Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/beO1O8Yl_a_IVvsnSJkFxqfTdTo.roa
File: beO1O8Yl_a_IVvsnSJkFxqfTdTo.roa (raw, json)
Hash identifier: qYmPUAJUsiJQxg1B3NDS2mfWf72LydSCVB0O29wD5UY=
Subject key identifier: 6D:E3:B5:3B:C6:25:FD:AF:C8:56:FB:27:48:99:05:C6:A7:D3:75:3A
Certificate issuer: /CN=0acf3dccea317e35e70541a48b2586a4d32bd94c
Certificate serial: 018BD27927BED063E071FE4A78204D842863
Authority key identifier: 0A:CF:3D:CC:EA:31:7E:35:E7:05:41:A4:8B:25:86:A4:D3:2B:D9:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/beO1O8Yl_a_IVvsnSJkFxqfTdTo.roa
Signing time: Wed 15 Nov 2023 10:13:57 +0000
ROA not before: Wed 15 Nov 2023 10:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12759
IP address blocks: 188.126.160.0/19 maxlen: 19
78.153.64.0/20 maxlen: 20
185.128.216.0/22 maxlen: 22
212.16.224.0/19 maxlen: 19
78.153.80.0/20 maxlen: 20
2a01:3d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:79:27:be:d0:63:e0:71:fe:4a:78:20:4d:84:28:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0acf3dccea317e35e70541a48b2586a4d32bd94c
Validity
Not Before: Nov 15 10:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6de3b53bc625fdafc856fb27489905c6a7d3753a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:95:b6:bb:f1:91:48:8a:51:30:73:88:f3:16:
d0:43:56:83:a6:1a:9f:64:47:03:25:08:09:b6:c2:
d1:c7:d0:28:46:3d:d0:22:9e:80:12:01:87:e0:4e:
42:fb:ed:1f:92:fd:67:3d:a0:9e:57:49:72:b9:a3:
23:29:12:e8:63:78:a9:99:19:f8:f1:a2:dc:a1:e6:
fa:17:58:fd:dc:5f:bc:dd:c1:4c:6b:dc:c1:7b:9a:
c7:a9:33:84:86:03:61:c3:0b:4f:d1:d0:cb:72:9b:
ea:d1:57:f1:e1:bf:70:91:2a:d4:d2:94:a0:49:46:
40:c1:aa:56:0a:53:83:6a:2b:7b:53:72:71:98:55:
52:dc:9f:12:1b:b4:5e:1b:70:38:c0:9d:1c:76:99:
e1:52:f2:1b:e7:33:68:f7:72:37:c9:d1:f7:38:d6:
c0:00:74:75:ee:e0:db:e7:7c:2c:3c:23:e8:f0:3b:
bf:7c:d5:17:b7:78:ca:46:1c:e3:be:6e:2a:4b:48:
da:fd:ed:2b:7b:aa:85:cb:6c:68:30:5d:24:59:2a:
64:8c:83:56:ca:00:3f:c1:99:08:ac:6f:c1:9f:39:
0f:f0:bb:0f:9e:b2:07:1b:a1:64:b6:bf:33:5f:b3:
d3:21:9d:d0:c4:e5:d1:02:56:b9:c7:4d:c3:47:4d:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E3:B5:3B:C6:25:FD:AF:C8:56:FB:27:48:99:05:C6:A7:D3:75:3A
X509v3 Authority Key Identifier:
keyid:0A:CF:3D:CC:EA:31:7E:35:E7:05:41:A4:8B:25:86:A4:D3:2B:D9:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/beO1O8Yl_a_IVvsnSJkFxqfTdTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.64.0/19
185.128.216.0/22
188.126.160.0/19
212.16.224.0/19
IPv6:
2a01:3d8::/32
Signature Algorithm: sha256WithRSAEncryption
59:5a:00:04:77:b5:66:81:1a:33:c0:d8:b3:63:84:91:71:9f:
