Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/oDIvnolwx1d600WRw77rbiNR1_M.roa
File: oDIvnolwx1d600WRw77rbiNR1_M.roa (raw, json)
Hash identifier: j2NLXXo8KCU5Z3ANwYiq721QhorEdVqYWIF0hfIlZKs=
Subject key identifier: A0:32:2F:9E:89:70:C7:57:7A:D3:45:91:C3:BE:EB:6E:23:51:D7:F3
Certificate issuer: /CN=80e506fcf1d7cf649d388e975ca26252e219fc7c
Certificate serial: 01856F0226DAF138B851AA33B56D7AE17245
Authority key identifier: 80:E5:06:FC:F1:D7:CF:64:9D:38:8E:97:5C:A2:62:52:E2:19:FC:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/oDIvnolwx1d600WRw77rbiNR1_M.roa
Signing time: Sun 01 Jan 2023 20:24:50 +0000
ROA not before: Sun 01 Jan 2023 20:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206766
IP address blocks: 91.198.208.0/24 maxlen: 24
91.198.210.0/24 maxlen: 24
91.198.215.0/24 maxlen: 24
91.198.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:26:da:f1:38:b8:51:aa:33:b5:6d:7a:e1:72:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80e506fcf1d7cf649d388e975ca26252e219fc7c
Validity
Not Before: Jan 1 20:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0322f9e8970c7577ad34591c3beeb6e2351d7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:a6:ff:eb:c5:8e:3a:01:4e:47:4a:8f:9d:
4a:91:2b:39:1c:1b:be:be:99:47:a8:4a:e5:6a:ed:
78:3b:04:e9:27:fb:f7:8d:cb:b9:cf:d0:11:06:6a:
35:de:da:74:d8:d3:35:29:82:86:11:9c:97:e2:8a:
3f:af:fd:9a:6b:3d:62:7e:06:e7:1c:5d:d6:31:5d:
93:ae:ad:c5:70:b8:bf:b4:9d:f8:86:63:b8:15:5e:
a9:ca:27:a7:2e:40:dc:01:82:7a:f5:9e:6e:6c:92:
a2:84:49:01:9d:7f:ec:58:26:68:a2:08:ab:10:80:
89:dd:43:18:d9:d0:43:65:97:01:52:89:5f:b0:e2:
03:97:11:b0:2b:52:d1:48:40:3c:98:fa:2b:e7:f9:
45:6e:86:c2:e6:0c:2e:58:41:fb:76:f1:06:97:55:
1f:b9:66:5f:64:f7:c9:6b:27:43:a9:85:85:d4:87:
47:75:ae:6a:73:b5:49:bd:b2:8d:d5:e0:b0:db:9d:
61:7d:ca:c2:d4:b8:cc:33:03:e8:2e:7b:a7:3e:bc:
9d:db:61:fa:75:b7:68:c7:6a:8c:5f:80:8c:ee:4e:
6b:46:d1:80:72:61:68:c8:db:70:47:c4:2a:54:9b:
37:8a:89:9f:00:41:75:bf:3b:5e:46:2a:d8:a1:cb:
19:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:32:2F:9E:89:70:C7:57:7A:D3:45:91:C3:BE:EB:6E:23:51:D7:F3
X509v3 Authority Key Identifier:
keyid:80:E5:06:FC:F1:D7:CF:64:9D:38:8E:97:5C:A2:62:52:E2:19:FC:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/oDIvnolwx1d600WRw77rbiNR1_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/a8f471-c243-4cc6-970d-ff7dc04ba385/1/gOUG_PHXz2SdOI6XXKJiUuIZ_Hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.208.0/24
91.198.210.0/24
91.198.215.0/24
91.198.218.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f6:58:99:e0:3c:d9:c5:a1:0b:56:fc:5f:7b:ba:fc:df:d1:
