Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/Ob6cnRCBAiF2fIxSaJXVqoYAojQ.roa
File: Ob6cnRCBAiF2fIxSaJXVqoYAojQ.roa (raw, json)
Hash identifier: iYs5fwrgw8QOU+oqLryH+wII57SyLNTHryMomHR4wqM=
Subject key identifier: 39:BE:9C:9D:10:81:02:21:76:7C:8C:52:68:95:D5:AA:86:00:A2:34
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0185700B98F5AF9F07602D2B4FFC20CEC03E
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/Ob6cnRCBAiF2fIxSaJXVqoYAojQ.roa
Signing time: Mon 02 Jan 2023 01:14:46 +0000
ROA not before: Mon 02 Jan 2023 01:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8315
IP address blocks: 185.194.84.0/23 maxlen: 24
91.230.170.0/23 maxlen: 24
91.230.176.0/22 maxlen: 24
91.230.178.0/24 maxlen: 24
194.213.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:98:f5:af:9f:07:60:2d:2b:4f:fc:20:ce:c0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Jan 2 01:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39be9c9d10810221767c8c526895d5aa8600a234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:33:33:4a:93:a3:db:b0:aa:ed:e7:aa:75:b8:
a0:d0:33:73:48:7b:2d:42:74:90:2c:f6:2e:38:f6:
9e:b7:7c:4a:5f:c4:21:87:f8:1a:e5:c1:75:c5:6c:
7b:f6:5d:30:77:59:61:32:d1:47:6b:06:fe:49:d3:
18:ad:49:48:cc:02:62:3a:c6:8d:e0:fc:78:45:c7:
32:72:11:39:5b:d4:a2:0e:b1:62:ef:04:dc:c1:ec:
4b:6e:de:d9:cd:88:db:aa:ec:52:08:bc:74:50:76:
a8:2d:b5:26:f9:c1:0b:be:5b:f9:93:2b:dc:c4:de:
0d:77:e5:b2:82:ed:1f:69:dd:ac:c5:97:96:84:8b:
dd:24:32:a3:1b:d9:74:94:26:d7:eb:b3:06:56:b1:
c5:80:50:95:44:30:07:15:3d:4e:c9:bb:4e:6e:9b:
49:19:fa:46:ae:a3:97:95:1e:33:55:fb:a1:a4:41:
ac:1b:80:6c:e4:50:d8:0b:64:cd:46:a6:ac:13:81:
79:ba:ed:b0:0b:37:dd:15:6e:2a:08:1c:27:02:77:
92:44:2e:5e:fb:75:bc:f6:24:57:17:79:0e:10:ee:
1f:75:e0:db:1f:54:1a:f8:4d:2d:3a:ca:cd:86:4d:
d9:19:1c:63:7a:c0:ca:9e:43:8b:ff:30:0e:2f:cf:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BE:9C:9D:10:81:02:21:76:7C:8C:52:68:95:D5:AA:86:00:A2:34
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/Ob6cnRCBAiF2fIxSaJXVqoYAojQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0/22
185.194.84.0/23
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:03:04:c5:bf:8f:ee:5f:d1:29:14:b8:72:af:9d:e5:54:7c:
18:39:b0:83:76:f5:ec:31:39:b1:fe:9d:8c:8b:bd:d1:40:a0:
fe:b4:76:bc:58:21:7f:aa:b8:7d:d1:a5:e5:ec:75:51:c3:fd:
98:e6:1d:6e:50:6e:ea:60:74:8f:0a:3f:3a:0d:c2:73:21:d5:
4d:45:84:9e:9c:06:0c:9f:78:92:49:ef:f9:0b:14:3a:70:65:
25:39:f2:e8:92:e1:e5:15:e2:64:b3:8a:f2:5d:99:98:fd:0d:
b2:20:93:77:65:a3:cc:3f:ad:60:0b:fe:8d:fe:d9:51:59:50:
b9:be:ba:df:49:4c:33:65:93:9c:cf:c3:3a:cb:57:36:23:43:
d9:b0:82:39:58:7c:c3:22:9b:06:94:26:4c:f9:a2:4e:44:51:
dc:2b:8a:ca:09:82:13:89:45:d0:41:86:d5:b7:0b:87:49:f5:
ce:9b:91:fb:87:84:44:ca:b5:6f:f5:8e:55:8f:be:b2:65:ff:
13:f6:99:de:86:d1:db:a8:7a:e0:56:be:c1:d9:25:44:0b:98:
09:af:94:3e:c4:e0:e1:9f:4e:49:08:3a:2a:65:58:09:cf:88:
3a:9b:2d:07:0d:56:99:ea:8e:9b:57:ca:7d:63:c9:cf:b0:89:
5d:a6:1a:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwC5j1r58HYC0rT/wgzsA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTJjMmVjZjU4YzQ0YjM1YTBkYTI5NTdmZjRkY2EyZTYw
YjY4NmEwHhcNMjMwMTAyMDExNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJlOWM5ZDEwODEwMjIxNzY3YzhjNTI2ODk1ZDVhYTg2MDBhMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjMzSpOj27Cq7eeqdbig0DNzSHst
QnSQLPYuOPaet3xKX8Qhh/ga5cF1xWx79l0wd1lhMtFHawb+SdMYrUlIzAJiOsaN
4Px4RccychE5W9SiDrFi7wTcwexLbt7ZzYjbquxSCLx0UHaoLbUm+cELvlv5kyvc
xN4Nd+Wygu0fad2sxZeWhIvdJDKjG9l0lCbX67MGVrHFgFCVRDAHFT1OybtObptJ
GfpGrqOXlR4zVfuhpEGsG4Bs5FDYC2TNRqasE4F5uu2wCzfdFW4qCBwnAneSRC5e
+3W89iRXF3kOEO4fdeDbH1Qa+E0tOsrNhk3ZGRxjesDKnkOL/zAOL890xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDm+nJ0QgQIhdnyMUmiV1aqGAKI0MB8GA1UdIwQY
MBaAFJmiwuz1jESzWg2ilX/03KLmC2hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAt
ZTVkNTA3YTgyNmJmLzEvT2I2Y25SQ0JBaUYyZkl4U2FKWFZxb1lBb2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAtZTVkNTA3YTgyNmJm
LzEvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+aqAwQC
W+awAwQBucJUAwQBwtVyMA0GCSqGSIb3DQEBCwUAA4IBAQB7AwTFv4/uX9EpFLhy
r53lVHwYObCDdvXsMTmx/p2Mi73RQKD+tHa8WCF/qrh90aXl7HVRw/2Y5h1uUG7q
YHSPCj86DcJzIdVNRYSenAYMn3iSSe/5CxQ6cGUlOfLokuHlFeJks4ryXZmY/Q2y
IJN3ZaPMP61gC/6N/tlRWVC5vrrfSUwzZZOcz8M6y1c2I0PZsII5WHzDIpsGlCZM
+aJORFHcK4rKCYITiUXQQYbVtwuHSfXOm5H7h4REyrVv9Y5Vj76yZf8T9pnehtHb
qHrgVr7B2SVEC5gJr5Q+xODhn05JCDoqZVgJz4g6my0HDVaZ6o6bV8p9Y8nPsIld
phqT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org