07:dd:54:0e:b7:ed:68:46:89:bd:1f:bd:aa:7e:c5:0c:62:7b:
f3:3c:2a:9e:58:da:a7:54:c7:4f:d7:6b:c8:8c:e7:e6:42:e4:
f1:87:94:cc:3e:58:78:e1:34:89:9a:fe:82:b2:58:c2:b9:fd:
16:16:8b:41:b0:4a:11:af:7c:8c:f5:ee:b7:97:a5:7d:e2:65:
8a:56:58:71:af:4c:33:44:e8:c6:b6:c3:3a:2e:77:0e:ec:fc:
ef:70:d8:f6:0b:14:c5:c7:0c:43:9e:4a:81:d4:8d:c4:b2:f8:
8f:1f:8e:c4:a5:3b:47:c4:f0:6b:b9:e4:1c:5c:01:e5:49:56:
1e:a1:30:20:07:77:a0:28:d1:78:64:c7:4f:24:0e:25:0e:54:
5c:64:53:b8:cc:ff:d4:47:bb:88:7b:fc:4a:f9:07:72:da:43:
7e:29:a9:13:4a:fa:2d:3a:80:dd:7a:21:31:d9:41:c1:26:62:
aa:cd:33:6a:7f:4b:1d:a5:33:db:53:82:89:4e:a0:aa:1f:2f:
c6:07:e7:1f:90:24:71:b6:30:35:d1:59:bd:b7:28:4d:13:e4:
69:92:85:41:5d:c1:00:5e:61:9d:1d:3f:ce:c3:be:37:67:ec:
c0:55:79:39
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYvSeSe+0GPgcf5KeCBNhChjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhY2YzZGNjZWEzMTdlMzVlNzA1NDFhNDhiMjU4NmE0ZDMy
YmQ5NGMwHhcNMjMxMTE1MTAxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUzYjUzYmM2MjVmZGFmYzg1NmZiMjc0ODk5MDVjNmE3ZDM3NTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJW2u/GRSIpRMHOI8xbQQ1aDphqf
ZEcDJQgJtsLRx9AoRj3QIp6AEgGH4E5C++0fkv1nPaCeV0lyuaMjKRLoY3ipmRn4
8aLcoeb6F1j93F+83cFMa9zBe5rHqTOEhgNhwwtP0dDLcpvq0Vfx4b9wkSrU0pSg
SUZAwapWClODait7U3JxmFVS3J8SG7ReG3A4wJ0cdpnhUvIb5zNo93I3ydH3ONbA
AHR17uDb53wsPCPo8Du/fNUXt3jKRhzjvm4qS0ja/e0re6qFy2xoMF0kWSpkjINW
ygA/wZkIrG/BnzkP8LsPnrIHG6Fktr8zX7PTIZ3QxOXRAla5x03DR00e8wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG3jtTvGJf2vyFb7J0iZBcan03U6MB8GA1UdIwQY
MBaAFArPPczqMX415wVBpIslhqTTK9lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3M4OXpPb3hmalhuQlVHa2l5V0dwTk1yMlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yMWJiZjctY2JmMi00MTk4LWFmY2Mt
NGJlNGRkNmNkMmVjLzEvYmVPMU84WWxfYV9JVnZzblNKa0Z4cWZUZFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yMWJiZjctY2JmMi00MTk4LWFmY2MtNGJlNGRkNmNkMmVj
LzEvQ3M4OXpPb3hmalhuQlVHa2l5V0dwTk1yMlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFTplAAwQC
uYDYAwQFvH6gAwQF1BDgMA0EAgACMAcDBQAqAQPYMA0GCSqGSIb3DQEBCwUAA4IB
AQBZWgAEd7VmgRozwNizY4SRcZ8H3VQOt+1oRom9H72qfsUMYnvzPCqeWNqnVMdP
12vIjOfmQuTxh5TMPlh44TSJmv6CsljCuf0WFotBsEoRr3yM9e63l6V94mWKVlhx
r0wzROjGtsM6LncO7PzvcNj2CxTFxwxDnkqB1I3EsviPH47EpTtHxPBrueQcXAHl
SVYeoTAgB3egKNF4ZMdPJA4lDlRcZFO4zP/UR7uIe/xK+Qdy2kN+KakTSvotOoDd
eiEx2UHBJmKqzTNqf0sdpTPbU4KJTqCqHy/GB+cfkCRxtjA10Vm9tyhNE+RpkoVB
XcEAXmGdHT/Ow743Z+zAVXk5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:15 2024 by rpki-client on console-fra.rpki-client.org