Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/o3Lec8bBtr3gtCh0rNyAy7iCkRQ.roa
File: o3Lec8bBtr3gtCh0rNyAy7iCkRQ.roa (raw, json)
Hash identifier: NEVveFCA7eEDqPGvgnmD5fERdnTbw2jMk0t6D+KW2Dc=
Subject key identifier: A3:72:DE:73:C6:C1:B6:BD:E0:B4:28:74:AC:DC:80:CB:B8:82:91:14
Certificate issuer: /CN=d4e4f402f77a9d68a2ff4d15458a24a03dcd07c7
Certificate serial: 018C7B454476BA04118C6236FAA5A3438A36
Authority key identifier: D4:E4:F4:02:F7:7A:9D:68:A2:FF:4D:15:45:8A:24:A0:3D:CD:07:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OT0Avd6nWii_00VRYokoD3NB8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/o3Lec8bBtr3gtCh0rNyAy7iCkRQ.roa
Signing time: Mon 18 Dec 2023 04:53:06 +0000
ROA not before: Mon 18 Dec 2023 04:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61961
IP address blocks: 185.204.12.0/23 maxlen: 23
2a0a:f040::/29 maxlen: 29
2001:678:5e4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:45:44:76:ba:04:11:8c:62:36:fa:a5:a3:43:8a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e4f402f77a9d68a2ff4d15458a24a03dcd07c7
Validity
Not Before: Dec 18 04:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a372de73c6c1b6bde0b42874acdc80cbb8829114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:4f:e4:a3:4e:ee:75:d4:a1:aa:20:eb:07:
f6:bb:aa:13:9d:22:d2:9c:c2:f6:ac:fa:1f:48:ca:
80:b8:bf:df:33:04:27:fc:1c:9c:5c:e5:5a:2c:96:
39:a7:e0:99:9a:3e:75:6d:f7:9c:15:52:4a:5f:3e:
f0:54:e5:61:6a:8e:50:0d:b7:d9:f6:d2:d1:b9:d4:
bb:12:e4:d3:20:9d:59:c5:a6:00:bd:69:95:b2:1b:
c8:94:5b:d0:16:68:14:f9:fd:ca:cb:5a:cb:9c:d4:
a6:4e:25:36:dc:54:cc:37:e2:ed:1f:47:49:4b:84:
2d:ef:e8:e6:92:15:b5:2d:e0:21:8b:8a:5f:7f:2c:
e1:a7:4b:b9:47:56:9a:03:71:90:7c:cd:bc:5b:6b:
f9:d0:3b:ec:e7:d2:45:de:2f:fd:12:3b:ea:3f:05:
07:f3:9f:74:b5:0a:b0:19:a5:ad:b5:d8:d8:1b:2a:
e7:34:5c:86:b4:b8:82:67:be:84:ef:5e:c6:c1:76:
6c:96:27:4e:ca:b3:e3:3b:cf:98:3c:15:16:0a:1c:
1f:57:fa:c5:72:4b:ab:27:27:dc:df:a8:6e:a9:65:
6c:b7:cd:fe:52:98:e0:8d:87:57:4f:11:cf:5c:5c:
76:7a:23:dc:ad:dc:45:2c:dd:61:9c:9b:61:4a:6d:
4a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:72:DE:73:C6:C1:B6:BD:E0:B4:28:74:AC:DC:80:CB:B8:82:91:14
X509v3 Authority Key Identifier:
keyid:D4:E4:F4:02:F7:7A:9D:68:A2:FF:4D:15:45:8A:24:A0:3D:CD:07:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OT0Avd6nWii_00VRYokoD3NB8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/o3Lec8bBtr3gtCh0rNyAy7iCkRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/d7d296-16b5-491d-958f-0f387a081db0/1/1OT0Avd6nWii_00VRYokoD3NB8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.12.0/23
IPv6:
2001:678:5e4::/48
