Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/O-7R3ysF_khsYb5Gor46FmBDLF0.roa
File: O-7R3ysF_khsYb5Gor46FmBDLF0.roa (raw, json)
Hash identifier: z+kOFO8BfYTeKo7JNPZqAXoVczTXBYStNcFmiyo2yy4=
Subject key identifier: 3B:EE:D1:DF:2B:05:FE:48:6C:61:BE:46:A2:BE:3A:16:60:43:2C:5D
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018B62580084235CFDB81915C6FCA7C72F1E
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/O-7R3ysF_khsYb5Gor46FmBDLF0.roa
Signing time: Tue 24 Oct 2023 15:40:16 +0000
ROA not before: Tue 24 Oct 2023 15:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216271
IP address blocks: 185.201.136.0/22 maxlen: 22
2a12:ec0::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a11:f240::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 26 Oct 2023 09:03:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:58:00:84:23:5c:fd:b8:19:15:c6:fc:a7:c7:2f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Oct 24 15:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3beed1df2b05fe486c61be46a2be3a1660432c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:a0:46:de:9d:9f:bb:d4:29:a7:9e:02:66:
af:c6:25:c9:6e:fe:92:eb:02:e1:d5:1c:19:f6:3d:
20:df:4a:07:54:39:83:86:24:5c:41:69:cf:b4:2d:
ad:fd:80:42:fa:36:7f:83:59:ae:79:55:6a:40:c1:
00:79:62:85:ba:6d:24:d4:d1:a7:f4:a6:05:c9:1d:
2f:6a:19:d1:28:5f:ad:2e:8d:52:67:63:76:93:04:
4b:b8:d4:88:7d:b2:7f:cb:89:be:2f:6d:67:27:33:
89:34:1f:69:94:e8:9d:63:dd:ce:e4:92:37:cf:3d:
26:1b:19:f9:d6:6c:b9:87:63:0f:94:69:34:3f:c3:
0a:0d:13:48:c2:b3:1e:23:4c:b7:de:7b:27:9c:41:
65:87:ce:72:89:9b:42:70:c2:7c:ea:5c:37:de:c3:
c3:39:9e:45:9c:f5:d9:90:5a:7c:4b:76:11:5d:2b:
ed:9f:da:67:fb:0d:06:6b:bf:59:d1:3b:99:13:f6:
4e:65:bf:9b:a5:bd:e8:d8:6e:e3:de:b6:b7:7f:23:
48:9c:a5:42:34:a7:61:28:ce:fe:36:a4:92:41:ad:
d2:f6:f9:5d:ff:1f:dd:f9:14:5e:95:be:2e:71:df:
10:bb:21:02:f6:eb:60:da:56:d8:44:78:fb:b9:1e:
2f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EE:D1:DF:2B:05:FE:48:6C:61:BE:46:A2:BE:3A:16:60:43:2C:5D
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/O-7R3ysF_khsYb5Gor46FmBDLF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.136.0/22
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:f240::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:0c:a2:2b:d4:3c:6a:46:96:d3:a5:95:c6:4a:fa:d2:53:4b:
8a:eb:f5:86:9a:1b:5e:de:5d:55:79:f3:68:33:01:c2:f5:70:
7c:c4:c8:22:38:19:ca:04:12:ab:f2:14:ed:c8:48:04:29:2b:
80:b1:50:fc:a0:68:f0:2a:14:91:15:8b:89:ea:db:f3:91:85:
7c:4d:47:14:64:d4:c9:48:b1:a9:8c:e9:5b:19:89:fd:47:93:
f9:89:f4:f0:37:9c:f4:d5:bc:f6:a0:73:80:3c:9b:03:62:9d:
2e:39:f8:61:f7:cb:58:ea:58:62:43:34:c9:38:53:a0:c0:6e:
82:7c:a4:4e:bd:ec:f9:3a:b3:bb:83:5c:fe:d8:8e:66:af:c3:
1f:a2:8d:8f:fb:e7:e8:86:b1:47:a3:a3:3c:58:2c:72:e6:42:
1c:ba:f9:ec:da:52:42:78:e5:42:14:d4:29:69:20:7d:ed:82:
25:f9:10:8e:c3:e7:98:65:6d:b3:27:b8:2e:93:1c:10:4e:99:
66:e7:c5:ee:26:08:c1:20:9c:8d:5d:b3:aa:41:eb:f8:a5:05:
ad:be:04:3b:6a:94:47:51:8f:4a:90:c6:e1:71:fb:26:ff:ef:
a9:6d:e3:6d:05:17:7b:78:41:95:d5:41:da:9c:31:c1:37:21:
3a:22:db:ba
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYtiWACEI1z9uBkVxvynxy8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjMxMDI0MTU0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVlZDFkZjJiMDVmZTQ4NmM2MWJlNDZhMmJlM2ExNjYwNDMyYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcWgRt6dn7vUKaeeAmavxiXJbv6S
6wLh1RwZ9j0g30oHVDmDhiRcQWnPtC2t/YBC+jZ/g1mueVVqQMEAeWKFum0k1NGn
9KYFyR0vahnRKF+tLo1SZ2N2kwRLuNSIfbJ/y4m+L21nJzOJNB9plOidY93O5JI3
zz0mGxn51my5h2MPlGk0P8MKDRNIwrMeI0y33nsnnEFlh85yiZtCcMJ86lw33sPD
OZ5FnPXZkFp8S3YRXSvtn9pn+w0Ga79Z0TuZE/ZOZb+bpb3o2G7j3ra3fyNInKVC
NKdhKM7+NqSSQa3S9vld/x/d+RRelb4ucd8QuyEC9utg2lbYRHj7uR4viQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDvu0d8rBf5IbGG+RqK+OhZgQyxdMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTy03UjN5c0Zfa2hzWWI1R29yNDZGbUJETEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAMBAIAATAGAwQCucmIMEwE
AgACMEYDBQMqCuLAAwUDKg53gAMFAyoP4AADBQMqEfJAAwUDKhIOwAMFAyoSGQAD
BQMqEijAAwUDKhJrgAMFAyoTugADBQMqE9rAMA0GCSqGSIb3DQEBCwUAA4IBAQCM
DKIr1DxqRpbTpZXGSvrSU0uK6/WGmhte3l1VefNoMwHC9XB8xMgiOBnKBBKr8hTt
yEgEKSuAsVD8oGjwKhSRFYuJ6tvzkYV8TUcUZNTJSLGpjOlbGYn9R5P5ifTwN5z0
1bz2oHOAPJsDYp0uOfhh98tY6lhiQzTJOFOgwG6CfKROvez5OrO7g1z+2I5mr8Mf
oo2P++fohrFHo6M8WCxy5kIcuvns2lJCeOVCFNQpaSB97YIl+RCOw+eYZW2zJ7gu
kxwQTplm58XuJgjBIJyNXbOqQev4pQWtvgQ7apRHUY9KkMbhcfsm/++pbeNtBRd7
eEGV1UHanDHBNyE6Itu6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org