Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/OchP6Pi5A0XRRlPqkhZbeSH4fu8.roa
File: OchP6Pi5A0XRRlPqkhZbeSH4fu8.roa (raw, json)
Hash identifier: gjDbIQ2gALntTWHWDejCBkU3fCzwoV3cIH/hMWo3IbU=
Subject key identifier: 39:C8:4F:E8:F8:B9:03:45:D1:46:53:EA:92:16:5B:79:21:F8:7E:EF
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 0186DA36F0F78F12C186E7C0FE3CD7E1679C
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/OchP6Pi5A0XRRlPqkhZbeSH4fu8.roa
Signing time: Mon 13 Mar 2023 09:04:38 +0000
ROA not before: Mon 13 Mar 2023 09:04:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
2a04:2181:c012::/48 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 15 Mar 2023 11:42:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:36:f0:f7:8f:12:c1:86:e7:c0:fe:3c:d7:e1:67:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Mar 13 09:04:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39c84fe8f8b90345d14653ea92165b7921f87eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:04:e6:a7:14:d6:d8:e0:a4:3f:1f:c2:5e:
28:83:48:77:77:10:e5:f1:9d:23:7a:d2:9a:23:04:
f8:c4:ce:6d:7c:84:12:95:81:e1:cf:11:89:ca:3e:
68:d0:1c:25:a0:f4:aa:2d:9d:7d:24:38:4e:ea:a1:
d0:73:ea:f5:56:d9:f3:e3:cc:92:f2:9c:b1:69:da:
e8:cf:be:68:bf:f3:9e:a9:11:be:44:d6:90:21:cf:
bd:50:52:dd:ce:5d:94:99:7e:24:6e:0b:a9:cf:cf:
46:1b:40:e0:52:d1:76:4f:d6:bc:bd:05:14:b7:d3:
26:0a:7e:8f:67:02:f2:10:4e:4c:97:93:88:05:fd:
0d:61:33:35:c4:24:f1:03:5b:af:11:fa:3c:f4:1c:
55:96:19:da:df:35:42:b0:8d:20:d6:61:f2:70:f3:
d4:a6:99:95:b6:ab:bc:fe:73:4e:21:97:3f:e6:41:
bd:59:cf:ae:2e:62:41:c6:fc:a7:58:87:57:cc:13:
9c:ca:95:25:c3:f9:36:32:d2:da:97:11:e2:fd:59:
15:e6:bf:e4:60:32:58:60:32:53:51:8f:2f:bc:fd:
0b:13:bc:01:d0:d5:28:f1:81:a0:40:e5:03:ff:c6:
76:c4:f5:4e:42:0e:a3:aa:2d:b3:9e:ad:07:3d:07:
a9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C8:4F:E8:F8:B9:03:45:D1:46:53:EA:92:16:5B:79:21:F8:7E:EF
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/OchP6Pi5A0XRRlPqkhZbeSH4fu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:45:cc:60:14:e7:78:e3:ea:13:5d:ce:dd:34:85:32:b9:20:
61:d6:48:e9:41:a3:85:34:6c:f5:e4:be:03:94:37:46:22:41:
89:4d:75:83:fe:2d:86:d4:51:ed:9d:35:80:c9:a4:c5:dc:8e:
56:8a:87:87:d0:e6:09:15:f0:f6:44:c3:c5:89:31:e5:91:2a:
dd:95:cd:e6:00:84:06:36:43:3a:43:a5:0c:f5:2e:cc:e2:23:
7b:10:f2:85:b9:d6:02:c7:6f:62:7e:ef:82:90:57:eb:0c:0e:
8e:45:3d:2e:fe:49:70:ca:64:87:56:2c:b1:b2:90:de:47:ef:
c5:5a:6b:f1:73:48:c3:c4:97:d9:be:bf:d9:9e:94:65:12:8d:
52:69:fd:15:98:6b:cf:a8:08:f5:94:a8:97:01:7b:df:f1:1d:
2c:98:15:77:06:91:1b:58:60:2e:21:28:7d:ae:3c:4a:95:fa:
89:ae:09:de:e4:92:f7:51:32:b7:ee:26:b0:30:04:3a:9a:97:
18:75:62:7f:e0:02:78:d9:45:4d:1c:26:45:cd:2c:a9:77:f7:
96:4c:e7:84:ff:41:4a:e9:40:b6:55:38:42:91:d4:89:e2:62:
4a:b1:fe:87:40:ac:b9:e5:1e:ee:4f:8c:7f:fc:7e:8c:d8:85:
17:18:dd:7b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYbaNvD3jxLBhufA/jzX4WecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjMwMzEzMDkwNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM4NGZlOGY4YjkwMzQ1ZDE0NjUzZWE5MjE2NWI3OTIxZjg3ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWYE5qcU1tjgpD8fwl4og0h3dxDl
8Z0jetKaIwT4xM5tfIQSlYHhzxGJyj5o0BwloPSqLZ19JDhO6qHQc+r1Vtnz48yS
8pyxadroz75ov/OeqRG+RNaQIc+9UFLdzl2UmX4kbgupz89GG0DgUtF2T9a8vQUU
t9MmCn6PZwLyEE5Ml5OIBf0NYTM1xCTxA1uvEfo89BxVlhna3zVCsI0g1mHycPPU
ppmVtqu8/nNOIZc/5kG9Wc+uLmJBxvynWIdXzBOcypUlw/k2MtLalxHi/VkV5r/k
YDJYYDJTUY8vvP0LE7wB0NUo8YGgQOUD/8Z2xPVOQg6jqi2znq0HPQepXQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDnIT+j4uQNF0UZT6pIWW3kh+H7vMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvT2NoUDZQaTVBMFhSUmxQcWtoWmJlU0g0ZnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAW9ijAwQC
uRkwAwQCuUBoMCEEAgACMBsDBQAqBCGAMBIDBwQqBCGBwBADBwAqBCGBwBIwDQYJ
KoZIhvcNAQELBQADggEBAGxFzGAU53jj6hNdzt00hTK5IGHWSOlBo4U0bPXkvgOU
N0YiQYlNdYP+LYbUUe2dNYDJpMXcjlaKh4fQ5gkV8PZEw8WJMeWRKt2VzeYAhAY2
QzpDpQz1LsziI3sQ8oW51gLHb2J+74KQV+sMDo5FPS7+SXDKZIdWLLGykN5H78Va
a/FzSMPEl9m+v9melGUSjVJp/RWYa8+oCPWUqJcBe9/xHSyYFXcGkRtYYC4hKH2u
PEqV+omuCd7kkvdRMrfuJrAwBDqalxh1Yn/gAnjZRU0cJkXNLKl395ZM54T/QUrp
QLZVOEKR1IniYkqx/odArLnlHu5PjH/8fozYhRcY3Xs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:24 2024 by rpki-client on console-ams.rpki-client.org