Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OQ-UXa5iaAcRO5VnFh0jnHXQebU.roa
File: OQ-UXa5iaAcRO5VnFh0jnHXQebU.roa (raw, json)
Hash identifier: XObldyFFUgztQULs+nsXSUBpNyAF9rTUSc1JvIseqR0=
Subject key identifier: 39:0F:94:5D:AE:62:68:07:11:3B:95:67:16:1D:23:9C:75:D0:79:B5
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 01856D8AB0CEFF26C4E8E0FD5A71BE22C268
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OQ-UXa5iaAcRO5VnFh0jnHXQebU.roa
Signing time: Sun 01 Jan 2023 13:34:43 +0000
ROA not before: Sun 01 Jan 2023 13:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2687
IP address blocks: 87.237.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:b0:ce:ff:26:c4:e8:e0:fd:5a:71:be:22:c2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 13:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=390f945dae626807113b9567161d239c75d079b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:97:82:d9:f3:e7:b1:6f:e9:b3:fc:73:63:c5:
ab:9c:d8:97:9b:17:45:bf:d9:13:40:41:2c:6c:f4:
3d:b9:b6:cb:b4:bf:1f:57:12:b8:ad:c6:89:8d:2f:
08:76:00:ef:e8:13:26:80:94:97:e0:ab:23:d1:f8:
02:18:19:38:97:09:a4:72:51:e7:dc:04:99:6c:b3:
52:f5:94:4d:1f:56:fd:2d:50:af:79:2e:51:4e:99:
06:f3:e7:77:f8:64:cf:0d:c4:b9:3b:34:e5:74:a7:
6a:7c:9f:9f:36:9c:a5:55:aa:4d:88:dd:2d:bf:40:
20:03:00:8d:4a:40:27:03:9a:71:be:08:f4:3a:37:
f4:a1:ed:7f:7e:b3:bf:0a:25:e2:97:f3:13:6b:31:
d0:64:e9:71:26:c2:a4:06:8c:51:12:ed:05:24:95:
34:03:d9:b2:fd:bb:c6:1d:c4:12:c7:de:13:cf:ae:
69:e1:b9:42:8b:03:24:e6:98:6e:c0:0b:76:7d:64:
65:e2:f5:21:91:7e:d8:f7:e5:cb:08:a0:2f:32:8f:
0e:3f:94:57:f2:96:be:97:6b:ee:e9:2d:14:4d:3a:
67:e0:49:05:d5:52:4b:ce:0f:9b:f9:d9:57:11:c2:
ef:7e:ef:75:dd:df:cf:22:be:b7:95:cd:a5:be:c4:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0F:94:5D:AE:62:68:07:11:3B:95:67:16:1D:23:9C:75:D0:79:B5
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/OQ-UXa5iaAcRO5VnFh0jnHXQebU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
75:96:95:a4:9f:54:ae:1e:ee:1f:a7:d2:dd:46:9b:de:ec:48:
dd:fd:4d:d7:40:b9:fb:b8:71:79:ca:54:34:1d:11:86:91:e6:
bf:a6:72:af:e2:62:bb:60:c6:58:8a:57:17:3e:59:d7:bc:f2:
c3:61:b4:c3:bc:c9:e4:ed:10:55:aa:a6:2f:e7:d5:4f:62:b3:
ee:86:7b:05:c7:a1:38:f3:91:84:7c:d1:08:69:0e:5d:74:84:
75:ef:09:18:a9:11:49:0f:d7:e2:34:37:f8:8a:c1:c1:7f:f9:
a4:10:0f:2b:c7:2c:c1:fc:09:25:9c:32:b8:aa:f2:81:fd:5a:
4f:81:d0:48:31:0b:e7:40:2a:57:cd:5d:26:c5:6a:ab:0d:d3:
6b:e5:4a:64:74:6b:b2:ae:32:bd:4c:11:e4:34:1d:0f:05:fc:
4b:17:3c:56:aa:96:c0:0c:1b:25:03:ca:f2:6b:28:7b:64:42:
df:b3:ae:3d:ca:0c:a8:ea:b2:3b:ba:b8:83:57:d2:73:cd:06:
51:ba:60:0b:84:71:4f:ed:4e:d9:d5:60:f7:2b:b4:d9:b0:84:
15:e9:3e:19:e3:cb:e9:06:a8:5a:24:4b:f1:46:10:3e:4f:42:
df:06:54:af:15:f0:79:37:78:ca:81:61:d2:a4:24:0a:13:78:
94:89:fa:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtirDO/ybE6OD9WnG+IsJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjMwMTAxMTMzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBmOTQ1ZGFlNjI2ODA3MTEzYjk1NjcxNjFkMjM5Yzc1ZDA3OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJeC2fPnsW/ps/xzY8WrnNiXmxdF
v9kTQEEsbPQ9ubbLtL8fVxK4rcaJjS8IdgDv6BMmgJSX4Ksj0fgCGBk4lwmkclHn
3ASZbLNS9ZRNH1b9LVCveS5RTpkG8+d3+GTPDcS5OzTldKdqfJ+fNpylVapNiN0t
v0AgAwCNSkAnA5pxvgj0Ojf0oe1/frO/CiXil/MTazHQZOlxJsKkBoxREu0FJJU0
A9my/bvGHcQSx94Tz65p4blCiwMk5phuwAt2fWRl4vUhkX7Y9+XLCKAvMo8OP5RX
8pa+l2vu6S0UTTpn4EkF1VJLzg+b+dlXEcLvfu913d/PIr63lc2lvsRQiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkPlF2uYmgHETuVZxYdI5x10Hm1MB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvT1EtVVhhNWlhQWNSTzVWbkZoMGpuSFhRZWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+3cMA0G
CSqGSIb3DQEBCwUAA4IBAQB1lpWkn1SuHu4fp9LdRpve7Ejd/U3XQLn7uHF5ylQ0
HRGGkea/pnKv4mK7YMZYilcXPlnXvPLDYbTDvMnk7RBVqqYv59VPYrPuhnsFx6E4
85GEfNEIaQ5ddIR17wkYqRFJD9fiNDf4isHBf/mkEA8rxyzB/AklnDK4qvKB/VpP
gdBIMQvnQCpXzV0mxWqrDdNr5UpkdGuyrjK9TBHkNB0PBfxLFzxWqpbADBslA8ry
ayh7ZELfs649ygyo6rI7uriDV9JzzQZRumALhHFP7U7Z1WD3K7TZsIQV6T4Z48vp
BqhaJEvxRhA+T0LfBlSvFfB5N3jKgWHSpCQKE3iUifoz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:45 2024 by rpki-client on console-ams.rpki-client.org