Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa
File: O2oGSVzdLOFwDV0-KMr6i7DSboY.roa (raw, json)
Hash identifier: o6DSaiZ8KyVG43hdOwAzUYhjrYX6ey3zlg1P9wYwCSo=
Subject key identifier: 3B:6A:06:49:5C:DD:2C:E1:70:0D:5D:3E:28:CA:FA:8B:B0:D2:6E:86
Certificate issuer: /CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
Certificate serial: 0185718C2B9DAC9E0E3444EC2C69EE6EA7E0
Authority key identifier: 48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa
Signing time: Mon 02 Jan 2023 08:14:49 +0000
ROA not before: Mon 02 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 185.253.204.0/22 maxlen: 24
193.16.220.0/24 maxlen: 24
91.223.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2b:9d:ac:9e:0e:34:44:ec:2c:69:ee:6e:a7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
Validity
Not Before: Jan 2 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b6a06495cdd2ce1700d5d3e28cafa8bb0d26e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:90:15:d4:57:75:14:f6:60:f4:dc:c8:24:
e4:b2:e3:b4:f8:d2:fa:56:d2:bd:14:ea:2a:41:83:
36:60:33:97:c4:be:18:9a:92:14:4a:09:00:ee:43:
c6:20:51:96:e6:86:e2:59:a4:f3:de:5f:40:22:bf:
b2:b8:89:1e:91:c0:6c:c4:b6:9d:31:c7:cb:42:8f:
df:e1:66:a9:29:11:c7:71:08:12:74:5b:f5:c3:87:
95:08:6f:c2:4d:03:4f:2b:c1:ec:16:19:66:d2:a8:
81:69:5a:6b:b6:18:4b:a1:8f:1a:79:9d:6e:19:7a:
68:98:3a:74:9f:ac:9b:f8:b6:a9:61:26:ee:53:65:
0a:ed:35:12:38:5a:33:3e:e7:a2:2b:c5:cf:53:69:
80:cf:30:a2:26:2f:2c:0b:5a:2d:57:da:fd:b6:62:
2d:eb:7c:63:73:00:ef:2d:8d:f1:c4:45:31:6e:07:
1a:e3:d0:56:eb:cb:28:b6:b9:ed:d9:72:99:e4:23:
99:f1:63:65:a9:b3:ed:60:88:9a:0b:b6:96:aa:c3:
a6:13:a2:d9:0e:d8:b3:90:71:ce:4c:0d:49:b6:cb:
6e:15:80:fe:0d:de:ee:0c:c0:97:73:b0:0f:10:a2:
27:65:d6:f2:66:82:99:b6:2e:14:ac:58:13:25:fa:
ed:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6A:06:49:5C:DD:2C:E1:70:0D:5D:3E:28:CA:FA:8B:B0:D2:6E:86
X509v3 Authority Key Identifier:
keyid:48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.186.0/24
185.253.204.0/22
193.16.220.0/24
Signature Algorithm: sha256WithRSAEncryption
12:82:c1:45:02:ce:6a:d4:b5:1b:a5:3f:6c:a0:30:01:f2:fc:
9d:44:80:5b:62:19:1c:7e:2f:dc:64:ad:03:a1:5e:41:30:9c:
59:79:d7:8a:6d:af:35:c8:80:51:cf:c7:1d:30:eb:35:9e:bb:
de:fd:64:8e:fb:f1:08:b4:f7:46:31:3e:3b:d6:e4:b7:51:e8:
12:f1:0f:82:ec:95:85:11:a3:b8:7d:db:f9:8a:f7:bb:a4:73:
15:60:e3:e5:7f:47:a3:44:15:65:01:03:7b:33:93:43:db:5d:
cc:46:3b:c4:fa:00:01:20:1d:8b:9e:4d:5c:d3:7c:3b:76:f3:
ee:41:4a:35:95:63:30:3b:4c:48:7f:74:3d:c8:a7:0e:a4:c1:
3d:78:f2:e3:66:ed:27:0a:ba:4d:62:77:f4:5b:9b:03:b8:c5:
00:75:a9:5a:b9:08:bb:b8:39:d0:16:00:e2:ce:27:85:d9:ad:
a4:48:b5:c5:f2:46:a6:2c:da:b6:21:39:dd:17:31:57:62:cb:
0d:eb:38:c6:f9:6b:73:2b:38:86:52:39:bf:f5:d9:e4:25:85:
02:b0:0d:f7:e7:b9:bf:9a:be:52:b0:05:a3:b7:94:15:4a:0a:
26:e7:a2:b2:8f:3f:4a:56:5e:4f:f6:70:00:59:39:f2:f4:7d:
7e:51:ff:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxjCudrJ4ONETsLGnubqfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWUzZWUxYzMyNTgxNzVmNGZmNmQ5YjU1OWRhNTRjODNl
YzBiNGYwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZhMDY0OTVjZGQyY2UxNzAwZDVkM2UyOGNhZmE4YmIwZDI2ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiCQFdRXdRT2YPTcyCTksuO0+NL6
VtK9FOoqQYM2YDOXxL4YmpIUSgkA7kPGIFGW5obiWaTz3l9AIr+yuIkekcBsxLad
McfLQo/f4WapKRHHcQgSdFv1w4eVCG/CTQNPK8HsFhlm0qiBaVprthhLoY8aeZ1u
GXpomDp0n6yb+LapYSbuU2UK7TUSOFozPueiK8XPU2mAzzCiJi8sC1otV9r9tmIt
63xjcwDvLY3xxEUxbgca49BW68sotrnt2XKZ5COZ8WNlqbPtYIiaC7aWqsOmE6LZ
DtizkHHOTA1JtstuFYD+Dd7uDMCXc7APEKInZdbyZoKZti4UrFgTJfrtTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDtqBklc3SzhcA1dPijK+ouw0m6GMB8GA1UdIwQY
MBaAFEhePuHDJYF19P9tm1WdpUyD7AtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDkt
OWM5MzNjY2QxNmM3LzEvTzJvR1NWemRMT0Z3RFYwLUtNcjZpN0RTYm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDktOWM5MzNjY2QxNmM3
LzEvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9+6AwQC
uf3MAwQAwRDcMA0GCSqGSIb3DQEBCwUAA4IBAQASgsFFAs5q1LUbpT9soDAB8vyd
RIBbYhkcfi/cZK0DoV5BMJxZedeKba81yIBRz8cdMOs1nrve/WSO+/EItPdGMT47
1uS3UegS8Q+C7JWFEaO4fdv5ive7pHMVYOPlf0ejRBVlAQN7M5ND213MRjvE+gAB
IB2Lnk1c03w7dvPuQUo1lWMwO0xIf3Q9yKcOpME9ePLjZu0nCrpNYnf0W5sDuMUA
dalauQi7uDnQFgDizieF2a2kSLXF8kamLNq2ITndFzFXYssN6zjG+WtzKziGUjm/
9dnkJYUCsA3357m/mr5SsAWjt5QVSgom56Kyjz9KVl5P9nAAWTny9H1+Uf+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:47 2024 by rpki-client on console-ams.rpki-client.org