Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/COEtQOYcWU7zLNE5B9d4uFT_9nI.roa
File: COEtQOYcWU7zLNE5B9d4uFT_9nI.roa (raw, json)
Hash identifier: rWNy4THrlQLIbZ9L11QpP4NRNGtScZvQXnBW8fbt0gc=
Subject key identifier: 08:E1:2D:40:E6:1C:59:4E:F3:2C:D1:39:07:D7:78:B8:54:FF:F6:72
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018B03E72C81D2C23B5728D538CB461A2D37
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/COEtQOYcWU7zLNE5B9d4uFT_9nI.roa
Signing time: Fri 06 Oct 2023 07:32:43 +0000
ROA not before: Fri 06 Oct 2023 07:32:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201476
IP address blocks: 5.183.12.0/22 maxlen: 22
217.75.216.0/23 maxlen: 32
217.75.214.0/23 maxlen: 32
185.167.184.0/22 maxlen: 32
185.73.104.0/22 maxlen: 32
185.73.100.0/22 maxlen: 32
185.73.108.0/22 maxlen: 32
2a03:4260::/32 maxlen: 48
2a03:4260::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:e7:2c:81:d2:c2:3b:57:28:d5:38:cb:46:1a:2d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Oct 6 07:32:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08e12d40e61c594ef32cd13907d778b854fff672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3d:f6:9e:2a:2c:29:52:87:3c:3a:61:d3:d1:
f6:14:f2:75:5c:d3:23:d0:72:9d:0d:ae:d1:bd:a5:
24:91:5d:5e:f8:c3:f7:98:ab:02:e1:df:ad:5c:c1:
25:fc:ec:77:95:84:b3:ac:50:da:14:f9:8d:a0:e3:
36:ca:46:a6:15:10:ac:2b:fe:2a:e3:d5:cb:5e:55:
99:ec:fa:e8:4f:c9:c4:de:12:ed:df:36:07:b4:54:
91:ef:90:a9:7b:97:ce:92:a6:f0:3b:7b:40:58:67:
fb:b8:a2:00:f2:dd:e9:fa:22:dd:20:f4:1f:bb:cf:
7f:d2:55:31:ba:12:ca:0c:e8:ac:20:ea:9d:d3:eb:
27:7a:9d:73:f6:b8:8c:31:81:3e:c7:36:b8:24:29:
2c:2a:c8:4b:25:79:f0:43:5e:b1:10:d4:80:57:32:
68:1f:4d:5b:49:84:ab:d4:ee:38:0d:f3:b4:ab:8f:
cf:2c:37:01:3a:1e:1c:5b:40:4c:9f:bc:09:a7:b7:
c1:2a:91:e5:62:9b:93:64:86:d4:9c:4b:42:43:a5:
53:07:d1:43:81:e2:ad:94:46:3c:59:a3:53:a0:7e:
d5:2e:ca:46:3c:56:d2:c8:06:dc:22:50:85:66:cf:
66:3a:dd:1f:8f:72:12:58:de:ad:a7:b5:63:e1:2f:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E1:2D:40:E6:1C:59:4E:F3:2C:D1:39:07:D7:78:B8:54:FF:F6:72
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/COEtQOYcWU7zLNE5B9d4uFT_9nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.12.0/22
185.73.100.0-185.73.111.255
185.167.184.0/22
217.75.214.0-217.75.217.255
IPv6:
2a03:4260::/29
Signature Algorithm: sha256WithRSAEncryption
60:93:43:b9:7c:fd:19:da:be:3f:8d:ed:3c:58:58:21:3a:83:
70:10:3d:2b:ce:46:02:af:2f:76:6b:8b:21:35:75:10:2e:da:
36:de:6c:c6:30:fd:d1:99:96:13:f4:90:49:67:11:14:6a:f7:
aa:01:6b:cf:e3:8f:69:37:29:b4:2c:87:11:59:2a:3e:2f:1f:
9f:67:fa:57:db:29:14:42:d6:f3:93:73:39:3f:65:d9:33:6d:
75:31:83:2c:aa:a1:67:46:bf:93:91:7a:c3:da:52:b5:81:7a:
c1:77:a1:cc:88:8a:e0:5f:d9:99:97:d9:a9:27:84:4e:09:ab:
3c:72:70:06:20:05:df:57:ff:8b:b7:2a:c3:30:f1:74:6d:3e:
50:74:d4:75:6b:74:d6:1c:2b:90:85:20:19:5a:c1:22:58:4d:
ac:b8:55:ad:50:32:00:92:0c:17:ae:5e:45:40:51:42:76:be:
43:c0:ec:ba:f7:20:1d:f1:6b:47:28:7d:4b:96:93:4d:fc:7e:
74:bb:76:64:18:e9:d2:c0:65:a9:96:2d:12:31:8c:36:7e:98:
6b:e6:f0:61:c1:95:6f:ef:df:e8:fb:fc:02:94:27:f3:3c:c1:
a6:7b:6f:96:0b:e1:55:bf:b1:93:fc:f4:d2:00:ba:28:37:3b:
06:79:fb:02
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYsD5yyB0sI7VyjVOMtGGi03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMxMDA2MDczMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGUxMmQ0MGU2MWM1OTRlZjMyY2QxMzkwN2Q3NzhiODU0ZmZmNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhT32niosKVKHPDph09H2FPJ1XNMj
0HKdDa7RvaUkkV1e+MP3mKsC4d+tXMEl/Ox3lYSzrFDaFPmNoOM2ykamFRCsK/4q
49XLXlWZ7ProT8nE3hLt3zYHtFSR75Cpe5fOkqbwO3tAWGf7uKIA8t3p+iLdIPQf
u89/0lUxuhLKDOisIOqd0+snep1z9riMMYE+xza4JCksKshLJXnwQ16xENSAVzJo
H01bSYSr1O44DfO0q4/PLDcBOh4cW0BMn7wJp7fBKpHlYpuTZIbUnEtCQ6VTB9FD
geKtlEY8WaNToH7VLspGPFbSyAbcIlCFZs9mOt0fj3ISWN6tp7Vj4S+X7wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAjhLUDmHFlO8yzROQfXeLhU//ZyMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvQ09FdFFPWWNXVTd6TE5FNUI5ZDR1RlRfOW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQCBbcMMAwD
BAK5SWQDBAS5SWADBAK5p7gwDAMEAdlL1gMEAdlL2DANBAIAAjAHAwUDKgNCYDAN
BgkqhkiG9w0BAQsFAAOCAQEAYJNDuXz9Gdq+P43tPFhYITqDcBA9K85GAq8vdmuL
ITV1EC7aNt5sxjD90ZmWE/SQSWcRFGr3qgFrz+OPaTcptCyHEVkqPi8fn2f6V9sp
FELW85NzOT9l2TNtdTGDLKqhZ0a/k5F6w9pStYF6wXehzIiK4F/ZmZfZqSeETgmr
PHJwBiAF31f/i7cqwzDxdG0+UHTUdWt01hwrkIUgGVrBIlhNrLhVrVAyAJIMF65e
RUBRQna+Q8DsuvcgHfFrRyh9S5aTTfx+dLt2ZBjp0sBlqZYtEjGMNn6Ya+bwYcGV
b+/f6Pv8ApQn8zzBpntvlgvhVb+xk/z00gC6KDc7Bnn7Ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:32 2024 by rpki-client on console-fra.rpki-client.org