Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/4OcyKg_NNtu3mOJc3t1uk80LpnU.roa
File: 4OcyKg_NNtu3mOJc3t1uk80LpnU.roa (raw, json)
Hash identifier: ejqUv9Q/xKqOtHTFaUyMzSd72zrP43a19gZxG0AFzSM=
Subject key identifier: E0:E7:32:2A:0F:CD:36:DB:B7:98:E2:5C:DE:DD:6E:93:CD:0B:A6:75
Certificate issuer: /CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Certificate serial: 01875AD330B4298B635C9F8A0AA26B750D2A
Authority key identifier: 07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/4OcyKg_NNtu3mOJc3t1uk80LpnU.roa
Signing time: Fri 07 Apr 2023 08:26:42 +0000
ROA not before: Fri 07 Apr 2023 08:26:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8856
IP address blocks: 195.214.192.0/24 maxlen: 24
195.214.194.0/24 maxlen: 24
195.214.193.0/24 maxlen: 24
195.214.195.0/24 maxlen: 24
212.42.79.0/24 maxlen: 24
212.42.81.0/24 maxlen: 24
212.42.80.0/22 maxlen: 22
212.42.80.0/24 maxlen: 24
212.42.82.0/23 maxlen: 23
212.42.84.0/24 maxlen: 24
212.42.85.0/24 maxlen: 24
212.42.89.0/24 maxlen: 24
212.42.93.0/24 maxlen: 24
212.42.92.0/24 maxlen: 24
212.42.95.0/24 maxlen: 24
212.42.94.0/23 maxlen: 23
212.42.94.0/24 maxlen: 24
212.42.64.0/24 maxlen: 24
212.42.64.0/22 maxlen: 22
212.42.64.0/23 maxlen: 23
212.42.65.0/24 maxlen: 24
212.42.66.0/23 maxlen: 23
212.42.74.0/23 maxlen: 23
212.42.73.0/24 maxlen: 24
212.42.76.0/24 maxlen: 24
212.42.76.0/23 maxlen: 23
212.42.77.0/24 maxlen: 24
212.42.78.0/23 maxlen: 23
212.42.78.0/24 maxlen: 24
212.42.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Apr 2023 09:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:d3:30:b4:29:8b:63:5c:9f:8a:0a:a2:6b:75:0d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Validity
Not Before: Apr 7 08:26:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0e7322a0fcd36dbb798e25cdedd6e93cd0ba675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:30:6f:2e:dd:13:b4:68:bf:41:7f:2a:37:
e7:55:57:ac:9f:ba:5c:dc:57:36:b6:ae:58:86:6b:
27:70:ea:55:e6:2d:5c:ed:96:98:d2:57:e1:69:b0:
30:61:8d:3b:e7:60:6d:12:3d:80:ca:32:e7:c0:dc:
a2:cd:e2:1e:a5:47:bd:98:aa:f9:a7:99:0b:4c:e4:
b9:0c:0a:0e:14:95:21:a2:20:1f:d0:9b:12:6c:cd:
cf:c0:6c:b1:29:7d:d6:41:28:e4:df:33:06:e9:c0:
ca:2d:c0:4e:3d:23:46:d1:e2:87:0e:01:d1:2a:9d:
e0:02:7d:d3:6f:06:d0:9f:b5:74:4b:fd:2a:fd:e1:
fa:38:27:fd:ff:38:ae:4c:26:05:fb:27:83:4a:67:
a1:41:64:76:d8:de:37:3b:ee:5c:29:5a:ec:9c:c8:
7b:f1:1f:96:8a:f8:aa:35:2c:b4:07:47:e6:19:51:
38:d1:21:4e:94:8d:51:9a:5b:c9:ab:e8:52:37:01:
f8:cc:a2:c3:45:f0:59:ac:f0:d6:51:9c:38:ec:d7:
9a:67:ca:2f:1a:dc:cb:f3:c1:6a:ff:59:81:e7:2c:
74:69:79:69:6b:cf:ff:1b:37:a5:84:c7:39:7c:52:
32:ba:58:db:06:5c:67:98:b5:d9:d7:e3:b3:88:1e:
ee:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E7:32:2A:0F:CD:36:DB:B7:98:E2:5C:DE:DD:6E:93:CD:0B:A6:75
