Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/O5bnayOAtNNb_RvdDkkgO4sX2gU.roa
File: O5bnayOAtNNb_RvdDkkgO4sX2gU.roa (raw, json)
Hash identifier: HADAaiZBpUMuLmojhnmfExQdqahr/CRfTG9188rNCkw=
Subject key identifier: 3B:96:E7:6B:23:80:B4:D3:5B:FD:1B:DD:0E:49:20:3B:8B:17:DA:05
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AF61797F56668BEDA127E318B69C9
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/O5bnayOAtNNb_RvdDkkgO4sX2gU.roa
Signing time: Mon 01 Jan 2024 18:30:50 +0000
ROA not before: Mon 01 Jan 2024 18:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207783
IP address blocks: 194.102.170.0/24 maxlen: 24
85.120.144.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 13:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f6:17:97:f5:66:68:be:da:12:7e:31:8b:69:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b96e76b2380b4d35bfd1bdd0e49203b8b17da05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:ab:cc:de:7a:84:b3:e4:37:4c:52:69:cc:
4c:c7:08:ac:e9:79:ee:11:ab:b4:a1:bc:94:db:53:
30:05:70:59:87:90:e0:01:f2:fb:1c:04:fc:34:22:
b5:c3:28:50:2b:f1:56:e6:d0:de:17:fd:9f:e3:90:
ed:98:18:60:ac:62:7c:81:89:32:e1:46:cb:3b:31:
25:2c:41:89:9d:b8:d8:de:ac:fc:27:4b:39:e6:37:
3f:83:02:41:e1:40:1c:40:40:28:07:a4:17:c7:c7:
70:b8:07:52:70:0c:c9:3d:65:5a:a2:8e:a3:41:41:
1d:fc:a8:e8:6c:1d:ab:5f:19:dc:f5:f5:91:43:d8:
88:00:0a:c4:ce:65:8d:95:f6:2a:72:2f:b8:0b:46:
1c:ac:0a:85:cf:61:d0:ee:a0:fd:78:6a:85:3c:d6:
bb:a8:65:d1:e3:62:32:3f:45:ca:01:25:dd:72:c1:
e5:4c:a2:df:08:a4:cd:f5:9c:2e:07:49:69:a4:e1:
a9:54:db:9f:8e:51:65:5e:dd:8e:bb:37:2b:f7:c6:
fc:68:8d:bd:96:ac:ee:c0:cb:41:47:a0:d7:51:b7:
e6:95:9c:50:39:c3:b1:de:61:96:07:7f:4e:4f:6c:
f0:c2:bc:ad:86:95:6e:be:16:7c:46:b1:51:cf:43:
85:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:96:E7:6B:23:80:B4:D3:5B:FD:1B:DD:0E:49:20:3B:8B:17:DA:05
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/O5bnayOAtNNb_RvdDkkgO4sX2gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.144.0/24
194.102.170.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
44:f8:00:3c:a7:5c:8b:c0:1c:e6:09:d8:7c:1e:50:2a:bf:c6:
94:f3:65:f0:37:4a:3a:31:1c:29:b1:cc:97:f0:de:9a:75:dd:
bf:66:35:62:ed:3e:89:7f:83:e3:b9:85:b7:e5:2a:1a:30:97:
93:3a:ed:d2:63:65:c2:08:48:0f:e9:10:5f:16:f2:24:09:c0:
41:87:22:b3:23:6a:67:b7:05:da:c6:0f:70:94:5e:46:ac:f9:
40:e6:9a:94:e9:25:95:54:b2:8d:69:e2:93:50:26:db:34:d8:
45:20:00:94:ce:34:48:5c:cc:4a:9e:92:48:ff:bc:a4:a0:d6:
e7:12:a6:43:8a:bb:7d:6e:38:bd:a4:9a:4c:83:15:ab:a7:c8:
15:19:0d:ea:cb:58:2e:b5:0f:84:70:0e:9d:84:04:88:42:09:
7c:96:b4:c2:33:80:ef:a0:26:27:18:d4:6d:45:97:84:cd:1b:
06:5a:9c:3c:31:60:f0:87:60:e9:7f:dc:48:eb:ca:c5:dd:fd:
d7:9c:63:0c:7c:cc:ba:22:e4:4d:fc:b0:14:65:fe:43:49:42:
e3:ff:ee:fd:89:02:22:e8:ef:4e:71:2c:97:3f:48:2b:4a:39:
30:3a:5f:d9:ce:e0:84:26:46:43:29:b9:08:1c:bd:d5:0f:71:
5d:3d:7d:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSvYXl/VmaL7aEn4xi2nJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk2ZTc2YjIzODBiNGQzNWJmZDFiZGQwZTQ5MjAzYjhiMTdkYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2qrzN56hLPkN0xSacxMxwis6Xnu
Eau0obyU21MwBXBZh5DgAfL7HAT8NCK1wyhQK/FW5tDeF/2f45DtmBhgrGJ8gYky
4UbLOzElLEGJnbjY3qz8J0s55jc/gwJB4UAcQEAoB6QXx8dwuAdScAzJPWVaoo6j
QUEd/KjobB2rXxnc9fWRQ9iIAArEzmWNlfYqci+4C0YcrAqFz2HQ7qD9eGqFPNa7
qGXR42IyP0XKASXdcsHlTKLfCKTN9ZwuB0lppOGpVNufjlFlXt2Ouzcr98b8aI29
lqzuwMtBR6DXUbfmlZxQOcOx3mGWB39OT2zwwrythpVuvhZ8RrFRz0OFLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDuW52sjgLTTW/0b3Q5JIDuLF9oFMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvTzVibmF5T0F0Tk5iX1J2ZERra2dPNHNYMmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXiQAwQA
wmaqAwQA2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQBE+AA8p1yLwBzmCdh8HlAqv8aU
82XwN0o6MRwpscyX8N6add2/ZjVi7T6Jf4PjuYW35SoaMJeTOu3SY2XCCEgP6RBf
FvIkCcBBhyKzI2pntwXaxg9wlF5GrPlA5pqU6SWVVLKNaeKTUCbbNNhFIACUzjRI
XMxKnpJI/7ykoNbnEqZDirt9bji9pJpMgxWrp8gVGQ3qy1gutQ+EcA6dhASIQgl8
lrTCM4DvoCYnGNRtRZeEzRsGWpw8MWDwh2Dpf9xI68rF3f3XnGMMfMy6IuRN/LAU
Zf5DSULj/+79iQIi6O9OcSyXP0grSjkwOl/ZzuCEJkZDKbkIHL3VD3FdPX28
-----END CERTIFICATE-----
Generated at Thu Feb 1 19:21:01 2024 by rpki-client on console-ams.rpki-client.org