Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/OnuXCx8mgJm4S5lm-ebDIhGi87A.roa
File: OnuXCx8mgJm4S5lm-ebDIhGi87A.roa (raw, json)
Hash identifier: QS1Xf9KThx3EOIKbWE9r/BsWcPgb3U8HpfTkSnxUyfI=
Subject key identifier: 3A:7B:97:0B:1F:26:80:99:B8:4B:99:66:F9:E6:C3:22:11:A2:F3:B0
Certificate issuer: /CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Certificate serial: 01895368E90108FAAC8A664C5FEA8CAE2E96
Authority key identifier: B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/OnuXCx8mgJm4S5lm-ebDIhGi87A.roa
Signing time: Fri 14 Jul 2023 07:58:51 +0000
ROA not before: Fri 14 Jul 2023 07:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212865
IP address blocks: 62.65.144.0/21 maxlen: 21
62.65.141.0/24 maxlen: 24
62.65.142.0/24 maxlen: 24
62.65.143.0/24 maxlen: 24
62.65.153.0/24 maxlen: 24
62.65.156.0/23 maxlen: 23
62.65.154.0/23 maxlen: 23
62.65.158.0/24 maxlen: 24
94.78.2.0/24 maxlen: 24
94.78.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:68:e9:01:08:fa:ac:8a:66:4c:5f:ea:8c:ae:2e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Validity
Not Before: Jul 14 07:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a7b970b1f268099b84b9966f9e6c32211a2f3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ba:45:aa:c3:b5:ef:df:f4:da:cc:c0:15:3d:
d5:16:af:d0:4e:9a:ca:2b:8f:15:24:4f:bc:63:2d:
3e:bb:3e:7b:7b:bf:e6:73:af:72:2b:15:2a:e1:02:
87:1c:12:f4:d9:80:dc:bf:a6:a9:3b:24:e0:b7:a5:
d0:bc:82:4a:38:20:a2:d9:4c:11:d3:af:9b:a7:4d:
e9:30:a4:dd:71:97:8a:89:db:b7:70:86:2a:da:51:
c3:a4:27:62:d4:03:d5:3e:18:c1:ba:97:39:a0:17:
ea:76:65:ec:e0:65:c0:da:e4:03:f5:a0:98:ca:cc:
6f:5e:05:5d:a7:8b:cd:e7:21:5a:cb:49:ce:90:cd:
e9:6e:a6:38:98:0d:a6:c5:80:c7:f9:84:8b:96:7d:
bf:88:93:14:1e:14:15:93:8a:94:db:09:97:55:ce:
e2:25:a6:fe:9e:1b:ab:82:97:a1:b0:93:ce:22:21:
f6:41:39:3e:53:13:af:b2:a1:03:a5:ad:76:9d:64:
5f:54:4e:44:9f:eb:93:3d:fc:db:f9:c7:0a:21:88:
a2:3a:c2:74:36:0a:5e:e8:4a:3f:2b:f4:33:11:64:
84:9c:6f:d9:8f:c3:64:a2:f9:79:37:d8:3a:14:ab:
c1:e4:75:22:e3:fb:e2:8b:70:7d:30:62:90:2d:b7:
0c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7B:97:0B:1F:26:80:99:B8:4B:99:66:F9:E6:C3:22:11:A2:F3:B0
X509v3 Authority Key Identifier:
keyid:B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/OnuXCx8mgJm4S5lm-ebDIhGi87A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.141.0-62.65.151.255
62.65.153.0-62.65.158.255
