Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/59OMJ4snYYQXszXRynz955wnviQ.roa
File: 59OMJ4snYYQXszXRynz955wnviQ.roa (raw, json)
Hash identifier: AcOysxXNac6B0O7fQd3U6P9lT7m6tSpcEJKIsZ3NcF8=
Subject key identifier: E7:D3:8C:27:8B:27:61:84:17:B3:35:D1:CA:7C:FD:E7:9C:27:BE:24
Certificate issuer: /CN=f18053ea7f3ab79a75e8f875386775551ef75739
Certificate serial: 01856ECB969FF64DF8B5C5C8B8401DFF9147
Authority key identifier: F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/59OMJ4snYYQXszXRynz955wnviQ.roa
Signing time: Sun 01 Jan 2023 19:25:14 +0000
ROA not before: Sun 01 Jan 2023 19:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15401
IP address blocks: 185.3.64.0/22 maxlen: 24
178.237.96.0/20 maxlen: 24
31.193.48.0/21 maxlen: 24
2a00:4280::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:96:9f:f6:4d:f8:b5:c5:c8:b8:40:1d:ff:91:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f18053ea7f3ab79a75e8f875386775551ef75739
Validity
Not Before: Jan 1 19:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d38c278b27618417b335d1ca7cfde79c27be24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:46:e8:ea:51:17:ea:38:14:92:1a:c9:6f:
ff:bb:e1:07:5e:91:75:69:c5:22:aa:52:c2:15:06:
fe:cb:2e:a5:a6:2e:69:34:80:82:57:15:f9:19:aa:
d5:02:08:57:45:5b:d8:ea:18:0e:5d:4c:01:ea:5f:
c5:a2:5f:b1:48:e8:5b:51:96:69:51:3d:31:1a:7e:
a9:cd:50:43:2c:2c:1f:af:36:34:47:b0:c3:52:45:
72:52:a6:db:93:7a:f3:6e:2e:3e:5f:e5:72:a8:2e:
98:b7:90:c1:6a:4d:1a:ec:54:43:f0:c4:db:a9:40:
e2:09:45:72:dd:c4:2b:10:0e:af:39:17:6c:5f:b0:
cd:29:22:6b:66:3f:ba:2c:98:5f:1d:76:4c:4c:74:
83:45:a1:20:a2:c4:5c:39:04:6e:bd:21:8a:55:84:
f7:1e:87:00:e5:d3:0b:08:fb:25:91:1d:52:22:b4:
c0:d3:2e:2f:29:d6:cb:e4:ec:fa:88:5d:a0:78:05:
02:90:2a:35:f1:72:6b:7c:a5:d5:69:e9:a9:f8:a2:
45:54:5f:61:44:2b:37:85:04:d9:aa:05:88:c2:00:
21:22:05:d2:d9:4f:16:45:d4:0f:87:60:41:47:68:
d6:e8:17:e9:b0:2c:2e:53:33:96:89:58:c4:3b:05:
5d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D3:8C:27:8B:27:61:84:17:B3:35:D1:CA:7C:FD:E7:9C:27:BE:24
X509v3 Authority Key Identifier:
keyid:F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/59OMJ4snYYQXszXRynz955wnviQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/8YBT6n86t5p16Ph1OGd1VR73Vzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.48.0/21
178.237.96.0/20
185.3.64.0/22
IPv6:
2a00:4280::/32
Signature Algorithm: sha256WithRSAEncryption