X509v3 Authority Key Identifier:
keyid:07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/4OcyKg_NNtu3mOJc3t1uk80LpnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.192.0/22
212.42.64.0/22
212.42.72.0-212.42.85.255
212.42.89.0/24
212.42.92.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a5:86:0e:23:9f:43:ac:ef:5f:88:2f:17:49:7d:2d:b1:48:
68:35:89:9c:65:54:bf:53:b9:c4:36:4e:ef:9a:b6:90:7f:d6:
8a:1a:73:62:ab:f1:45:9d:49:81:2d:d1:47:fb:70:61:6c:f8:
bf:d1:5e:79:43:38:7e:f3:81:3a:10:d8:fa:11:32:14:f8:b9:
d3:da:f3:9f:46:cd:fb:b4:e5:d4:83:3a:13:9b:66:e2:24:22:
a5:18:55:15:f2:34:95:fd:83:f7:03:28:83:84:f3:4a:fa:fe:
b8:b4:61:7e:ca:c1:d4:1c:75:11:01:dd:5a:79:e2:cc:ad:63:
35:f6:01:a7:35:b0:25:d8:d5:16:b6:55:b3:15:3a:fb:d0:55:
c3:96:76:6c:28:73:5c:e4:6d:23:bf:ff:ba:54:e9:5d:8f:fa:
90:84:d4:04:78:eb:76:db:04:86:de:59:89:d6:e0:14:7c:f4:
c3:f5:94:e0:f4:bb:76:b8:2a:59:d1:35:64:77:5f:2b:24:17:
57:63:41:bc:32:b8:8e:92:c7:36:2b:73:cc:b4:43:25:15:dd:
7d:7a:69:1e:9e:e8:21:3a:8b:46:45:19:c9:33:70:84:64:c5:
03:c1:c0:5c:c0:89:3a:11:74:07:a5:1f:c2:bc:73:f3:2b:20:
ab:7f:52:49
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYda0zC0KYtjXJ+KCqJrdQ0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDA4ZGY4YmM3YTM4M2U5NzZkYmIwM2QyYTBlYjlmZTBk
Nzg2ZTcwHhcNMjMwNDA3MDgyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU3MzIyYTBmY2QzNmRiYjc5OGUyNWNkZWRkNmU5M2NkMGJhNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyUwby7dE7Rov0F/KjfnVVesn7pc
3Fc2tq5YhmsncOpV5i1c7ZaY0lfhabAwYY0752BtEj2AyjLnwNyizeIepUe9mKr5
p5kLTOS5DAoOFJUhoiAf0JsSbM3PwGyxKX3WQSjk3zMG6cDKLcBOPSNG0eKHDgHR
Kp3gAn3TbwbQn7V0S/0q/eH6OCf9/ziuTCYF+yeDSmehQWR22N43O+5cKVrsnMh7
8R+WiviqNSy0B0fmGVE40SFOlI1RmlvJq+hSNwH4zKLDRfBZrPDWUZw47NeaZ8ov
GtzL88Fq/1mB5yx0aXlpa8//GzelhMc5fFIyuljbBlxnmLXZ1+OziB7u7wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFODnMioPzTbbt5jiXN7dbpPNC6Z1MB8GA1UdIwQY
MBaAFAfQjfi8ejg+l227A9Kg65/g14bnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYt
NTE0ODVmZTIyMmRiLzEvNE9jeUtnX05OdHUzbU9KYzN0MXVrODBMcG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYtNTE0ODVmZTIyMmRi
LzEvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCw9bAAwQC
1CpAMAwDBAPUKkgDBAHUKlQDBADUKlkDBALUKlwwDQYJKoZIhvcNAQELBQADggEB
AHClhg4jn0Os71+ILxdJfS2xSGg1iZxlVL9TucQ2Tu+atpB/1ooac2Kr8UWdSYEt
0Uf7cGFs+L/RXnlDOH7zgToQ2PoRMhT4udPa859Gzfu05dSDOhObZuIkIqUYVRXy
NJX9g/cDKIOE80r6/ri0YX7KwdQcdREB3Vp54sytYzX2Aac1sCXY1Ra2VbMVOvvQ
VcOWdmwoc1zkbSO//7pU6V2P+pCE1AR463bbBIbeWYnW4BR89MP1lOD0u3a4KlnR
NWR3XyskF1djQbwyuI6SxzYrc8y0QyUV3X16aR6e6CE6i0ZFGckzcIRkxQPBwFzA
iToRdAelH8K8c/MrIKt/Ukk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:26 2024 by rpki-client on console-fra.rpki-client.org