Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OmsIETHKGJPb2f-0DgY8E1jknQE.roa
File: OmsIETHKGJPb2f-0DgY8E1jknQE.roa (raw, json)
Hash identifier: X4MzQ7Eqepl2a8R5Xb9zBhqR4a+RoKj1I0uvL4CvX3o=
Subject key identifier: 3A:6B:08:11:31:CA:18:93:DB:D9:FF:B4:0E:06:3C:13:58:E4:9D:01
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0189DB138DAA5AE59ADCDE89721E23863FD3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OmsIETHKGJPb2f-0DgY8E1jknQE.roa
Signing time: Wed 09 Aug 2023 16:13:59 +0000
ROA not before: Wed 09 Aug 2023 16:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 85.133.208.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 08:12:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:13:8d:aa:5a:e5:9a:dc:de:89:72:1e:23:86:3f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Aug 9 16:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6b081131ca1893dbd9ffb40e063c1358e49d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:72:5c:dc:e8:94:b5:e2:18:01:72:7a:2f:fc:
66:06:c8:70:e5:66:12:e7:61:c9:6e:60:6b:b9:97:
8a:ea:45:4e:82:99:14:e9:9a:ce:0a:f0:d2:a9:ce:
9b:20:65:ab:6b:0d:19:80:17:b9:39:71:ef:4b:56:
c1:46:31:20:96:ed:fa:a6:25:e0:80:ea:c3:cf:cf:
1e:07:29:9b:eb:40:8a:d1:87:1e:79:ea:1e:68:00:
2d:0f:45:2e:ce:17:dd:e4:0a:85:e0:0c:50:91:fb:
5e:0d:63:93:ae:3e:02:70:de:b2:35:63:20:99:24:
b0:c0:66:bb:39:3a:30:80:72:77:52:a0:77:c5:35:
d8:fb:e9:f1:65:84:91:27:2a:bf:be:bc:89:2c:db:
1c:bb:85:2e:e1:66:90:e4:10:84:1f:1f:32:79:41:
8e:94:8f:a4:4b:e8:11:6a:2a:a8:21:0f:26:27:f4:
94:cc:27:66:fa:6f:62:c8:e7:f1:88:45:50:96:16:
aa:45:05:d5:aa:3a:4b:06:59:b1:1b:87:9b:be:36:
cb:dd:e3:97:d6:ac:0f:9c:85:ee:ab:c8:21:31:f1:
58:0a:9b:87:ba:4c:95:37:29:3f:8d:30:2f:67:87:
2c:ee:3a:dc:0d:df:13:f9:4c:e0:ad:42:0f:ed:b7:
42:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6B:08:11:31:CA:18:93:DB:D9:FF:B4:0E:06:3C:13:58:E4:9D:01
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OmsIETHKGJPb2f-0DgY8E1jknQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.208.0/24
85.133.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ec:b7:20:20:4e:3d:10:00:ef:2e:4d:33:e9:0c:ad:1e:e9:
e0:5e:af:0c:62:62:c5:19:d1:f7:4d:b1:35:81:bf:2d:50:f4:
df:ac:c8:e2:66:21:81:e8:f8:5c:77:eb:9b:54:d8:f7:7a:8b:
95:0c:3c:10:80:a5:fa:88:dd:85:39:ce:50:17:c7:ef:86:72:
1a:97:bf:a3:6c:8d:fd:6f:dc:97:1b:a6:51:da:56:ca:81:fc:
54:95:41:3c:12:8b:2d:0e:43:84:d0:07:a7:ad:8a:48:8d:0b:
ad:07:1f:26:60:88:ee:1f:1f:7d:7d:6c:a4:c3:95:fc:21:4c:
6a:45:8d:cb:d8:95:3e:5b:07:04:45:62:4b:2d:3f:24:c0:c0:
76:30:5d:e0:ac:ff:55:1c:66:f7:95:56:0d:f1:65:bc:7b:ed:
f7:b1:67:21:3b:06:29:17:0d:46:74:3f:15:12:5c:f0:14:47:
ea:f8:68:63:3c:f4:55:09:a3:57:f1:ed:64:20:89:ba:26:df:
e4:77:43:51:b8:59:91:af:db:87:6b:e6:c9:f2:55:bb:0a:aa:
af:f7:a8:4f:1c:72:61:b7:d6:2f:da:1a:ef:1b:81:84:e0:e0:
1d:4e:f1:88:dd:31:57:73:2f:22:fc:58:06:92:85:b9:e9:4b:
f4:1d:11:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnbE42qWuWa3N6Jch4jhj/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODA5MTYxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZiMDgxMTMxY2ExODkzZGJkOWZmYjQwZTA2M2MxMzU4ZTQ5ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnJc3OiUteIYAXJ6L/xmBshw5WYS
52HJbmBruZeK6kVOgpkU6ZrOCvDSqc6bIGWraw0ZgBe5OXHvS1bBRjEglu36piXg
gOrDz88eBymb60CK0YceeeoeaAAtD0Uuzhfd5AqF4AxQkfteDWOTrj4CcN6yNWMg
mSSwwGa7OTowgHJ3UqB3xTXY++nxZYSRJyq/vryJLNscu4Uu4WaQ5BCEHx8yeUGO
lI+kS+gRaiqoIQ8mJ/SUzCdm+m9iyOfxiEVQlhaqRQXVqjpLBlmxG4ebvjbL3eOX
1qwPnIXuq8ghMfFYCpuHukyVNyk/jTAvZ4cs7jrcDd8T+UzgrUIP7bdCAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDprCBExyhiT29n/tA4GPBNY5J0BMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvT21zSUVUSEtHSlBiMmYtMERnWThFMWprblFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYXQAwQA
VYXpMA0GCSqGSIb3DQEBCwUAA4IBAQBe7LcgIE49EADvLk0z6QytHungXq8MYmLF
GdH3TbE1gb8tUPTfrMjiZiGB6Phcd+ubVNj3eouVDDwQgKX6iN2FOc5QF8fvhnIa
l7+jbI39b9yXG6ZR2lbKgfxUlUE8EostDkOE0AenrYpIjQutBx8mYIjuHx99fWyk
w5X8IUxqRY3L2JU+WwcERWJLLT8kwMB2MF3grP9VHGb3lVYN8WW8e+33sWchOwYp
Fw1GdD8VElzwFEfq+GhjPPRVCaNX8e1kIIm6Jt/kd0NRuFmRr9uHa+bJ8lW7Cqqv
96hPHHJht9Yv2hrvG4GE4OAdTvGI3TFXcy8i/FgGkoW56Uv0HRGY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org