98:cf:df:e7:10:08:8c:b5:da:09:13:ec:05:e9:89:cf:cf:9d:
b2:e0:d0:f5:af:f8:11:c8:53:0a:0a:0d:c7:d6:0a:fc:c1:74:
a1:4a:bf:a2:98:7e:79:2c:e7:4b:ee:08:95:ae:a7:49:41:3c:
37:f4:60:bf:79:04:f1:97:64:e5:0d:8d:75:ed:4e:1b:f0:8e:
38:48:88:19:a2:eb:44:27:0b:b0:29:ac:69:92:da:a4:0a:bf:
8c:a7:94:26:d3:c5:15:c6:cd:83:21:e7:79:1b:08:8c:6a:54:
a1:d1:20:ee:8e:ed:8d:cb:92:25:50:03:d0:3f:2b:ec:cf:8d:
39:77:48:aa:af:0b:b1:49:58:9b:b7:0b:ea:60:ad:f3:de:c2:
9e:ac:55:38:1f:5c:6d:b2:80:2d:9f:b1:99:43:47:ad:aa:0a:
04:8a:5d:db:fd:c7:9c:95:16:ee:90:5a:f2:30:2a:8e:ff:e1:
12:12:28:13:2b:68:a5:14:f0:74:73:91:f6:c1:ed:df:18:df:
b0:09:5b:ec:53:e8:e8:46:4f:f5:fd:8c:ad:4d:ec:bd:dd:4f:
af:87:a7:00:38:4d:cc:e0:35:66:f8:0f:c8:03:e3:ea:ab:c8:
5a:76:cd:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvAiba8Ti4UaoztW164XJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZTUwNmZjZjFkN2NmNjQ5ZDM4OGU5NzVjYTI2MjUyZTIx
OWZjN2MwHhcNMjMwMTAxMjAyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMyMmY5ZTg5NzBjNzU3N2FkMzQ1OTFjM2JlZWI2ZTIzNTFkN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5am/+vFjjoBTkdKj51KkSs5HBu+
vplHqErlau14OwTpJ/v3jcu5z9ARBmo13tp02NM1KYKGEZyX4oo/r/2aaz1ifgbn
HF3WMV2Trq3FcLi/tJ34hmO4FV6pyienLkDcAYJ69Z5ubJKihEkBnX/sWCZoogir
EICJ3UMY2dBDZZcBUolfsOIDlxGwK1LRSEA8mPor5/lFbobC5gwuWEH7dvEGl1Uf
uWZfZPfJaydDqYWF1IdHda5qc7VJvbKN1eCw251hfcrC1LjMMwPoLnunPryd22H6
dbdox2qMX4CM7k5rRtGAcmFoyNtwR8QqVJs3iomfAEF1vzteRirYocsZfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKAyL56JcMdXetNFkcO+624jUdfzMB8GA1UdIwQY
MBaAFIDlBvzx189knTiOl1yiYlLiGfx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ09VR19QSFh6MlNkT0k2WFhLSmlVdUlaX0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hOGY0NzEtYzI0My00Y2M2LTk3MGQt
ZmY3ZGMwNGJhMzg1LzEvb0RJdm5vbHd4MWQ2MDBXUnc3N3JiaU5SMV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hOGY0NzEtYzI0My00Y2M2LTk3MGQtZmY3ZGMwNGJhMzg1
LzEvZ09VR19QSFh6MlNkT0k2WFhLSmlVdUlaX0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8bQAwQA
W8bSAwQAW8bXAwQAW8baMA0GCSqGSIb3DQEBCwUAA4IBAQBS9liZ4DzZxaELVvxf
e7r839GYz9/nEAiMtdoJE+wF6YnPz52y4ND1r/gRyFMKCg3H1gr8wXShSr+imH55
LOdL7giVrqdJQTw39GC/eQTxl2TlDY117U4b8I44SIgZoutEJwuwKaxpktqkCr+M
p5Qm08UVxs2DIed5GwiMalSh0SDuju2Ny5IlUAPQPyvsz405d0iqrwuxSVibtwvq
YK3z3sKerFU4H1xtsoAtn7GZQ0etqgoEil3b/ceclRbukFryMCqO/+ESEigTK2il
FPB0c5H2we3fGN+wCVvsU+joRk/1/YytTey93U+vh6cAOE3M4DVm+A/IA+Pqq8ha
ds2u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:47 2024 by rpki-client on console-fra.rpki-client.org