Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O2e7IuvtTWOzN1LcEcsOlPW4LzI.roa
File: O2e7IuvtTWOzN1LcEcsOlPW4LzI.roa (raw, json)
Hash identifier: 3QdCJAjiW2uzwrQfLHe+A/lTJdXfiOXIESKy6uS6zQs=
Subject key identifier: 3B:67:BB:22:EB:ED:4D:63:B3:37:52:DC:11:CB:0E:94:F5:B8:2F:32
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018CA3219D1D4D8992C80F4A5CEE8D887F96
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O2e7IuvtTWOzN1LcEcsOlPW4LzI.roa
Signing time: Mon 25 Dec 2023 22:38:58 +0000
ROA not before: Mon 25 Dec 2023 22:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 185.169.182.0/24 maxlen: 24
45.133.37.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 10:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a3:21:9d:1d:4d:89:92:c8:0f:4a:5c:ee:8d:88:7f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Dec 25 22:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b67bb22ebed4d63b33752dc11cb0e94f5b82f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:47:5f:46:cc:71:95:54:a8:ae:a0:77:55:7e:
18:60:75:4a:21:07:c1:96:01:5f:0d:bd:db:0f:73:
5f:99:df:ad:a6:84:c3:eb:8c:61:1f:e5:04:a7:af:
37:54:e1:a0:d3:26:91:bc:49:3e:75:7e:3c:1a:dc:
53:81:3d:f2:61:3f:2a:0d:d1:fa:df:08:df:64:51:
44:75:7a:cd:3d:62:80:79:60:e3:51:d0:25:ac:f1:
f4:04:b0:b2:29:66:32:e6:5e:51:57:35:59:e2:dc:
e5:44:f6:7d:dc:e4:9f:9c:f6:9a:81:30:b7:94:70:
91:3d:28:4c:84:6a:e1:14:d0:dd:95:09:15:5a:08:
59:a6:85:44:ec:5d:5b:f4:40:1c:01:f5:db:b8:9a:
bc:f3:77:0f:87:b8:14:3d:57:ea:15:9b:44:0d:10:
b9:ff:86:b6:d0:3e:cc:47:f2:2b:fa:fc:7d:36:1c:
64:48:82:4a:19:82:97:49:3c:57:f7:92:a3:44:3b:
95:09:04:da:6d:0a:29:8d:22:b1:1c:d4:89:13:99:
b6:bf:f4:9d:63:3f:88:64:43:22:54:9d:a8:14:5d:
50:2f:c0:0c:3e:6b:aa:2d:eb:6a:ba:12:dc:89:19:
d0:58:1b:a9:1a:9f:d1:b8:b9:5b:73:99:ea:fc:b1:
ba:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:67:BB:22:EB:ED:4D:63:B3:37:52:DC:11:CB:0E:94:F5:B8:2F:32
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O2e7IuvtTWOzN1LcEcsOlPW4LzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.37.0/24
185.169.182.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
05:28:d3:32:97:52:d2:0a:6e:4e:75:f6:5e:10:fc:31:a4:42:
8a:14:29:e7:6f:79:d9:d1:4f:4c:6c:9e:ec:e5:28:80:d9:50:
c7:46:92:61:57:1d:50:d5:c6:e7:43:1a:7a:ae:7e:93:49:20:
17:4f:0f:f7:2a:30:f0:d0:31:4d:d0:15:5f:14:f2:e4:f1:75:
50:75:c9:31:84:8f:5f:8b:90:db:52:ba:98:4f:94:2b:6c:b9:
da:e6:35:6d:b5:f7:87:12:06:b4:32:72:cc:6d:da:44:b3:a5:
95:2c:9f:f1:c9:00:11:a6:8a:d9:28:f4:d8:b8:7f:e3:68:4f:
86:0a:88:92:5d:66:ca:86:a9:67:8b:6b:a4:3b:1e:cc:b7:07:
20:29:3b:da:80:3b:3f:0f:70:af:19:3a:a4:b1:6e:7f:e1:f9:
c4:03:30:e4:84:df:81:5b:e7:c1:39:a8:a0:37:40:53:d3:e5:
0e:3d:d4:48:ee:75:65:3d:fe:70:5d:7c:1b:fa:0e:58:ec:8f:
c6:cb:0c:2d:6c:f4:10:e8:92:b8:32:ea:73:e6:35:09:ad:60:
f1:62:a3:da:ea:82:44:35:bc:3a:08:ae:6c:31:9b:34:d1:50:
88:1e:51:65:c8:ed:b9:b1:6e:71:ee:d6:c0:91:51:b0:b8:49:
43:4f:67:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyjIZ0dTYmSyA9KXO6NiH+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMxMjI1MjIzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY3YmIyMmViZWQ0ZDYzYjMzNzUyZGMxMWNiMGU5NGY1YjgyZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0dfRsxxlVSorqB3VX4YYHVKIQfB
lgFfDb3bD3Nfmd+tpoTD64xhH+UEp683VOGg0yaRvEk+dX48GtxTgT3yYT8qDdH6
3wjfZFFEdXrNPWKAeWDjUdAlrPH0BLCyKWYy5l5RVzVZ4tzlRPZ93OSfnPaagTC3
lHCRPShMhGrhFNDdlQkVWghZpoVE7F1b9EAcAfXbuJq883cPh7gUPVfqFZtEDRC5
/4a20D7MR/Ir+vx9NhxkSIJKGYKXSTxX95KjRDuVCQTabQopjSKxHNSJE5m2v/Sd
Yz+IZEMiVJ2oFF1QL8AMPmuqLetquhLciRnQWBupGp/RuLlbc5nq/LG6TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDtnuyLr7U1jszdS3BHLDpT1uC8yMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvTzJlN0l1dnRUV096TjFMY0Vjc09sUFc0THpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYUlAwQA
uam2AwQAua4UMA0GCSqGSIb3DQEBCwUAA4IBAQAFKNMyl1LSCm5OdfZeEPwxpEKK
FCnnb3nZ0U9MbJ7s5SiA2VDHRpJhVx1Q1cbnQxp6rn6TSSAXTw/3KjDw0DFN0BVf
FPLk8XVQdckxhI9fi5DbUrqYT5QrbLna5jVttfeHEga0MnLMbdpEs6WVLJ/xyQAR
porZKPTYuH/jaE+GCoiSXWbKhqlni2ukOx7MtwcgKTvagDs/D3CvGTqksW5/4fnE
AzDkhN+BW+fBOaigN0BT0+UOPdRI7nVlPf5wXXwb+g5Y7I/GywwtbPQQ6JK4Mupz
5jUJrWDxYqPa6oJENbw6CK5sMZs00VCIHlFlyO25sW5x7tbAkVGwuElDT2ck
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org