:90:f1:a0:62:b2:f7:cf:ee:1f:d6:1f:94:
3c:48:cd:de:76:bc:69:65:52:9e:8c:1f:eb:46:04:8b:2a:f0:
dd:8b:c5:6a:0d:a9:16:7a:f5:f9:73:48:e1:43:ff:8b:f0:8d:
b7:88:04:0b:c5:83:d0:e5:80:0a:1c:54:a8:bc:9f:9d:33:76:
c9:d1:bb:50:3f:d7:53:ac:ca:d3:5c:96:e3:ba:3a:de:98:fa:
31:cd:d4:f2:1b:d7:ed:0d:3f:cb:c5:1f:fe:e7:30:f1:02:7a:
4d:ee:37:5f:f6:6f:85:7d:09:1f:1f:71:5e:83:db:64:78:de:
85:9f:28:40:fa:cb:3e:5e:cb:e7:6e:a3:9e:e6:36:0a:ee:71:
a5:38:09:b0:a4:4f:2e:2c:b1:7a:e7:10:c6:a3:87:3b:86:4c:
71:59:6e:e7:2e:a0:78:71:ff:93:50:50:0f:ed:94:9d:fa:b2:
e3:f0:f5:67:ba:60:22:da:a9:b7:d0:a5:1a:e2:87:30:86:aa:
89:c4:a0:11:5c:42:30:cb:73:48:fe:e9:f2:71:a5:a7:cc:a4:
36:82:4c:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgFPzobe3Rv+P3/9o1eJBvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTEwMTA0MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZjNThjMmExOTkxZTJlMTA4MTVkMTdjOWNkMTk1M2I4OTM4YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvc7Vc4p7ROQTfcXCugl5cgc+Zt/
StvIDVua8hWFraDia5NlH0v34D22fgNcN9f8+2xxZfmTBaNhkC5Y4BWUxlBYtju7
RVPz26WNXbd9qz7Mff2dpx0hyzoaGxBQa5z4WzfNSixCwiSJjCWBah0rZ7+Lehow
q9hSc8D3dYgSXJNNHleLekdR8rKk8XRQYcyGENSDXHkQ+PjIDBuu3UCg4S71N6XF
FJRHLlHoCVbo/58/y9W0wegwR7DSbmecFJqz+VfRuK3zHr9Wgf6Eqq19c3XhUFHF
yDbr8RCGzqRIDAGxpwYYRfyxD152DBA6xleyQGAx1B3xtpIHcKk/X1JepwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpsWMKhmR4uEIFdF8nNGVO4k4t+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT214WXdxR1pIaTRRZ1YwWHljMFpVN2lUaTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYOGAwQA
ufvlMA0GCSqGSIb3DQEBCwUAA4IBAQAkJlqK1qFTdcrmCQSrrjIOf2Kbi2szywjA
5UqOB3SdFlE/G/T0lT0E0BuQ8aBisvfP7h/WH5Q8SM3edrxpZVKejB/rRgSLKvDd
i8VqDakWevX5c0jhQ/+L8I23iAQLxYPQ5YAKHFSovJ+dM3bJ0btQP9dTrMrTXJbj
ujremPoxzdTyG9ftDT/LxR/+5zDxAnpN7jdf9m+FfQkfH3Feg9tkeN6FnyhA+ss+
XsvnbqOe5jYK7nGlOAmwpE8uLLF65xDGo4c7hkxxWW7nLqB4cf+TUFAP7ZSd+rLj
8PVnumAi2qm30KUa4ocwhqqJxKARXEIwy3NI/unycaWnzKQ2gkxv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org