94.78.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:23:ab:b8:9d:2b:de:93:18:7a:9a:82:d8:d5:f6:cc:dc:7b:
e2:2a:f0:d0:f5:e5:12:22:f1:a3:eb:42:f4:ad:7a:30:e5:d2:
a4:bf:c6:49:a4:2d:82:24:21:d8:92:43:74:a6:66:f1:e6:c3:
36:5b:b0:03:1b:46:34:dd:51:2c:9e:6a:28:02:09:45:a1:27:
cf:23:34:a0:31:cd:bb:f0:ce:c3:07:d2:2b:61:12:90:fa:0f:
c1:4d:25:67:15:f1:ba:68:6b:29:16:09:67:05:7c:3d:52:6c:
a5:3e:1a:0e:e0:3b:fc:9a:97:42:8c:d7:12:5d:56:8b:7b:33:
40:94:10:52:4f:90:ea:0a:3b:bc:a8:7c:42:67:28:80:32:0d:
33:01:b7:82:a8:91:06:4c:0a:25:ab:3f:3a:03:39:3f:76:0f:
ae:48:14:1c:0c:7d:29:0b:b3:0a:67:94:94:81:47:97:46:df:
d9:bb:fe:34:1b:ba:d5:80:a6:34:c6:81:22:4c:c8:39:b1:f1:
43:22:21:2d:f1:50:a6:3b:51:d6:10:e7:df:90:8c:0d:01:1e:
07:cb:d7:1e:2c:3a:b9:02:81:ba:9f:67:19:d1:61:74:af:d0:
cc:75:64:f4:28:4c:58:eb:ca:a9:c7:68:2d:39:ba:88:2f:8d:
0b:b9:a8:fc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYlTaOkBCPqsimZMX+qMri6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjBkMzM0MzJlY2E3N2MwNTRlOGZhODcwNzI0OGRhNGU0
N2RiMGIwHhcNMjMwNzE0MDc1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdiOTcwYjFmMjY4MDk5Yjg0Yjk5NjZmOWU2YzMyMjExYTJmM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LpFqsO179/02szAFT3VFq/QTprK
K48VJE+8Yy0+uz57e7/mc69yKxUq4QKHHBL02YDcv6apOyTgt6XQvIJKOCCi2UwR
06+bp03pMKTdcZeKidu3cIYq2lHDpCdi1APVPhjBupc5oBfqdmXs4GXA2uQD9aCY
ysxvXgVdp4vN5yFay0nOkM3pbqY4mA2mxYDH+YSLln2/iJMUHhQVk4qU2wmXVc7i
Jab+nhurgpehsJPOIiH2QTk+UxOvsqEDpa12nWRfVE5En+uTPfzb+ccKIYiiOsJ0
Ngpe6Eo/K/QzEWSEnG/Zj8Nkovl5N9g6FKvB5HUi4/vii3B9MGKQLbcMTQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDp7lwsfJoCZuEuZZvnmwyIRovOwMB8GA1UdIwQY
MBaAFLmw0zQy7Kd8BU6PqHBySNpOR9sLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQt
ZDE5NmY5MjkxNzMyLzEvT251WEN4OG1nSm00UzVsbS1lYkRJaEdpODdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQtZDE5NmY5MjkxNzMy
LzEvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAA+QY0D
BAM+QZAwDAMEAD5BmQMEAD5BngMEAV5OAjANBgkqhkiG9w0BAQsFAAOCAQEAiiOr
uJ0r3pMYepqC2NX2zNx74irw0PXlEiLxo+tC9K16MOXSpL/GSaQtgiQh2JJDdKZm
8ebDNluwAxtGNN1RLJ5qKAIJRaEnzyM0oDHNu/DOwwfSK2ESkPoPwU0lZxXxumhr
KRYJZwV8PVJspT4aDuA7/JqXQozXEl1Wi3szQJQQUk+Q6go7vKh8QmcogDINMwG3
gqiRBkwKJas/OgM5P3YPrkgUHAx9KQuzCmeUlIFHl0bf2bv+NBu61YCmNMaBIkzI
ObHxQyIhLfFQpjtR1hDn35CMDQEeB8vXHiw6uQKBup9nGdFhdK/QzHVk9ChMWOvK
qcdoLTm6iC+NC7mo/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org