Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OxXGbjAfv7-DowH9lRudUbvfXYE.roa
File: OxXGbjAfv7-DowH9lRudUbvfXYE.roa (raw, json)
Hash identifier: G/WnZIsQKzQzAZkWh0DJtywyAhBY8lmIcBFW31kWz+M=
Subject key identifier: 3B:15:C6:6E:30:1F:BF:BF:83:A3:01:FD:95:1B:9D:51:BB:DF:5D:81
Certificate issuer: /CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Certificate serial: 01856D5CF0771A3CDCF67247D45CB744C468
Authority key identifier: 38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OxXGbjAfv7-DowH9lRudUbvfXYE.roa
Signing time: Sun 01 Jan 2023 12:44:45 +0000
ROA not before: Sun 01 Jan 2023 12:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199117
IP address blocks: 91.240.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f0:77:1a:3c:dc:f6:72:47:d4:5c:b7:44:c4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f746b81aec00e36b9bcb7a08642a64e913da5b
Validity
Not Before: Jan 1 12:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b15c66e301fbfbf83a301fd951b9d51bbdf5d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9b:ba:d9:eb:26:6f:fb:99:10:bd:d7:19:85:
ee:0d:cc:e1:a5:5c:fd:09:4b:af:5d:d7:4b:53:48:
b3:75:94:e8:5e:22:2d:38:2b:48:3f:76:8e:4e:6e:
37:95:96:43:76:fd:84:c4:6a:38:29:b8:c4:b5:2b:
19:ae:19:ea:5b:00:99:59:18:1f:57:04:6d:db:d0:
d9:b6:74:93:5a:9c:21:43:96:d4:f8:3a:82:85:a3:
c3:f9:db:89:05:84:dd:e0:2a:ae:1a:1a:e7:a1:41:
24:0e:8f:29:1d:d3:d3:fc:bc:29:7d:c2:0d:d2:d7:
ed:ad:f6:b5:1a:bd:17:38:41:17:54:33:a3:0c:a7:
27:c3:26:02:b9:45:4e:04:c3:28:ac:67:c4:f1:a7:
58:ac:3d:ef:78:a4:08:f4:06:f4:0e:ae:3f:0d:46:
bb:e3:56:f7:07:72:71:88:7c:5f:1e:78:e0:03:60:
d4:1e:44:29:2b:9c:6e:8d:eb:14:df:94:9e:21:f0:
1c:9c:6f:aa:2f:fa:90:d0:5f:12:f2:25:26:f8:e7:
b0:cf:a7:7b:fd:1b:83:46:02:0d:e3:6c:e6:40:e6:
bb:be:f6:6d:a6:3f:1d:68:fb:cf:c8:f3:74:d0:fc:
1b:c3:c9:6b:01:5f:bb:ec:0d:2f:f3:78:51:4f:13:
42:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:15:C6:6E:30:1F:BF:BF:83:A3:01:FD:95:1B:9D:51:BB:DF:5D:81
X509v3 Authority Key Identifier:
keyid:38:F7:46:B8:1A:EC:00:E3:6B:9B:CB:7A:08:64:2A:64:E9:13:DA:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPdGuBrsAONrm8t6CGQqZOkT2ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OxXGbjAfv7-DowH9lRudUbvfXYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f4dc76-dcd2-475b-9e68-c22395ce1be4/1/OPdGuBrsAONrm8t6CGQqZOkT2ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.241.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ea:8c:ec:4b:ec:f8:5b:33:30:64:ca:95:e2:61:2e:2a:e7:
