Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/O_x20RnDp_q39oc1rOqQjNnIGlc.roa
File: O_x20RnDp_q39oc1rOqQjNnIGlc.roa (raw, json)
Hash identifier: wgneke2PqEB9o3HfGR1TkSNP27NCiUhnHJVZZ2OV3po=
Subject key identifier: 3B:FC:76:D1:19:C3:A7:FA:B7:F6:87:35:AC:EA:90:8C:D9:C8:1A:57
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 018C7F22F38B707516829EA73CA910AD5827
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/O_x20RnDp_q39oc1rOqQjNnIGlc.roa
Signing time: Mon 18 Dec 2023 22:54:06 +0000
ROA not before: Mon 18 Dec 2023 22:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8916
IP address blocks: 213.5.88.0/21 maxlen: 21
188.246.192.0/19 maxlen: 19
185.87.56.0/22 maxlen: 22
193.108.199.0/24 maxlen: 24
185.56.44.0/22 maxlen: 22
2a03:9800::/29 maxlen: 29
2001:67c:1b8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7f:22:f3:8b:70:75:16:82:9e:a7:3c:a9:10:ad:58:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Dec 18 22:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bfc76d119c3a7fab7f68735acea908cd9c81a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9c:df:d7:ad:7b:be:ed:1e:bc:4b:80:22:b0:
e1:fb:b0:a4:f0:ff:38:e6:db:e4:e9:4f:c2:a5:54:
dc:7a:7f:db:4d:3c:15:21:ef:90:aa:55:ff:34:d4:
77:aa:4f:22:97:07:b0:b9:70:df:48:2e:f1:96:84:
40:df:f7:20:97:3d:8c:21:32:53:8f:ef:56:c9:76:
cd:a4:48:e2:c5:0a:28:5c:d4:53:71:c5:ce:a1:c6:
39:94:fe:80:aa:cc:73:32:a5:81:39:95:d3:31:b5:
99:d6:1b:97:12:e3:87:f1:b4:bb:7a:e9:80:4d:05:
04:d9:84:ab:a2:9d:8e:b1:26:ec:bd:cc:96:07:0d:
06:db:f9:b8:0c:ff:f2:05:25:54:13:eb:fa:b6:c7:
79:9a:8d:58:0c:47:20:da:5e:0e:ea:06:91:88:fe:
19:0a:14:18:81:2e:2e:94:97:86:1f:da:ca:39:f7:
4e:0b:64:35:7c:ed:77:82:69:1c:d5:4a:4f:9b:49:
ce:d0:aa:14:f9:88:e2:64:2d:d1:fd:6d:df:28:40:
21:43:ce:2f:b8:45:9c:70:0f:c3:8f:45:b9:37:d3:
a0:59:85:e4:f8:1a:24:43:5d:2c:1c:4e:d1:a1:16:
97:b2:e5:07:6d:77:c1:7a:86:37:73:e8:be:98:7b:
6d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FC:76:D1:19:C3:A7:FA:B7:F6:87:35:AC:EA:90:8C:D9:C8:1A:57
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/O_x20RnDp_q39oc1rOqQjNnIGlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.44.0/22
185.87.56.0/22
188.246.192.0/19
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
45:a7:01:e5:fa:b9:73:f3:6c:40:36:cf:56:d3:0a:81:95:37:
42:86:c7:8a:27:d9:f9:d3:49:0d:fe:7f:e6:8b:34:6a:3c:c4:
3a:dc:bb:d1:ae:0f:f1:b1:2e:ad:e7:f5:f8:50:59:c4:1a:87:
2b:fe:0e:f7:13:27:00:f6:26:f4:44:d0:d6:c0:aa:47:e2:f1:
7e:dd:39:06:0a:2e:a6:1b:d6:47:d1:d8:db:51:0e:b5:14:2d:
be:4a:0f:52:40:e1:2c:ad:b5:ac:96:5e:cb:11:0b:d9:0f:74:
b8:bc:2b:5d:a0:c2:3e:59:de:75:0d:95:bd:3c:55:b4:a8:4f:
66:29:fd:d8:c9:45:ef:b1:c7:b4:1c:fb:95:ee:47:b5:bd:bb:
02:a8:d3:7f:62:f5:b5:bb:f5:c7:12:1c:37:01:8d:12:65:55:
04:21:7b:8c:31:32:1a:4d:a9:86:30:97:b3:cb:e1:9d:53:da:
65:d1:ab:8c:d2:46:44:1e:9a:61:70:35:55:71:4d:d8:77:ae:
80:f7:d2:1e:bf:1e:8f:44:7d:c5:92:23:38:b9:0b:b7:49:1d:
ed:2d:14:19:2b:0e:21:ce:6c:66:e1:f9:95:ab:07:07:dd:27:
4b:04:0e:56:5a:10:c0:63:56:26:2d:ed:66:a3:b4:7a:fd:9a:
a2:f2:25:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYx/IvOLcHUWgp6nPKkQrVgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjMxMjE4MjI1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZjNzZkMTE5YzNhN2ZhYjdmNjg3MzVhY2VhOTA4Y2Q5YzgxYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5zf1617vu0evEuAIrDh+7Ck8P84
5tvk6U/CpVTcen/bTTwVIe+QqlX/NNR3qk8ilwewuXDfSC7xloRA3/cglz2MITJT
j+9WyXbNpEjixQooXNRTccXOocY5lP6AqsxzMqWBOZXTMbWZ1huXEuOH8bS7eumA
TQUE2YSrop2OsSbsvcyWBw0G2/m4DP/yBSVUE+v6tsd5mo1YDEcg2l4O6gaRiP4Z
ChQYgS4ulJeGH9rKOfdOC2Q1fO13gmkc1UpPm0nO0KoU+YjiZC3R/W3fKEAhQ84v
uEWccA/Dj0W5N9OgWYXk+BokQ10sHE7RoRaXsuUHbXfBeoY3c+i+mHtt3QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDv8dtEZw6f6t/aHNazqkIzZyBpXMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvT194MjBSbkRwX3EzOW9jMXJPcVFqTm5JR2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCuTgsAwQC
uVc4AwQFvPbAAwQAwWzHAwQD1QVYMBYEAgACMBADBwAgAQZ8AbgDBQMqA5gAMA0G
CSqGSIb3DQEBCwUAA4IBAQBFpwHl+rlz82xANs9W0wqBlTdChseKJ9n500kN/n/m
izRqPMQ63LvRrg/xsS6t5/X4UFnEGocr/g73EycA9ib0RNDWwKpH4vF+3TkGCi6m
G9ZH0djbUQ61FC2+Sg9SQOEsrbWsll7LEQvZD3S4vCtdoMI+Wd51DZW9PFW0qE9m
Kf3YyUXvsce0HPuV7ke1vbsCqNN/YvW1u/XHEhw3AY0SZVUEIXuMMTIaTamGMJez
y+GdU9pl0auM0kZEHpphcDVVcU3Yd66A99Ievx6PRH3FkiM4uQu3SR3tLRQZKw4h
zmxm4fmVqwcH3SdLBA5WWhDAY1YmLe1mo7R6/Zqi8iUJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:39 2024 by rpki-client on console-ams.rpki-client.org