Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/O0hqQy2UcLQFC2n9xUh8AqGGhIQ.roa
File: O0hqQy2UcLQFC2n9xUh8AqGGhIQ.roa (raw, json)
Hash identifier: NW8xVTfcDIbOpz+bveMD3KpHyP1UfqBEO07bhvCgAeQ=
Subject key identifier: 3B:48:6A:43:2D:94:70:B4:05:0B:69:FD:C5:48:7C:02:A1:86:84:84
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 018CC3488DB3D557CD66559C6D6250AE99A8
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/O0hqQy2UcLQFC2n9xUh8AqGGhIQ.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 94.119.8.0/21 maxlen: 21
94.119.16.0/21 maxlen: 21
91.103.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8d:b3:d5:57:cd:66:55:9c:6d:62:50:ae:99:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b486a432d9470b4050b69fdc5487c02a1868484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a3:8b:17:cb:9d:aa:78:0e:97:dc:02:ea:85:
31:51:2a:32:c9:74:c4:ac:f9:f7:d5:3a:c8:44:47:
bf:6b:0b:b5:4f:1e:e7:07:67:4a:5c:31:41:e7:79:
ce:07:8e:59:71:c7:01:5c:e9:39:dc:b2:58:63:c0:
98:a1:c0:c2:06:fd:6c:13:31:2f:05:fa:20:86:5a:
91:47:dc:41:a5:5a:45:8d:75:61:cf:a8:b1:2d:65:
d6:db:33:76:c3:68:34:46:92:eb:0e:d4:ff:87:fe:
a8:a4:ba:46:af:41:42:29:f3:ef:b9:4b:87:fa:43:
28:4f:0b:54:6a:a0:8a:2d:43:96:02:66:56:06:5d:
5b:54:f2:8a:04:ad:0f:ba:4c:2f:8d:12:08:7f:48:
5c:3c:31:99:cb:bd:30:4d:02:b4:fe:0f:64:09:9f:
d7:09:bc:ea:be:f7:f2:13:b3:bd:19:d2:4e:66:4a:
c7:7b:44:52:b5:87:c5:7a:cb:41:23:02:e3:fe:a9:
09:e7:a8:05:99:a0:6a:f4:79:da:37:e1:b9:a4:53:
e8:94:05:7e:54:d4:90:25:28:ee:42:4f:51:65:95:
3b:57:ba:62:b6:1d:b9:9b:4e:6b:9a:ae:e1:2c:9d:
b5:03:4e:76:1b:45:df:0f:37:4f:08:9d:bd:33:21:
e5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:48:6A:43:2D:94:70:B4:05:0B:69:FD:C5:48:7C:02:A1:86:84:84
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/O0hqQy2UcLQFC2n9xUh8AqGGhIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.34.0/24
94.119.8.0-94.119.23.255
Signature Algorithm: sha256WithRSAEncryption
b0:28:4e:7b:1f:6f:1a:d6:34:09:10:cc:03:ee:6e:87:f9:7d:
33:aa:75:72:ff:4b:0d:9e:d2:2a:ca:da:b0:87:a1:e2:c8:8b:
06:dc:b0:6c:b1:1e:bf:03:d4:29:c9:c3:e6:1c:cf:04:ae:0c:
a6:79:f2:f6:7f:cb:4f:f3:df:25:a7:22:39:8b:65:1a:24:a4:
5b:22:82:ed:a7:3c:9f:f5:2e:26:bd:35:05:c3:34:ea:67:43:
0b:c1:8e:5f:9e:be:77:6f:a6:db:52:5b:30:1f:1d:c1:a6:91:
4e:23:7c:71:3d:0c:87:05:51:f5:80:d6:c9:5c:55:84:7e:03:
83:cc:a4:eb:1d:4f:10:a3:81:1f:65:0d:d4:04:2d:92:b5:45:
f3:7c:7b:2e:15:78:ee:05:20:60:64:e5:54:4d:1f:69:b3:f8:
1c:64:bb:5e:a4:4c:12:bd:1d:e6:f7:6a:ad:f6:1c:5f:fc:c6:
ae:af:33:e0:68:e2:f6:ce:fd:b4:c6:e7:2f:f1:aa:a8:f5:cb:
f6:e2:a6:d9:de:6a:8c:6d:b2:58:7a:aa:12:9c:f7:2e:78:8d:
24:64:bf:2a:3e:35:1f:09:6e:69:ce:29:86:59:36:a2:9d:c5:
4c:cd:96:e1:89:2f:2a:31:19:5b:c1:a6:54:83:57:12:ca:ab:
ac:2e:7c:a8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSI2z1VfNZlWcbWJQrpmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDM5OTUyODliNmE1Y2E5NzJjNGI4N2I1ZTMxNDljMzJj
YjQ0MzAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ4NmE0MzJkOTQ3MGI0MDUwYjY5ZmRjNTQ4N2MwMmExODY4NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqOLF8udqngOl9wC6oUxUSoyyXTE
rPn31TrIREe/awu1Tx7nB2dKXDFB53nOB45ZcccBXOk53LJYY8CYocDCBv1sEzEv
BfoghlqRR9xBpVpFjXVhz6ixLWXW2zN2w2g0RpLrDtT/h/6opLpGr0FCKfPvuUuH
+kMoTwtUaqCKLUOWAmZWBl1bVPKKBK0PukwvjRIIf0hcPDGZy70wTQK0/g9kCZ/X
CbzqvvfyE7O9GdJOZkrHe0RStYfFestBIwLj/qkJ56gFmaBq9HnaN+G5pFPolAV+
VNSQJSjuQk9RZZU7V7pith25m05rmq7hLJ21A052G0XfDzdPCJ29MyHlTwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDtIakMtlHC0BQtp/cVIfAKhhoSEMB8GA1UdIwQY
MBaAFL5DmVKJtqXKlyxLh7XjFJwyy0QwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTIt
MzA2MDQ1ZWZjZDY4LzEvTzBocVF5MlVjTFFGQzJuOXhVaDhBcUdHaElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTItMzA2MDQ1ZWZjZDY4
LzEvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW2ciMAwD
BANedwgDBANedxAwDQYJKoZIhvcNAQELBQADggEBALAoTnsfbxrWNAkQzAPubof5
fTOqdXL/Sw2e0irK2rCHoeLIiwbcsGyxHr8D1CnJw+YczwSuDKZ58vZ/y0/z3yWn
IjmLZRokpFsigu2nPJ/1Lia9NQXDNOpnQwvBjl+evndvpttSWzAfHcGmkU4jfHE9
DIcFUfWA1slcVYR+A4PMpOsdTxCjgR9lDdQELZK1RfN8ey4VeO4FIGBk5VRNH2mz
+Bxku16kTBK9Heb3aq32HF/8xq6vM+Bo4vbO/bTG5y/xqqj1y/biptneaoxtslh6
qhKc9y54jSRkvyo+NR8JbmnOKYZZNqKdxUzNluGJLyoxGVvBplSDVxLKq6wufKg=
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:17 2024 by rpki-client on console.sobornost.net