Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/OirJWJ3fiOPkC370FyxH4aCzbMs.roa
File: OirJWJ3fiOPkC370FyxH4aCzbMs.roa (raw, json)
Hash identifier: +dTbqeDgeCO3n7MKLdclDwQIsPEtDpN/eFezg/iKloM=
Subject key identifier: 3A:2A:C9:58:9D:DF:88:E3:E4:0B:7E:F4:17:2C:47:E1:A0:B3:6C:CB
Certificate issuer: /CN=d4d86e7d073a9e4d69ec715c3623176805894d5a
Certificate serial: 01856F9DAEE764CF421E4262EBB48EF4FCFB
Authority key identifier: D4:D8:6E:7D:07:3A:9E:4D:69:EC:71:5C:36:23:17:68:05:89:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NhufQc6nk1p7HFcNiMXaAWJTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/OirJWJ3fiOPkC370FyxH4aCzbMs.roa
Signing time: Sun 01 Jan 2023 23:14:42 +0000
ROA not before: Sun 01 Jan 2023 23:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62350
IP address blocks: 91.240.236.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ae:e7:64:cf:42:1e:42:62:eb:b4:8e:f4:fc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d86e7d073a9e4d69ec715c3623176805894d5a
Validity
Not Before: Jan 1 23:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2ac9589ddf88e3e40b7ef4172c47e1a0b36ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d9:76:5e:ba:23:ee:14:2e:85:32:cb:5b:8f:
52:6c:eb:31:f3:f1:d5:82:b6:7d:f3:43:b8:c0:97:
68:59:01:b2:c8:87:08:32:0e:9f:e8:ea:b7:06:a2:
a5:9f:6e:53:e4:42:f3:ca:e2:e9:55:34:28:b6:63:
13:04:eb:e8:2e:16:4d:53:ec:9f:9c:49:31:eb:95:
01:f3:3d:4c:60:4c:92:38:b3:61:ec:86:6e:33:20:
69:93:f4:01:74:ac:3d:0c:76:94:17:f3:ac:19:f6:
e9:4e:05:71:16:26:ee:81:9a:16:08:60:94:d0:ef:
c0:3f:b9:e6:f5:d3:c8:9a:11:57:02:26:2e:7a:2e:
c0:a8:d1:35:83:4b:78:fb:35:9f:21:53:0e:e1:2b:
9a:f3:5a:1e:ce:14:50:b7:2d:a3:25:34:09:3b:5b:
ce:81:4b:8b:54:9c:7f:3c:ce:ce:0a:14:b5:ee:b2:
f2:af:6d:96:38:56:a9:07:c4:c0:73:d8:09:8c:91:
e2:37:cf:f5:99:d0:fb:3a:35:b1:10:91:6d:99:71:
51:60:2f:25:51:ef:70:06:97:c5:0a:c7:85:14:30:
75:91:bd:13:de:96:ff:3f:ed:8d:82:48:1c:57:88:
83:dc:4b:50:d1:58:9e:69:7c:4f:3f:f1:bc:7c:a2:
b1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2A:C9:58:9D:DF:88:E3:E4:0B:7E:F4:17:2C:47:E1:A0:B3:6C:CB
X509v3 Authority Key Identifier:
keyid:D4:D8:6E:7D:07:3A:9E:4D:69:EC:71:5C:36:23:17:68:05:89:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NhufQc6nk1p7HFcNiMXaAWJTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/OirJWJ3fiOPkC370FyxH4aCzbMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/1NhufQc6nk1p7HFcNiMXaAWJTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.236.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:30:6b:54:98:44:06:f3:9a:b2:fa:77:85:a9:7c:89:39:ac:
