Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ofGKguCiefgGaaoDiu3D2dB3jtY.roa
File: ofGKguCiefgGaaoDiu3D2dB3jtY.roa (raw, json)
Hash identifier: ydd4MCZoL7DWj0NYSNynyzIkLORGdOpO95brD3/pnWM=
Subject key identifier: A1:F1:8A:82:E0:A2:79:F8:06:69:AA:03:8A:ED:C3:D9:D0:77:8E:D6
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018A17D4038EE530454C7A68747878364061
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ofGKguCiefgGaaoDiu3D2dB3jtY.roa
Signing time: Mon 21 Aug 2023 11:21:25 +0000
ROA not before: Mon 21 Aug 2023 11:21:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 92.61.102.0/24 maxlen: 24
91.190.185.0/24 maxlen: 24
91.190.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 13:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:d4:03:8e:e5:30:45:4c:7a:68:74:78:78:36:40:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Aug 21 11:21:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1f18a82e0a279f80669aa038aedc3d9d0778ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3b:c0:bd:6b:3a:a5:32:ff:aa:63:60:02:84:
3f:d4:56:95:1c:f2:9a:91:b0:2b:ec:0e:05:69:ec:
69:bc:da:d4:5f:79:e0:da:5b:f2:3b:69:41:1d:6d:
69:c5:84:33:9a:cb:05:dc:9a:af:6c:f4:67:de:fa:
43:5a:a9:d2:3d:ef:2a:66:b6:f6:8e:22:c6:7b:d2:
7b:de:f8:b5:40:06:e6:a8:80:7a:f0:4d:27:d3:ca:
65:82:4c:6b:bb:8a:73:0d:33:76:8b:f4:57:f3:19:
88:09:f0:49:ed:ee:21:f5:1f:69:31:38:66:ea:4b:
b5:a6:23:a6:3a:2c:6f:06:c9:b0:9f:d8:b1:20:fd:
b2:ae:67:43:98:43:76:1b:f2:4f:42:f5:15:f9:8d:
95:1b:39:94:bd:65:45:dc:13:f5:85:29:80:1c:3e:
19:37:c1:9f:7e:01:0f:f6:30:bb:7b:74:d4:c7:32:
cb:57:12:48:f1:a3:e3:4f:68:9f:69:c6:e0:44:0c:
09:f5:96:33:fa:2f:b4:93:01:bf:6a:1c:48:6c:ce:
47:16:6e:64:bd:1e:cd:86:0d:b7:d0:bd:35:c3:fe:
3c:0f:29:5d:71:1a:2f:d2:10:81:ef:7c:e9:2e:8b:
54:04:a4:71:89:4b:9e:de:63:24:4a:e1:4c:f7:0b:
64:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F1:8A:82:E0:A2:79:F8:06:69:AA:03:8A:ED:C3:D9:D0:77:8E:D6
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ofGKguCiefgGaaoDiu3D2dB3jtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.185.0/24
91.190.188.0/24
92.61.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f7:ba:a1:c8:c2:cb:e4:d3:cb:51:6b:c2:55:05:a8:59:9f:
86:b5:f4:4f:b6:e6:e1:fb:5f:50:42:c1:37:3f:e7:d4:eb:4e:
12:25:b8:e5:59:f1:72:1e:32:2f:be:3c:0c:c7:b9:7f:dd:64:
5f:3d:2e:07:f2:05:6f:72:05:26:3f:39:29:bc:c6:2a:73:9a:
f2:15:d0:8d:b8:ac:a9:05:3c:70:d7:52:4f:bb:9e:f2:2d:3a:
75:97:42:63:a3:81:77:f2:51:24:4b:1d:5e:58:cb:c6:67:24:
9d:1d:25:e1:a3:24:25:c4:23:79:51:be:12:3d:87:5a:56:ed:
3d:0c:99:91:fa:47:3b:b7:b7:a3:81:2e:01:40:31:bd:7b:e2:
49:9d:2c:a8:ae:b7:d5:a0:74:aa:46:45:3b:03:52:b3:a9:8b:
48:14:51:62:c5:9d:73:2b:6a:f7:29:a9:7e:6c:87:b6:da:34:
07:98:59:99:eb:43:70:a6:fe:b0:2b:ef:04:6e:5a:3b:ce:c7:
14:1d:31:9c:a9:7d:7e:ec:73:49:e3:e9:02:8d:03:28:52:16:
d9:14:26:da:cd:ec:fa:a0:b1:47:c5:de:e2:8b:3a:88:f6:48:
9d:96:9d:dc:94:03:00:64:b1:3e:bb:64:8c:af:f0:36:c6:d1:
7e:2e:83:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoX1AOO5TBFTHpodHh4NkBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwODIxMTEyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYxOGE4MmUwYTI3OWY4MDY2OWFhMDM4YWVkYzNkOWQwNzc4ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTvAvWs6pTL/qmNgAoQ/1FaVHPKa
kbAr7A4FaexpvNrUX3ng2lvyO2lBHW1pxYQzmssF3JqvbPRn3vpDWqnSPe8qZrb2
jiLGe9J73vi1QAbmqIB68E0n08plgkxru4pzDTN2i/RX8xmICfBJ7e4h9R9pMThm
6ku1piOmOixvBsmwn9ixIP2yrmdDmEN2G/JPQvUV+Y2VGzmUvWVF3BP1hSmAHD4Z
N8GffgEP9jC7e3TUxzLLVxJI8aPjT2ifacbgRAwJ9ZYz+i+0kwG/ahxIbM5HFm5k
vR7Nhg230L01w/48DyldcRov0hCB73zpLotUBKRxiUue3mMkSuFM9wtkbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHxioLgonn4BmmqA4rtw9nQd47WMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvb2ZHS2d1Q2llZmdHYWFvRGl1M0QyZEIzanRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW765AwQA
W768AwQAXD1mMA0GCSqGSIb3DQEBCwUAA4IBAQCo97qhyMLL5NPLUWvCVQWoWZ+G
tfRPtubh+19QQsE3P+fU604SJbjlWfFyHjIvvjwMx7l/3WRfPS4H8gVvcgUmPzkp
vMYqc5ryFdCNuKypBTxw11JPu57yLTp1l0Jjo4F38lEkSx1eWMvGZySdHSXhoyQl
xCN5Ub4SPYdaVu09DJmR+kc7t7ejgS4BQDG9e+JJnSyorrfVoHSqRkU7A1KzqYtI
FFFixZ1zK2r3Kal+bIe22jQHmFmZ60Nwpv6wK+8Eblo7zscUHTGcqX1+7HNJ4+kC
jQMoUhbZFCbazez6oLFHxd7iizqI9kidlp3clAMAZLE+u2SMr/A2xtF+LoM/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:21 2024 by rpki-client on console-ams.rpki-client.org