5a:8c:9f:de:f1:b7:b7:62:97:87:8a:11:ff:27:e7:39:c7:45:
d1:6a:8d:71:90:04:ed:0e:37:2c:8c:6f:0f:b4:17:aa:dd:fd:
1e:a2:2d:f9:fd:88:f9:f9:59:d4:85:2e:f9:77:aa:0d:0b:19:
9b:b3:2b:55:56:d0:a6:c7:41:d2:ba:8e:8b:a9:72:a4:fb:06:
e5:e2:0a:35:10:ce:51:d5:9b:c8:b2:ba:4f:28:8c:7b:e3:c7:
b5:ec:69:50:c6:e1:92:f8:5d:ad:ec:e8:6f:32:0c:43:56:47:
96:d8:91:fa:4a:40:aa:0b:f4:47:63:7d:a3:28:f7:ba:c4:96:
61:39:b7:f5:73:8c:87:6e:63:99:22:52:a5:b8:78:06:17:f9:
75:ce:11:46:3f:59:42:b3:50:2f:aa:64:ec:61:2d:3a:61:76:
06:ac:be:d6:21:23:04:b3:b2:45:65:d8:5a:f9:a2:2c:55:fa:
0f:c8:de:d9:e2:1d:74:6f:c7:7a:06:0f:e3:4d:50:47:54:d1:
6d:7e:12:0e:a3:1f:53:e1:a0:2b:9c:de:30:83:99:a7:b0:85:
4b:c4:6b:c4:62:cd:a1:7f:07:29:e0:f4:89:8a:bc:89:73:67:
7a:eb:cc:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXPB3Gjzc9nJH1Fy3RMRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Zjc0NmI4MWFlYzAwZTM2YjliY2I3YTA4NjQyYTY0ZTkx
M2RhNWIwHhcNMjMwMTAxMTI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE1YzY2ZTMwMWZiZmJmODNhMzAxZmQ5NTFiOWQ1MWJiZGY1ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJu62esmb/uZEL3XGYXuDczhpVz9
CUuvXddLU0izdZToXiItOCtIP3aOTm43lZZDdv2ExGo4KbjEtSsZrhnqWwCZWRgf
VwRt29DZtnSTWpwhQ5bU+DqChaPD+duJBYTd4CquGhrnoUEkDo8pHdPT/LwpfcIN
0tftrfa1Gr0XOEEXVDOjDKcnwyYCuUVOBMMorGfE8adYrD3veKQI9Ab0Dq4/DUa7
41b3B3JxiHxfHnjgA2DUHkQpK5xujesU35SeIfAcnG+qL/qQ0F8S8iUm+Oewz6d7
/RuDRgIN42zmQOa7vvZtpj8daPvPyPN00Pwbw8lrAV+77A0v83hRTxNCwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsVxm4wH7+/g6MB/ZUbnVG7312BMB8GA1UdIwQY
MBaAFDj3Rrga7ADja5vLeghkKmTpE9pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgt
YzIyMzk1Y2UxYmU0LzEvT3hYR2JqQWZ2Ny1Eb3dIOWxSdWRVYnZmWFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mNGRjNzYtZGNkMi00NzViLTllNjgtYzIyMzk1Y2UxYmU0
LzEvT1BkR3VCcnNBT05ybTh0NkNHUXFaT2tUMmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/DxMA0G
CSqGSIb3DQEBCwUAA4IBAQCU6ozsS+z4WzMwZMqV4mEuKudajJ/e8be3YpeHihH/
J+c5x0XRao1xkATtDjcsjG8PtBeq3f0eoi35/Yj5+VnUhS75d6oNCxmbsytVVtCm
x0HSuo6LqXKk+wbl4go1EM5R1ZvIsrpPKIx748e17GlQxuGS+F2t7OhvMgxDVkeW
2JH6SkCqC/RHY32jKPe6xJZhObf1c4yHbmOZIlKluHgGF/l1zhFGP1lCs1AvqmTs
YS06YXYGrL7WISMEs7JFZdha+aIsVfoPyN7Z4h10b8d6Bg/jTVBHVNFtfhIOox9T
4aArnN4wg5mnsIVLxGvEYs2hfwcp4PSJiryJc2d668x4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:55 2024 by rpki-client on console-ams.rpki-client.org