3b:b0:30:e9:9f:f8:d3:88:26:6b:68:44:e0:e1:32:ca:63:b2:
41:de:98:7b:d9:d4:85:be:a4:8a:30:7e:55:9b:d8:cb:c4:59:
71:e5:5f:39:ab:f1:63:c5:ed:01:f8:0d:77:39:87:85:2f:62:
d2:a0:1f:e3:19:29:2d:76:66:67:f0:cd:09:89:2e:e7:01:5c:
53:a4:a3:ad:60:4a:48:4d:af:f4:24:ed:74:6f:ea:f4:18:e2:
5a:c2:fc:3f:b9:88:39:a7:d4:a1:74:2a:1e:7a:1e:46:9e:c5:
2d:9b:51:a4:bb:d2:56:fd:3f:5a:48:d6:d6:8a:74:6c:45:30:
81:8f:d7:6c:bc:56:46:bb:99:18:cc:45:d7:2f:25:0f:7e:da:
24:4d:81:9b:f5:4e:b8:0a:b1:9e:c7:96:e3:d1:a2:92:1a:b8:
8e:62:15:91:a3:48:9f:10:5c:14:be:4e:87:6c:9a:b9:99:91:
4e:14:f6:b0:70:4f:40:dd:39:24:df:8c:86:e2:51:a4:eb:95:
69:bb:a6:9a:bc:93:47:06:f4:3e:6e:4b:9b:3e:ff:22:78:63:
96:40:ed:6f:c7:ea:9c:10:fd:58:22:36:b7:8d:13:47:90:c8:
b4:18:d9:68:f9:7a:2b:e0:51:65:44:3a:7f:d9:33:2c:74:00:
4f:d1:b0:b2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuy5af9k34tcXIuEAd/5FHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxODA1M2VhN2YzYWI3OWE3NWU4Zjg3NTM4Njc3NTU1MWVm
NzU3MzkwHhcNMjMwMTAxMTkyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QzOGMyNzhiMjc2MTg0MTdiMzM1ZDFjYTdjZmRlNzljMjdiZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskhG6OpRF+o4FJIayW//u+EHXpF1
acUiqlLCFQb+yy6lpi5pNICCVxX5GarVAghXRVvY6hgOXUwB6l/Fol+xSOhbUZZp
UT0xGn6pzVBDLCwfrzY0R7DDUkVyUqbbk3rzbi4+X+VyqC6Yt5DBak0a7FRD8MTb
qUDiCUVy3cQrEA6vORdsX7DNKSJrZj+6LJhfHXZMTHSDRaEgosRcOQRuvSGKVYT3
HocA5dMLCPslkR1SIrTA0y4vKdbL5Oz6iF2geAUCkCo18XJrfKXVaemp+KJFVF9h
RCs3hQTZqgWIwgAhIgXS2U8WRdQPh2BBR2jW6BfpsCwuUzOWiVjEOwVdfwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOfTjCeLJ2GEF7M10cp8/eecJ74kMB8GA1UdIwQY
MBaAFPGAU+p/Oreadej4dThndVUe91c5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEt
NzQ3Y2VkMGI3NDg2LzEvNTlPTUo0c25ZWVFYc3pYUnluejk1NXdudmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEtNzQ3Y2VkMGI3NDg2
LzEvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH8EwAwQE
su1gAwQCuQNAMA0EAgACMAcDBQAqAEKAMA0GCSqGSIb3DQEBCwUAA4IBAQA7sDDp
n/jTiCZraETg4TLKY7JB3ph72dSFvqSKMH5Vm9jLxFlx5V85q/Fjxe0B+A13OYeF
L2LSoB/jGSktdmZn8M0JiS7nAVxTpKOtYEpITa/0JO10b+r0GOJawvw/uYg5p9Sh
dCoeeh5GnsUtm1Gku9JW/T9aSNbWinRsRTCBj9dsvFZGu5kYzEXXLyUPftokTYGb
9U64CrGex5bj0aKSGriOYhWRo0ifEFwUvk6HbJq5mZFOFPawcE9A3Tkk34yG4lGk
65Vpu6aavJNHBvQ+bkubPv8ieGOWQO1vx+qcEP1YIja3jRNHkMi0GNlo+Xor4FFl
RDp/2TMsdABP0bCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:38 2024 by rpki-client on console-fra.rpki-client.org