Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/O9T-EV1UdXXyWeBrwOHwp6O0kmY.roa
File: O9T-EV1UdXXyWeBrwOHwp6O0kmY.roa (raw, json)
Hash identifier: qkbkNlz6HZioGyjfqWhyuf2sgef5V4yaOngXHHpEctY=
Subject key identifier: 3B:D4:FE:11:5D:54:75:75:F2:59:E0:6B:C0:E1:F0:A7:A3:B4:92:66
Certificate issuer: /CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Certificate serial: 018C68BDEC4D449B81321C5223D34BD9A83F
Authority key identifier: 3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/O9T-EV1UdXXyWeBrwOHwp6O0kmY.roa
Signing time: Thu 14 Dec 2023 14:32:06 +0000
ROA not before: Thu 14 Dec 2023 14:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51264
IP address blocks: 91.228.218.0/24 maxlen: 24
194.0.206.0/24 maxlen: 24
194.143.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:bd:ec:4d:44:9b:81:32:1c:52:23:d3:4b:d9:a8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e43277b7ca79d0e9e07fc4a4b318041df415cb3
Validity
Not Before: Dec 14 14:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bd4fe115d547575f259e06bc0e1f0a7a3b49266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:3c:9e:2e:ce:75:1e:82:87:74:55:d9:57:
65:69:7e:bc:15:6a:a8:e2:0c:79:38:7f:f9:66:eb:
f4:10:8c:e1:24:fa:85:be:29:4f:90:11:41:a7:68:
c0:94:38:8b:52:33:e1:a1:f9:c9:a2:74:a0:a1:de:
8e:c6:fb:6a:21:54:f0:11:c6:3d:3e:26:a8:af:ad:
ab:98:87:49:b6:64:e3:ed:7f:19:97:74:1b:56:dd:
d4:ad:91:fb:84:3f:a5:b9:95:bd:ea:dd:b9:fa:fb:
39:e0:2f:e9:86:c5:97:6f:0d:f1:fa:92:a4:1a:26:
72:3e:9b:67:a0:55:23:be:97:4e:92:30:8c:d7:6d:
35:46:0f:a5:9c:21:0f:f4:fc:b1:53:4e:b3:6a:b1:
d8:e2:b4:cb:54:a9:4c:8a:57:2a:bc:10:06:3b:e6:
12:68:8f:15:5c:5c:82:a9:12:93:3e:91:70:c5:c3:
cc:69:d5:c5:7c:ce:46:ef:b7:42:ae:6a:94:c2:9f:
0b:b0:55:a2:67:af:bb:ce:2c:aa:6c:ec:27:13:30:
b3:fc:cb:7e:95:e5:b9:1d:7b:15:22:41:5e:3a:43:
e4:2d:57:c8:e1:98:45:2b:65:dd:68:b0:25:e6:c2:
26:f2:4d:c7:65:a2:41:52:a1:67:f1:89:14:a3:b7:
90:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D4:FE:11:5D:54:75:75:F2:59:E0:6B:C0:E1:F0:A7:A3:B4:92:66
X509v3 Authority Key Identifier:
keyid:3E:43:27:7B:7C:A7:9D:0E:9E:07:FC:4A:4B:31:80:41:DF:41:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkMne3ynnQ6eB_xKSzGAQd9BXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/O9T-EV1UdXXyWeBrwOHwp6O0kmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/221945-a74e-4775-aea5-3cf2a4622fbc/1/PkMne3ynnQ6eB_xKSzGAQd9BXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.218.0/24
194.0.206.0/24
194.143.146.0/24
