Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/ornIeo2A_6aZeLtK2Shpcbkyy-U.roa
File: ornIeo2A_6aZeLtK2Shpcbkyy-U.roa (raw, json)
Hash identifier: LCXMUzgQc8YDFNR5oG9hc4Ay0goyUE1ehzOjs0nOdfE=
Subject key identifier: A2:B9:C8:7A:8D:80:FF:A6:99:78:BB:4A:D9:28:69:71:B9:32:CB:E5
Certificate issuer: /CN=1c37a9026e45b68fe4735a469b75636130ad125c
Certificate serial: 018900EF17D59F2B3992252CED39B2A89A33
Authority key identifier: 1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/ornIeo2A_6aZeLtK2Shpcbkyy-U.roa
Signing time: Wed 28 Jun 2023 07:36:56 +0000
ROA not before: Wed 28 Jun 2023 07:36:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210625
IP address blocks: 147.236.229.0/24 maxlen: 24
147.236.228.0/23 maxlen: 23
147.236.228.0/22 maxlen: 22
147.236.230.0/24 maxlen: 24
147.236.230.0/23 maxlen: 23
147.236.231.0/24 maxlen: 24
147.236.228.0/24 maxlen: 24
2a13:54c0::/29 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:ef:17:d5:9f:2b:39:92:25:2c:ed:39:b2:a8:9a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c37a9026e45b68fe4735a469b75636130ad125c
Validity
Not Before: Jun 28 07:36:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2b9c87a8d80ffa69978bb4ad9286971b932cbe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8b:03:8b:bf:9f:a0:bb:dc:cc:d2:8b:dc:5e:
42:01:d8:a5:36:b8:3f:39:4b:e6:10:c7:aa:70:46:
e4:28:b9:40:69:42:b5:14:2e:70:04:43:35:73:84:
4d:ea:77:76:c5:25:5e:70:9a:c4:57:88:32:a5:1a:
26:65:7c:6a:ad:d8:04:1b:8c:5d:d6:eb:7e:47:12:
a1:35:1e:ce:6e:b5:0a:85:83:f9:b1:23:53:5d:db:
fc:df:fd:a0:0c:d3:5a:0e:5b:5a:cf:0d:d0:cd:78:
a7:fd:62:6e:5d:01:ae:a3:e8:a2:97:d0:a2:14:e6:
d5:68:4e:6b:76:cd:fa:24:cc:f3:48:95:72:69:19:
3e:a0:69:88:cf:f9:07:2e:58:36:b8:b3:c4:b8:50:
8b:f3:96:28:bc:e0:91:c2:b9:7a:5a:96:06:77:7b:
e8:45:71:d8:41:12:70:45:04:9b:d0:75:9a:02:f1:
64:8a:2f:21:bc:42:11:55:5f:cb:a4:be:22:4d:34:
0e:ed:44:c5:5f:9e:90:5b:2b:18:74:8b:fd:f3:f9:
21:18:04:1c:58:ab:aa:3c:c0:64:b9:23:60:28:01:
c6:54:2a:99:86:99:43:2f:05:ca:97:fa:25:ce:2f:
6d:51:62:76:27:5a:70:d0:db:1e:ea:9b:21:b9:bb:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B9:C8:7A:8D:80:FF:A6:99:78:BB:4A:D9:28:69:71:B9:32:CB:E5
X509v3 Authority Key Identifier:
keyid:1C:37:A9:02:6E:45:B6:8F:E4:73:5A:46:9B:75:63:61:30:AD:12:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDepAm5Fto_kc1pGm3VjYTCtElw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/ornIeo2A_6aZeLtK2Shpcbkyy-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2bb603-f479-40cb-82d4-48d672973b13/1/HDepAm5Fto_kc1pGm3VjYTCtElw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.236.228.0/22
