Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OZcgaaFu17isE1HE93T0IfNy5-w.roa
File: OZcgaaFu17isE1HE93T0IfNy5-w.roa (raw, json)
Hash identifier: 67f4guMSJ3psVFFuuEx/K50c7+kk5GNfo90xIBpJdR4=
Subject key identifier: 39:97:20:69:A1:6E:D7:B8:AC:13:51:C4:F7:74:F4:21:F3:72:E7:EC
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83FF3C6598405C22B8ED2E807099E
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OZcgaaFu17isE1HE93T0IfNy5-w.roa
Signing time: Sun 01 Jan 2023 09:44:52 +0000
ROA not before: Sun 01 Jan 2023 09:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16028
IP address blocks: 193.251.162.0/23 maxlen: 24
193.251.160.0/24 maxlen: 24
81.52.208.0/21 maxlen: 24
2a01:cde0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3f:f3:c6:59:84:05:c2:2b:8e:d2:e8:07:09:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39972069a16ed7b8ac1351c4f774f421f372e7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:60:75:9f:81:e3:bd:49:65:14:85:1d:9e:
f4:3b:a8:af:0d:7a:24:3c:30:5c:91:46:56:58:d4:
b7:ff:be:dc:71:98:27:07:22:a6:da:ba:76:8d:76:
5d:83:20:96:7e:89:e6:36:43:1f:71:7f:7a:79:70:
21:22:6c:04:06:02:15:44:da:62:3a:04:c1:b8:d0:
a5:9c:77:61:16:88:c3:75:1e:6d:97:2c:36:82:e8:
41:47:f5:4c:53:49:05:e2:cb:43:b7:61:97:a5:59:
a4:37:e0:7d:84:52:d5:28:f1:91:50:a7:6d:95:d4:
ac:3a:ba:ab:6b:44:db:c1:88:c6:cf:01:e6:06:e8:
dd:7f:c3:21:d0:8f:51:53:26:3c:d9:6a:7b:25:3c:
45:cb:0d:2f:e8:f2:83:4e:e5:0c:15:95:58:19:28:
4c:2c:a2:c0:7b:68:cd:6a:c2:f9:d3:ca:6b:69:81:
7d:d2:cf:ca:4f:2d:7e:ac:7c:06:13:0a:2e:92:eb:
66:2e:e0:67:1f:04:14:8e:a7:e0:ce:66:9b:ff:e3:
62:07:60:9c:e3:76:df:c0:71:98:ce:cb:9e:80:5e:
49:ba:8b:03:dc:83:17:ad:73:70:82:25:f2:ca:33:
94:ee:44:1f:fa:85:5f:e0:1c:94:04:3e:77:65:31:
36:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:97:20:69:A1:6E:D7:B8:AC:13:51:C4:F7:74:F4:21:F3:72:E7:EC
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OZcgaaFu17isE1HE93T0IfNy5-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.208.0/21
193.251.160.0/24
193.251.162.0/23
IPv6:
2a01:cde0::/32
Signature Algorithm: sha256WithRSAEncryption
90:d9:5f:41:03:ae:4b:da:21:32:c4:ef:6d:2b:67:61:65:76:
7d:9d:00:57:e5:e6:6a:40:6a:c0:de:43:f0:d3:3e:60:61:eb:
29:f9:ba:52:f5:24:21:30:6c:1f:36:6a:70:5a:64:12:5b:99:
28:68:65:76:30:2d:7b:b0:ce:b0:f4:3b:62:b9:5d:57:0b:9d:
a0:63:0b:41:b0:1c:67:50:50:ed:d7:44:53:ed:29:b3:33:6a:
a4:38:92:9b:8d:36:79:d4:e2:ed:7e:ba:05:1e:97:5a:dd:c0:
66:75:ed:32:fe:87:47:c6:df:fc:16:8f:fd:3c:b7:03:0b:ab:
7a:f1:35:de:36:1d:bb:54:2a:d0:b7:b0:e4:5d:e0:3b:97:ae:
7b:90:09:ad:54:6d:01:33:7e:92:b2:cf:a1:da:48:3a:f6:e9:
95:0d:93:47:51:5a:3e:0d:b6:25:5b:d1:60:85:02:4a:18:34:
85:78:87:8f:ea:8f:47:53:c9:bc:25:3c:7b:ad:db:75:fc:dc:
18:12:94:b8:a1:d6:53:f3:f7:eb:25:98:ca:ae:37:a0:ab:83:
52:95:7e:6b:e5:f2:6b:a6:ed:65:13:73:ef:f8:52:b5:ec:c2:
30:cd:76:7e:bf:7f:3d:bb:bf:f7:1a:d5:e6:0a:03:2e:f4:d0:
54:c0:44:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsuD/zxlmEBcIrjtLoBwmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk3MjA2OWExNmVkN2I4YWMxMzUxYzRmNzc0ZjQyMWYzNzJlN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8BgdZ+B471JZRSFHZ70O6ivDXok
PDBckUZWWNS3/77ccZgnByKm2rp2jXZdgyCWfonmNkMfcX96eXAhImwEBgIVRNpi
OgTBuNClnHdhFojDdR5tlyw2guhBR/VMU0kF4stDt2GXpVmkN+B9hFLVKPGRUKdt
ldSsOrqra0TbwYjGzwHmBujdf8Mh0I9RUyY82Wp7JTxFyw0v6PKDTuUMFZVYGShM
LKLAe2jNasL508praYF90s/KTy1+rHwGEwoukutmLuBnHwQUjqfgzmab/+NiB2Cc
43bfwHGYzsuegF5JuosD3IMXrXNwgiXyyjOU7kQf+oVf4ByUBD53ZTE2bQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDmXIGmhbte4rBNRxPd09CHzcufsMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvT1pjZ2FhRnUxN2lzRTFIRTkzVDBJZk55NS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDUTTQAwQA
wfugAwQBwfuiMA0EAgACMAcDBQAqAc3gMA0GCSqGSIb3DQEBCwUAA4IBAQCQ2V9B
A65L2iEyxO9tK2dhZXZ9nQBX5eZqQGrA3kPw0z5gYesp+bpS9SQhMGwfNmpwWmQS
W5koaGV2MC17sM6w9DtiuV1XC52gYwtBsBxnUFDt10RT7SmzM2qkOJKbjTZ51OLt
froFHpda3cBmde0y/odHxt/8Fo/9PLcDC6t68TXeNh27VCrQt7DkXeA7l657kAmt
VG0BM36Sss+h2kg69umVDZNHUVo+DbYlW9FghQJKGDSFeIeP6o9HU8m8JTx7rdt1
/NwYEpS4odZT8/frJZjKrjegq4NSlX5r5fJrpu1lE3Pv+FK17MIwzXZ+v389u7/3
GtXmCgMu9NBUwESG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org