Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/oAzF05HjLj7x4ShdYMVcXbIHzSc.roa
File: oAzF05HjLj7x4ShdYMVcXbIHzSc.roa (raw, json)
Hash identifier: 663C76TPe7NZl9mn4VDDPti0T6jZzySbhXE9EViEqJ0=
Subject key identifier: A0:0C:C5:D3:91:E3:2E:3E:F1:E1:28:5D:60:C5:5C:5D:B2:07:CD:27
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018BF08D1BF21C4478A36FC870E1B99896B1
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/oAzF05HjLj7x4ShdYMVcXbIHzSc.roa
Signing time: Tue 21 Nov 2023 06:24:21 +0000
ROA not before: Tue 21 Nov 2023 06:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 92.61.110.0/24 maxlen: 24
92.61.107.0/24 maxlen: 24
91.190.186.0/24 maxlen: 24
91.190.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:8d:1b:f2:1c:44:78:a3:6f:c8:70:e1:b9:98:96:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Nov 21 06:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00cc5d391e32e3ef1e1285d60c55c5db207cd27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:8f:8d:c0:07:a9:a2:92:df:28:6b:be:30:
24:61:fd:6c:c1:65:17:20:9b:7d:11:af:d1:f7:07:
20:68:92:66:8c:c8:44:1c:71:6d:e7:ab:c6:71:81:
83:02:f9:a0:8e:50:0d:b2:f6:cd:e6:b5:bc:67:44:
ef:20:d0:35:cf:16:c7:73:17:a6:96:ae:59:d8:f2:
b7:7f:cf:76:56:c8:13:7c:6b:08:29:97:12:63:c7:
29:a0:de:0d:18:6a:b4:c9:5b:60:c4:89:84:77:67:
91:81:a8:2a:5f:e8:4c:23:26:38:b5:0f:b8:7c:f4:
e4:95:cf:56:68:86:ef:05:36:fb:a4:f1:20:60:db:
ac:65:b1:9c:12:0a:6c:25:ce:53:7f:ae:b1:21:84:
0f:d5:57:68:f1:c5:01:73:ac:f1:ae:1b:e6:a4:56:
0d:3b:34:4e:23:8a:17:27:c2:db:88:9c:41:41:b3:
5b:15:2d:4e:c7:d0:f9:d4:db:30:de:08:a4:16:2d:
8b:94:8c:70:d7:e5:81:d4:98:f9:c6:71:4e:e6:c6:
7e:8f:31:5d:e2:92:f4:f5:1d:c8:28:29:3b:95:3e:
d2:1d:cb:88:ec:17:a4:ee:57:af:45:ec:7a:78:e1:
7c:8c:43:f3:e3:1f:6d:ab:3a:ac:18:a8:ef:5d:58:
aa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0C:C5:D3:91:E3:2E:3E:F1:E1:28:5D:60:C5:5C:5D:B2:07:CD:27
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/oAzF05HjLj7x4ShdYMVcXbIHzSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.186.0/24
91.190.191.0/24
92.61.107.0/24
92.61.110.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e8:b0:c2:9d:fe:94:ba:fb:5e:87:40:da:b5:d2:34:ee:5f:
46:78:5e:13:36:83:6b:dd:e8:60:6f:10:74:36:04:b2:37:8c:
c0:02:db:48:62:50:84:22:83:a3:d7:57:94:80:1d:12:c4:bf:
77:01:19:80:01:de:75:5c:a3:64:66:9a:a2:98:09:a6:67:79:
d6:ae:02:b4:53:d9:7f:c8:35:2e:da:44:ba:70:29:d9:66:74:
8e:79:af:c7:1f:66:27:bb:03:c4:32:9f:14:08:02:b8:14:e7:
84:3a:05:91:bf:27:83:ae:65:f9:e4:b3:3f:2d:52:8d:9a:d7:
32:cf:ec:0f:83:dc:44:a1:24:5f:0c:83:ec:9b:30:9a:de:fa:
e2:43:91:fd:b1:a0:95:07:51:76:86:18:a4:b7:31:a5:d4:b3:
30:2e:3f:d9:1a:e0:cf:52:58:11:37:3d:be:6e:04:58:ec:7e:
c3:e1:21:e5:37:7e:9b:c9:a3:17:65:f8:2c:50:ab:9c:1f:9b:
16:90:ed:c4:0d:01:03:31:7c:b4:3d:19:74:b1:dd:b7:07:8c:
19:2b:d5:71:36:8c:98:f7:2b:93:85:e9:07:20:25:42:b6:7d:
3c:39:9c:0f:41:bb:5c:9e:11:a9:d7:f0:70:65:ff:06:6a:f0:
60:f8:6b:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvwjRvyHER4o2/IcOG5mJaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMxMTIxMDYyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBjYzVkMzkxZTMyZTNlZjFlMTI4NWQ2MGM1NWM1ZGIyMDdjZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKKPjcAHqaKS3yhrvjAkYf1swWUX
IJt9Ea/R9wcgaJJmjMhEHHFt56vGcYGDAvmgjlANsvbN5rW8Z0TvINA1zxbHcxem
lq5Z2PK3f892VsgTfGsIKZcSY8cpoN4NGGq0yVtgxImEd2eRgagqX+hMIyY4tQ+4
fPTklc9WaIbvBTb7pPEgYNusZbGcEgpsJc5Tf66xIYQP1Vdo8cUBc6zxrhvmpFYN
OzROI4oXJ8LbiJxBQbNbFS1Ox9D51Nsw3gikFi2LlIxw1+WB1Jj5xnFO5sZ+jzFd
4pL09R3IKCk7lT7SHcuI7Bek7levRex6eOF8jEPz4x9tqzqsGKjvXViqYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKAMxdOR4y4+8eEoXWDFXF2yB80nMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvb0F6RjA1SGpMajd4NFNoZFlNVmNYYklIelNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW766AwQA
W76/AwQAXD1rAwQAXD1uMA0GCSqGSIb3DQEBCwUAA4IBAQA+6LDCnf6Uuvteh0Da
tdI07l9GeF4TNoNr3ehgbxB0NgSyN4zAAttIYlCEIoOj11eUgB0SxL93ARmAAd51
XKNkZpqimAmmZ3nWrgK0U9l/yDUu2kS6cCnZZnSOea/HH2YnuwPEMp8UCAK4FOeE
OgWRvyeDrmX55LM/LVKNmtcyz+wPg9xEoSRfDIPsmzCa3vriQ5H9saCVB1F2hhik
tzGl1LMwLj/ZGuDPUlgRNz2+bgRY7H7D4SHlN36byaMXZfgsUKucH5sWkO3EDQED
MXy0PRl0sd23B4wZK9VxNoyY9yuThekHICVCtn08OZwPQbtcnhGp1/BwZf8GavBg
+GuT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org