Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/OmGQ5dZV8uxaxW6kDTqBwSupG6k.roa
File: OmGQ5dZV8uxaxW6kDTqBwSupG6k.roa (raw, json)
Hash identifier: GGCX7i9NTssb3fzXpeNm7q3BzqeBGhBQ2IJkOOLme+w=
Subject key identifier: 3A:61:90:E5:D6:55:F2:EC:5A:C5:6E:A4:0D:3A:81:C1:2B:A9:1B:A9
Certificate issuer: /CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Certificate serial: 01856E78EA9F964B8746051365F744614E8E
Authority key identifier: CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/OmGQ5dZV8uxaxW6kDTqBwSupG6k.roa
Signing time: Sun 01 Jan 2023 17:54:56 +0000
ROA not before: Sun 01 Jan 2023 17:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 85.159.114.0/24 maxlen: 24
2a0f:efc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ea:9f:96:4b:87:46:05:13:65:f7:44:61:4e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Validity
Not Before: Jan 1 17:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6190e5d655f2ec5ac56ea40d3a81c12ba91ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d5:33:20:fc:8d:2d:35:31:f8:e6:82:30:89:
bb:bb:25:d1:12:84:18:b3:d9:d7:f5:f1:34:29:fd:
36:57:d8:23:14:03:ae:df:2a:82:ce:8a:67:3a:05:
a8:9b:e7:95:47:d1:92:d6:81:6a:50:e1:ce:d4:85:
2d:82:09:ba:c3:04:23:b1:ba:e9:ce:c1:84:ac:ef:
47:82:5e:08:7c:04:41:78:18:a4:b9:e4:72:09:9c:
d7:13:b0:b8:9b:9c:49:a5:7e:c5:d5:5b:54:76:b4:
42:c3:a3:43:ee:28:1a:90:b4:6a:de:23:e9:fe:bc:
20:d9:d1:d8:25:e6:09:4c:34:ef:6a:7f:32:ad:57:
5a:ef:82:78:f1:cf:a8:1f:05:45:8e:e3:47:d3:70:
4c:62:6c:1b:a4:40:09:51:b1:8c:20:6c:63:b5:e2:
01:41:84:00:7b:61:25:4a:85:04:d8:89:ff:b8:cb:
62:5d:93:0f:e6:a8:70:d0:37:15:95:ef:78:2e:64:
3b:f9:ed:22:55:07:2f:8f:e9:ed:42:59:02:fd:e3:
1e:28:9d:46:10:6c:47:07:48:09:9a:ea:4c:02:da:
44:fb:1b:e0:77:08:a2:ae:f0:bc:e6:9b:37:2d:88:
bc:40:15:ea:4a:73:31:5c:48:71:4a:f2:28:6c:13:
58:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:61:90:E5:D6:55:F2:EC:5A:C5:6E:A4:0D:3A:81:C1:2B:A9:1B:A9
X509v3 Authority Key Identifier:
keyid:CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/OmGQ5dZV8uxaxW6kDTqBwSupG6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.114.0/24
IPv6:
2a0f:efc0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:35:56:3a:03:2a:81:f7:fa:4f:7d:a9:02:72:d7:19:13:fc:
70:37:f1:2f:2b:45:3b:a3:b4:22:58:be:82:52:16:a7:13:20:
3a:ba:a2:41:ac:0f:e3:35:9b:34:7a:d7:3e:42:43:1f:60:3e:
da:e2:8c:8a:7e:a0:99:cc:ec:a1:b7:80:b7:92:13:97:f0:4b:
47:b5:62:38:75:f7:4b:98:2f:d5:6a:63:d4:df:99:f4:9e:aa:
65:98:0b:48:6c:2c:8e:7d:ac:8d:74:3a:04:f3:f6:8e:eb:2b:
90:75:d6:9c:6b:53:ad:78:52:0d:78:2b:13:3d:c6:38:dd:0f:
a4:93:02:17:9c:f9:37:83:74:cc:f1:96:2e:f1:88:de:da:18:
70:91:e4:42:7a:cb:c1:b1:06:5a:eb:37:ac:e8:57:50:e0:a5:
8e:d0:2c:75:11:40:d8:43:2f:42:64:b7:bc:44:16:e6:6c:fd:
60:d6:0f:4f:3c:84:49:86:16:57:77:6b:fa:a4:c6:a6:e4:8b:
03:5a:8e:f4:9e:20:ef:c7:bb:78:b0:de:57:59:18:07:9b:fb:
7b:0e:39:a9:1c:37:fd:93:3e:a3:43:11:e2:fe:cc:54:71:6b:
13:b3:90:3d:9e:4c:cd:a8:9f:15:d7:9f:a2:96:be:7f:a2:74:
e8:d0:32:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVueOqflkuHRgUTZfdEYU6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzQ4Y2QwMGNkN2ZlNmEyMTc1NWFmNjQyZDg4MWI4ZGQ5
YTM5ZjcwHhcNMjMwMTAxMTc1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYxOTBlNWQ2NTVmMmVjNWFjNTZlYTQwZDNhODFjMTJiYTkxYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9UzIPyNLTUx+OaCMIm7uyXREoQY
s9nX9fE0Kf02V9gjFAOu3yqCzopnOgWom+eVR9GS1oFqUOHO1IUtggm6wwQjsbrp
zsGErO9Hgl4IfARBeBikueRyCZzXE7C4m5xJpX7F1VtUdrRCw6ND7igakLRq3iPp
/rwg2dHYJeYJTDTvan8yrVda74J48c+oHwVFjuNH03BMYmwbpEAJUbGMIGxjteIB
QYQAe2ElSoUE2In/uMtiXZMP5qhw0DcVle94LmQ7+e0iVQcvj+ntQlkC/eMeKJ1G
EGxHB0gJmupMAtpE+xvgdwiirvC85ps3LYi8QBXqSnMxXEhxSvIobBNY/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDphkOXWVfLsWsVupA06gcErqRupMB8GA1UdIwQY
MBaAFMp0jNAM1/5qIXVa9kLYgbjdmjn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgt
MmEzZGY5YjMzMzEzLzEvT21HUTVkWlY4dXhheFc2a0RUcUJ3U3VwRzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgtMmEzZGY5YjMzMzEz
LzEveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVZ9yMA0E
AgACMAcDBQAqD+/AMA0GCSqGSIb3DQEBCwUAA4IBAQBONVY6AyqB9/pPfakCctcZ
E/xwN/EvK0U7o7QiWL6CUhanEyA6uqJBrA/jNZs0etc+QkMfYD7a4oyKfqCZzOyh
t4C3khOX8EtHtWI4dfdLmC/VamPU35n0nqplmAtIbCyOfayNdDoE8/aO6yuQddac
a1OteFINeCsTPcY43Q+kkwIXnPk3g3TM8ZYu8Yje2hhwkeRCesvBsQZa6zes6FdQ
4KWO0Cx1EUDYQy9CZLe8RBbmbP1g1g9PPIRJhhZXd2v6pMam5IsDWo70niDvx7t4
sN5XWRgHm/t7DjmpHDf9kz6jQxHi/sxUcWsTs5A9nkzNqJ8V15+ilr5/onTo0DIe
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:52 2024 by rpki-client on console-ams.rpki-client.org