IPv6:
2a13:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
e5:e0:12:bf:7d:e6:83:2f:f1:85:e3:c1:f6:f2:14:2a:3d:f0:
ed:14:86:ce:a6:e0:75:6f:b0:a1:0e:4a:8c:38:96:f8:6f:b8:
2a:d8:2e:41:f5:2e:54:65:98:67:7e:a1:88:db:06:54:a0:0a:
a1:dc:44:00:5a:64:14:fc:bb:7f:10:2e:b0:6f:0a:ce:16:0d:
6c:50:54:0b:de:02:25:8b:14:14:77:ca:2f:f2:84:2f:24:a6:
0b:2d:b2:17:be:d5:8e:7f:8e:4c:f1:b9:f8:47:bb:3c:a5:1a:
8a:0d:47:19:d3:e7:4d:7d:7f:15:c3:d9:95:ee:32:e4:88:f4:
c9:95:da:ab:e9:ab:81:23:7c:7d:fc:6e:00:a9:49:37:8c:79:
c8:a5:a7:65:0d:96:db:21:59:64:72:cf:80:42:f5:6d:8a:0f:
b1:3c:22:77:09:78:f4:ba:10:75:6a:19:f6:1c:58:ae:ec:8d:
a9:d8:ed:de:f8:b7:db:c4:c2:d7:37:a8:a5:0d:af:83:1c:c8:
46:ec:f9:15:ff:e3:28:9d:b9:55:e5:a2:28:7a:98:3b:89:5b:
9b:bf:2f:dd:23:a4:26:02:a7:5c:bb:e5:82:27:eb:63:18:06:
1d:12:ca:de:03:a6:e0:a3:7a:0e:d4:d7:cd:a7:08:47:16:48:
6c:d1:c5:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkA7xfVnys5kiUs7TmyqJozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzdhOTAyNmU0NWI2OGZlNDczNWE0NjliNzU2MzYxMzBh
ZDEyNWMwHhcNMjMwNjI4MDczNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI5Yzg3YThkODBmZmE2OTk3OGJiNGFkOTI4Njk3MWI5MzJjYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4sDi7+foLvczNKL3F5CAdilNrg/
OUvmEMeqcEbkKLlAaUK1FC5wBEM1c4RN6nd2xSVecJrEV4gypRomZXxqrdgEG4xd
1ut+RxKhNR7ObrUKhYP5sSNTXdv83/2gDNNaDltazw3QzXin/WJuXQGuo+iil9Ci
FObVaE5rds36JMzzSJVyaRk+oGmIz/kHLlg2uLPEuFCL85YovOCRwrl6WpYGd3vo
RXHYQRJwRQSb0HWaAvFkii8hvEIRVV/LpL4iTTQO7UTFX56QWysYdIv98/khGAQc
WKuqPMBkuSNgKAHGVCqZhplDLwXKl/olzi9tUWJ2J1pw0Nse6pshubu5pwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKK5yHqNgP+mmXi7StkoaXG5MsvlMB8GA1UdIwQY
MBaAFBw3qQJuRbaP5HNaRpt1Y2EwrRJcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQt
NDhkNjcyOTczYjEzLzEvb3JuSWVvMkFfNmFaZUx0SzJTaHBjYmt5eS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yYmI2MDMtZjQ3OS00MGNiLTgyZDQtNDhkNjcyOTczYjEz
LzEvSERlcEFtNUZ0b19rYzFwR20zVmpZVEN0RWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk+zkMA0E
AgACMAcDBQMqE1TAMA0GCSqGSIb3DQEBCwUAA4IBAQDl4BK/feaDL/GF48H28hQq
PfDtFIbOpuB1b7ChDkqMOJb4b7gq2C5B9S5UZZhnfqGI2wZUoAqh3EQAWmQU/Lt/
EC6wbwrOFg1sUFQL3gIlixQUd8ov8oQvJKYLLbIXvtWOf45M8bn4R7s8pRqKDUcZ
0+dNfX8Vw9mV7jLkiPTJldqr6auBI3x9/G4AqUk3jHnIpadlDZbbIVlkcs+AQvVt
ig+xPCJ3CXj0uhB1ahn2HFiu7I2p2O3e+LfbxMLXN6ilDa+DHMhG7PkV/+MonblV
5aIoepg7iVubvy/dI6QmAqdcu+WCJ+tjGAYdEsreA6bgo3oO1NfNpwhHFkhs0cUH
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:51 2023 by rpki-client on console.sobornost.net