Signature Algorithm: sha256WithRSAEncryption
16:8d:d0:4d:6a:4e:63:f6:56:fd:14:03:0c:f6:c2:6b:ea:13:
6b:a7:f6:22:33:44:8c:c9:38:22:78:5f:f2:20:82:6c:53:b3:
4f:60:c1:f7:2d:4e:74:1c:b5:d8:88:20:f7:c5:16:75:ad:9f:
dd:38:fd:60:d8:fc:1f:b7:1d:75:80:bd:2c:fa:86:57:18:8b:
d9:b8:e3:d1:c6:59:91:79:1a:cd:24:66:b5:47:e6:30:aa:a7:
46:80:99:3c:e4:3c:ed:59:32:5b:46:e1:b3:e3:5b:51:b5:35:
bd:ba:37:a4:2a:49:5d:4f:71:11:30:a0:bc:d7:c7:92:64:5f:
d4:3f:af:94:6e:a6:57:1d:d7:c6:b2:be:d9:11:6e:6f:00:e2:
30:8c:31:d9:99:0d:14:33:0c:08:9a:a6:3d:ea:aa:f2:1c:a3:
41:9e:3c:68:a6:62:02:00:1f:63:9b:6c:87:d0:1e:74:d2:f9:
0e:d3:a0:d2:f1:00:0f:fb:a9:ad:ea:86:8b:38:9a:52:3b:fa:
3f:ea:2e:16:5d:51:3f:b1:44:c6:7f:c8:3f:3c:3e:9a:3a:ea:
8b:c7:63:34:3c:e1:27:fc:a9:2e:77:10:75:6b:c5:09:a7:94:
42:8d:ac:6a:47:4b:a7:23:a3:55:0a:02:fd:6e:80:47:35:d5:
9e:46:69:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxovexNRJuBMhxSI9NL2ag/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDMyNzdiN2NhNzlkMGU5ZTA3ZmM0YTRiMzE4MDQxZGY0
MTVjYjMwHhcNMjMxMjE0MTQzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ0ZmUxMTVkNTQ3NTc1ZjI1OWUwNmJjMGUxZjBhN2EzYjQ5MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVY8ni7OdR6Ch3RV2VdlaX68FWqo
4gx5OH/5Zuv0EIzhJPqFvilPkBFBp2jAlDiLUjPhofnJonSgod6OxvtqIVTwEcY9
Piaor62rmIdJtmTj7X8Zl3QbVt3UrZH7hD+luZW96t25+vs54C/phsWXbw3x+pKk
GiZyPptnoFUjvpdOkjCM1201Rg+lnCEP9PyxU06zarHY4rTLVKlMilcqvBAGO+YS
aI8VXFyCqRKTPpFwxcPMadXFfM5G77dCrmqUwp8LsFWiZ6+7ziyqbOwnEzCz/Mt+
leW5HXsVIkFeOkPkLVfI4ZhFK2XdaLAl5sIm8k3HZaJBUqFn8YkUo7eQcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDvU/hFdVHV18lnga8Dh8KejtJJmMB8GA1UdIwQY
MBaAFD5DJ3t8p50Ongf8SksxgEHfQVyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUt
M2NmMmE0NjIyZmJjLzEvTzlULUVWMVVkWFh5V2VCcndPSHdwNk8wa21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMjE5NDUtYTc0ZS00Nzc1LWFlYTUtM2NmMmE0NjIyZmJj
LzEvUGtNbmUzeW5uUTZlQl94S1N6R0FRZDlCWExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+TaAwQA
wgDOAwQAwo+SMA0GCSqGSIb3DQEBCwUAA4IBAQAWjdBNak5j9lb9FAMM9sJr6hNr
p/YiM0SMyTgieF/yIIJsU7NPYMH3LU50HLXYiCD3xRZ1rZ/dOP1g2Pwftx11gL0s
+oZXGIvZuOPRxlmReRrNJGa1R+YwqqdGgJk85DztWTJbRuGz41tRtTW9ujekKkld
T3ERMKC818eSZF/UP6+UbqZXHdfGsr7ZEW5vAOIwjDHZmQ0UMwwImqY96qryHKNB
njxopmICAB9jm2yH0B500vkO06DS8QAP+6mt6oaLOJpSO/o/6i4WXVE/sUTGf8g/
PD6aOuqLx2M0POEn/KkudxB1a8UJp5RCjaxqR0unI6NVCgL9boBHNdWeRmnv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:43 2024 by rpki-client on console-fra.rpki-client.org