Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/O-xZIyaXhqCfS5tHDU4LxpZ5ytQ.roa
File: O-xZIyaXhqCfS5tHDU4LxpZ5ytQ.roa (raw, json)
Hash identifier: /GBxksjY6/rHaSFQuy1YbOvxudEh3oQbUkMtMBaqJrk=
Subject key identifier: 3B:EC:59:23:26:97:86:A0:9F:4B:9B:47:0D:4E:0B:C6:96:79:CA:D4
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 018745CFBB76FB8B14D0D8C39906B3599DA4
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/O-xZIyaXhqCfS5tHDU4LxpZ5ytQ.roa
Signing time: Mon 03 Apr 2023 06:30:54 +0000
ROA not before: Mon 03 Apr 2023 06:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206614
IP address blocks: 141.226.125.0/24 maxlen: 24
141.226.129.0/24 maxlen: 24
141.226.128.0/24 maxlen: 24
141.226.130.0/24 maxlen: 24
141.226.131.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.126.0/24 maxlen: 24
2a06:3b80:26::/48 maxlen: 48
2a06:3b80:21::/48 maxlen: 48
2a06:3b80:154::/48 maxlen: 48
2a06:3b80:24::/48 maxlen: 48
2a06:3b80:25::/48 maxlen: 48
2a06:3b80:23::/48 maxlen: 48
2a06:3b80:22::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:cf:bb:76:fb:8b:14:d0:d8:c3:99:06:b3:59:9d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Apr 3 06:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bec5923269786a09f4b9b470d4e0bc69679cad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:33:36:48:bd:27:57:07:d2:20:9b:8b:ce:6c:
a5:fb:93:11:6f:50:a5:af:9d:e8:08:43:41:fc:c4:
db:45:82:b7:dd:56:f0:ab:1e:6b:87:e1:79:5f:f2:
9b:c6:1c:5e:b0:e8:10:e6:b4:2b:e4:34:e5:9f:5e:
81:5d:b7:f2:97:5f:a3:40:30:4c:bb:71:f5:b6:11:
b5:b0:c9:21:36:02:de:e9:eb:b1:84:aa:44:51:42:
aa:d2:dd:4a:86:0d:71:8d:19:40:e9:78:fe:fe:5c:
45:31:de:9b:81:a4:37:0f:bb:88:21:8b:08:bb:e3:
b6:21:51:68:83:48:24:83:08:00:fb:54:3d:24:75:
dd:06:3b:ba:1f:83:eb:8c:dc:e4:c5:f7:57:92:67:
da:c7:d1:61:53:22:1c:70:c0:a9:60:b9:79:07:dd:
35:78:f1:be:93:82:74:fa:ed:93:a5:64:9c:08:7c:
88:61:37:df:7c:7d:70:94:e0:53:dd:bd:35:cd:9c:
97:85:b3:aa:90:58:27:1f:9d:c9:f0:c0:bc:23:db:
44:f3:59:ff:40:73:11:9a:2b:51:10:f3:15:db:dd:
bc:f4:fb:62:27:cb:af:77:53:41:cc:6b:5a:46:be:
42:43:82:ed:53:ba:c1:39:10:52:98:21:fa:59:39:
fa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EC:59:23:26:97:86:A0:9F:4B:9B:47:0D:4E:0B:C6:96:79:CA:D4
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/O-xZIyaXhqCfS5tHDU4LxpZ5ytQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.125.0-141.226.131.255
IPv6:
2a06:3b80:21::-2a06:3b80:26:ffff:ffff:ffff:ffff:ffff