2a0a:f040::/29
Signature Algorithm: sha256WithRSAEncryption
25:e2:3d:63:a6:15:74:c7:34:94:3a:f8:86:e6:a6:b4:52:4b:
ca:34:ae:ca:6d:90:67:91:7b:d3:ed:7a:fd:36:f7:76:0f:87:
18:13:34:2c:7d:19:03:e1:e5:f1:f8:a0:65:1d:3d:13:d6:c0:
a9:25:1e:52:28:67:7c:0e:05:ad:16:0b:02:ab:24:39:67:aa:
41:8d:ec:df:42:50:19:8a:cd:15:2b:cb:11:d3:30:58:fa:14:
db:a0:f8:43:10:48:5b:81:d0:cd:2d:2c:76:7e:11:8c:50:08:
1d:03:2f:34:1f:2a:5a:b4:c6:de:99:03:fa:36:08:19:db:a1:
e9:b6:90:43:40:43:c2:20:d9:a3:3d:91:d7:9a:ce:f4:79:ef:
ce:63:9f:3d:b9:f4:76:62:28:49:63:dc:4b:7a:42:b3:c3:57:
86:42:b3:b2:dd:1f:1e:32:44:0a:b4:2e:3d:96:ac:f4:90:3d:
f2:73:f7:a7:ce:5b:9d:a4:e1:a8:d5:d4:e6:f2:58:e4:69:63:
3c:73:99:0a:c9:ca:8c:8b:f6:11:7f:f9:8f:f3:a4:2c:a0:07:
a5:47:03:58:26:a5:dd:de:61:85:ba:e7:02:e1:a5:d1:b1:a1:
95:be:3d:b8:45:bc:7b:d2:23:45:12:ea:c0:ad:12:6f:6f:12:
d8:11:dc:d0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx7RUR2ugQRjGI2+qWjQ4o2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTRmNDAyZjc3YTlkNjhhMmZmNGQxNTQ1OGEyNGEwM2Rj
ZDA3YzcwHhcNMjMxMjE4MDQ1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcyZGU3M2M2YzFiNmJkZTBiNDI4NzRhY2RjODBjYmI4ODI5MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KRP5KNO7nXUoaog6wf2u6oTnSLS
nML2rPofSMqAuL/fMwQn/BycXOVaLJY5p+CZmj51bfecFVJKXz7wVOVhao5QDbfZ
9tLRudS7EuTTIJ1ZxaYAvWmVshvIlFvQFmgU+f3Ky1rLnNSmTiU23FTMN+LtH0dJ
S4Qt7+jmkhW1LeAhi4pffyzhp0u5R1aaA3GQfM28W2v50Dvs59JF3i/9EjvqPwUH
8590tQqwGaWttdjYGyrnNFyGtLiCZ76E717GwXZslidOyrPjO8+YPBUWChwfV/rF
ckurJyfc36huqWVst83+UpjgjYdXTxHPXFx2eiPcrdxFLN1hnJthSm1KVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKNy3nPGwba94LQodKzcgMu4gpEUMB8GA1UdIwQY
MBaAFNTk9AL3ep1oov9NFUWKJKA9zQfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9UMEF2ZDZuV2lpXzAwVlJZb2tvRDNOQjhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kN2QyOTYtMTZiNS00OTFkLTk1OGYt
MGYzODdhMDgxZGIwLzEvbzNMZWM4YkJ0cjNndENoMHJOeUF5N2lDa1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kN2QyOTYtMTZiNS00OTFkLTk1OGYtMGYzODdhMDgxZGIw
LzEvMU9UMEF2ZDZuV2lpXzAwVlJZb2tvRDNOQjhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBucwMMBYE
AgACMBADBwAgAQZ4BeQDBQMqCvBAMA0GCSqGSIb3DQEBCwUAA4IBAQAl4j1jphV0
xzSUOviG5qa0UkvKNK7KbZBnkXvT7Xr9Nvd2D4cYEzQsfRkD4eXx+KBlHT0T1sCp
JR5SKGd8DgWtFgsCqyQ5Z6pBjezfQlAZis0VK8sR0zBY+hTboPhDEEhbgdDNLSx2
fhGMUAgdAy80HypatMbemQP6NggZ26HptpBDQEPCINmjPZHXms70ee/OY589ufR2
YihJY9xLekKzw1eGQrOy3R8eMkQKtC49lqz0kD3yc/enzludpOGo1dTm8ljkaWM8
c5kKycqMi/YRf/mP86QsoAelRwNYJqXd3mGFuucC4aXRsaGVvj24Rbx70iNFEurA
rRJvbxLYEdzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:04 2024 by rpki-client on console-ams.rpki-client.org