5a:a9:94:21:d0:07:56:a1:30:0c:de:58:46:13:f4:72:c2:68:
75:8e:57:3d:ad:d4:45:ff:c3:85:b6:6a:17:eb:30:1e:1f:2b:
da:89:f6:d8:15:97:dc:bf:fd:d5:6e:86:71:35:9e:ae:86:0a:
b3:8e:4c:62:f7:c0:01:30:0c:9d:38:03:73:4d:d5:2c:f9:c1:
bd:c8:3e:7c:72:f3:2b:e7:0c:a5:be:62:af:69:b9:f4:0c:53:
40:1d:3e:b2:45:4e:da:7c:68:ad:db:17:bd:e7:fa:5c:53:69:
3b:8a:63:97:1d:04:97:a6:ca:cf:ef:58:8d:21:eb:76:11:f4:
cd:55:3d:dc:18:15:c3:cb:a9:44:4d:c3:d0:21:bb:8b:4f:76:
65:e8:69:57:83:3f:d8:a4:7f:c5:a1:eb:58:32:31:27:f2:70:
07:dd:d6:12:dc:e7:df:39:53:9a:72:d8:09:1f:b0:67:fa:8f:
bc:5e:83:26:d6:a1:bd:3e:21:73:51:dd:28:bf:c8:8c:88:2b:
65:c8:b2:28:54:4e:cf:f0:4b:3c:72:0a:08:7e:25:96:44:f4:
bd:11:ed:24:38:33:77:da:a4:81:28:33:2b:ea:ab:99:f6:ba:
43:2f:79:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvna7nZM9CHkJi67SO9Pz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDg2ZTdkMDczYTllNGQ2OWVjNzE1YzM2MjMxNzY4MDU4
OTRkNWEwHhcNMjMwMTAxMjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJhYzk1ODlkZGY4OGUzZTQwYjdlZjQxNzJjNDdlMWEwYjM2Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdl2Xroj7hQuhTLLW49SbOsx8/HV
grZ980O4wJdoWQGyyIcIMg6f6Oq3BqKln25T5ELzyuLpVTQotmMTBOvoLhZNU+yf
nEkx65UB8z1MYEySOLNh7IZuMyBpk/QBdKw9DHaUF/OsGfbpTgVxFibugZoWCGCU
0O/AP7nm9dPImhFXAiYuei7AqNE1g0t4+zWfIVMO4Sua81oezhRQty2jJTQJO1vO
gUuLVJx/PM7OChS17rLyr22WOFapB8TAc9gJjJHiN8/1mdD7OjWxEJFtmXFRYC8l
Ue9wBpfFCseFFDB1kb0T3pb/P+2NgkgcV4iD3EtQ0VieaXxPP/G8fKKxTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoqyVid34jj5At+9BcsR+Ggs2zLMB8GA1UdIwQY
MBaAFNTYbn0HOp5NaexxXDYjF2gFiU1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5odWZRYzZuazFwN0hGY05pTVhhQVdKVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84MmQ2NWEtNDVlMi00ZWZiLWIyM2Mt
OTU1YWQ3OGJjYjA3LzEvT2lySldKM2ZpT1BrQzM3MEZ5eEg0YUN6Yk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84MmQ2NWEtNDVlMi00ZWZiLWIyM2MtOTU1YWQ3OGJjYjA3
LzEvMU5odWZRYzZuazFwN0hGY05pTVhhQVdKVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/DsMA0G
CSqGSIb3DQEBCwUAA4IBAQBeMGtUmEQG85qy+neFqXyJOaxaqZQh0AdWoTAM3lhG
E/Rywmh1jlc9rdRF/8OFtmoX6zAeHyvaifbYFZfcv/3VboZxNZ6uhgqzjkxi98AB
MAydOANzTdUs+cG9yD58cvMr5wylvmKvabn0DFNAHT6yRU7afGit2xe95/pcU2k7
imOXHQSXpsrP71iNIet2EfTNVT3cGBXDy6lETcPQIbuLT3Zl6GlXgz/YpH/FoetY
MjEn8nAH3dYS3OffOVOactgJH7Bn+o+8XoMm1qG9PiFzUd0ov8iMiCtlyLIoVE7P
8Es8cgoIfiWWRPS9Ee0kODN32qSBKDMr6quZ9rpDL3kb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:09 2024 by rpki-client on console-fra.rpki-client.org