2a06:3b80:154::/48
Signature Algorithm: sha256WithRSAEncryption
00:d6:9f:16:e8:e5:47:8c:8c:7a:39:59:d0:d3:06:b7:7f:65:
a6:f6:52:cd:12:80:b7:8b:66:6c:08:7e:f4:82:69:f6:64:9a:
f5:1d:f6:95:0c:7d:99:93:d8:66:d2:10:e4:a8:54:0b:a4:a1:
3c:bc:7e:ac:45:08:b4:6f:1f:e6:3b:2f:bf:36:43:bb:43:b9:
20:88:b0:d8:52:3e:ff:1e:52:66:11:a1:6b:42:18:0e:bb:8a:
2d:a3:96:7e:14:a0:d2:88:99:86:97:10:e5:4d:5e:e1:df:9a:
ae:16:46:81:e4:5b:ab:4d:3b:1a:1e:f3:d5:c7:74:ef:7d:d0:
f4:9d:70:37:7d:fa:5c:7b:af:c5:ea:af:64:ff:ca:81:6a:59:
42:7e:a4:91:0f:2d:83:4b:09:d2:9f:36:06:68:de:cd:36:68:
b5:41:c1:e5:7f:0d:64:7d:e6:75:f2:be:bb:1f:1e:7d:d5:d0:
94:b6:83:6e:4f:43:9a:47:f4:e6:32:0f:e5:12:2f:58:69:4c:
5b:90:a0:da:eb:0d:b7:17:08:0d:02:4a:02:0e:cc:bf:9b:72:
66:0d:9f:47:3b:b1:70:9d:30:87:e8:6a:58:72:1f:6b:37:08:
e4:0d:9f:9e:41:b0:d1:35:b6:08:2d:72:eb:47:d4:ed:45:63:
d0:16:67:75
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYdFz7t2+4sU0NjDmQazWZ2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjc0Y2Q4NDY0OTMxMzhmNTIyYzU3YzAwNjViNWM2MDUx
MmRkMDkwHhcNMjMwNDAzMDYzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVjNTkyMzI2OTc4NmEwOWY0YjliNDcwZDRlMGJjNjk2NzljYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzM2SL0nVwfSIJuLzmyl+5MRb1Cl
r53oCENB/MTbRYK33Vbwqx5rh+F5X/KbxhxesOgQ5rQr5DTln16BXbfyl1+jQDBM
u3H1thG1sMkhNgLe6euxhKpEUUKq0t1Khg1xjRlA6Xj+/lxFMd6bgaQ3D7uIIYsI
u+O2IVFog0gkgwgA+1Q9JHXdBju6H4PrjNzkxfdXkmfax9FhUyIccMCpYLl5B901
ePG+k4J0+u2TpWScCHyIYTfffH1wlOBT3b01zZyXhbOqkFgnH53J8MC8I9tE81n/
QHMRmitREPMV29289PtiJ8uvd1NBzGtaRr5CQ4LtU7rBORBSmCH6WTn6KwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDvsWSMml4agn0ubRw1OC8aWecrUMB8GA1UdIwQY
MBaAFMv3TNhGSTE49SLFfABltcYFEt0JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2Yt
OTgyZDFmMjFhMzJiLzEvTy14Wkl5YVhocUNmUzV0SERVNEx4cFo1eXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2YtOTgyZDFmMjFhMzJi
LzEveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAUBAIAATAOMAwDBACN4n0D
BAKN4oAwIwQCAAIwHTASAwcAKgY7gAAhAwcAKgY7gAAmAwcAKgY7gAFUMA0GCSqG
SIb3DQEBCwUAA4IBAQAA1p8W6OVHjIx6OVnQ0wa3f2Wm9lLNEoC3i2ZsCH70gmn2
ZJr1HfaVDH2Zk9hm0hDkqFQLpKE8vH6sRQi0bx/mOy+/NkO7Q7kgiLDYUj7/HlJm
EaFrQhgOu4oto5Z+FKDSiJmGlxDlTV7h35quFkaB5FurTTsaHvPVx3TvfdD0nXA3
ffpce6/F6q9k/8qBallCfqSRDy2DSwnSnzYGaN7NNmi1QcHlfw1kfeZ18r67Hx59
1dCUtoNuT0OaR/TmMg/lEi9YaUxbkKDa6w23FwgNAkoCDsy/m3JmDZ9HO7FwnTCH
6GpYch9rNwjkDZ+eQbDRNbYILXLrR9TtRWPQFmd1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org