Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/OTOe2bCXQc_aQbWJqGWqwN0BLY0.roa
File: OTOe2bCXQc_aQbWJqGWqwN0BLY0.roa (raw, json)
Hash identifier: opqzOCjOQg9+xttsru73YpLYdOb1+hgQ6EClGyimQH4=
Subject key identifier: 39:33:9E:D9:B0:97:41:CF:DA:41:B5:89:A8:65:AA:C0:DD:01:2D:8D
Certificate issuer: /CN=d1122a5cb0643f736c7ec7961809a25938668f0e
Certificate serial: 01856E820D303E7538A6387A9ED5A65D716F
Authority key identifier: D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0RIqXLBkP3NsfseWGAmiWThmjw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/OTOe2bCXQc_aQbWJqGWqwN0BLY0.roa
Signing time: Sun 01 Jan 2023 18:04:54 +0000
ROA not before: Sun 01 Jan 2023 18:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60354
IP address blocks: 185.251.114.0/24 maxlen: 32
185.251.113.0/24 maxlen: 24
185.251.115.0/24 maxlen: 24
2a0c:1940::/44 maxlen: 44
2a0c:1940:20::/44 maxlen: 44
2a0c:1940:10::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:0d:30:3e:75:38:a6:38:7a:9e:d5:a6:5d:71:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1122a5cb0643f736c7ec7961809a25938668f0e
Validity
Not Before: Jan 1 18:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39339ed9b09741cfda41b589a865aac0dd012d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:82:d5:d2:24:39:cc:e7:67:7b:f1:1c:8d:5e:
fa:c7:62:71:23:75:08:9d:af:c7:2a:a5:3f:f3:90:
47:88:1c:ac:48:26:05:5e:2d:71:3a:69:d7:11:ba:
56:a3:4c:14:2f:e0:91:cf:43:f2:3a:31:af:6c:0a:
3a:ee:dc:0e:8c:11:f6:f8:05:b8:68:05:c0:78:8e:
c2:55:21:26:d0:a9:b2:c5:8f:13:30:6e:3c:64:85:
8e:9c:c3:27:7f:9c:72:9b:c9:1b:4f:a8:26:bb:73:
e4:4b:79:0b:39:76:ca:10:c2:40:82:50:33:8d:f4:
47:0a:31:88:0a:97:af:75:25:97:9e:13:1f:8e:34:
a0:63:8f:0e:2d:ed:15:e6:73:f7:52:29:8a:28:39:
f8:e0:36:c3:66:66:b1:65:67:08:f0:28:e5:71:e6:
00:ae:44:1e:b1:82:80:b3:17:42:66:78:ec:af:d0:
cb:42:f4:87:b1:e0:fa:16:92:cf:1d:5f:c9:e7:d0:
d9:97:43:2c:a9:72:41:84:cb:50:76:7e:f4:94:59:
dc:7d:f9:e8:e5:05:73:b9:5e:36:de:c0:ac:c7:9e:
fb:76:7f:7d:11:72:97:96:b6:8f:7d:aa:16:a2:ec:
fd:62:6e:66:60:a0:a4:85:44:e3:77:56:6b:c3:e3:
64:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:33:9E:D9:B0:97:41:CF:DA:41:B5:89:A8:65:AA:C0:DD:01:2D:8D
X509v3 Authority Key Identifier:
keyid:D1:12:2A:5C:B0:64:3F:73:6C:7E:C7:96:18:09:A2:59:38:66:8F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0RIqXLBkP3NsfseWGAmiWThmjw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/OTOe2bCXQc_aQbWJqGWqwN0BLY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/accd38-0ae6-4b43-a168-1152f4393020/1/0RIqXLBkP3NsfseWGAmiWThmjw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.113.0-185.251.115.255
IPv6:
2a0c:1940::-2a0c:1940:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:af:1d:a8:ff:db:12:46:f6:86:77:c9:13:3c:1b:33:90:54:
e3:4f:02:2a:1d:ad:05:92:86:4d:b9:ec:2a:31:98:89:24:4c:
1d:01:c5:a7:9e:52:c1:99:32:3a:75:c9:d8:1b:b2:73:1a:7a:
88:af:be:d7:f1:7c:53:7c:92:91:32:e6:ec:1c:00:6d:b9:cf:
1c:52:d5:4f:da:57:6e:77:48:48:30:db:eb:81:f4:4a:d9:c7:
cb:68:f2:00:ff:bf:b3:94:39:b6:15:74:4a:dc:79:20:64:fe:
5b:15:3e:b9:06:1e:09:49:33:5b:c1:f7:f7:57:5f:4d:2d:0d:
03:d0:60:2d:35:49:fe:3f:af:ca:09:f3:2e:d3:90:24:82:cf:
16:3d:5f:8f:70:c5:e0:0e:7c:b2:da:1f:48:d0:5d:21:f8:0e:
9f:5a:b9:b7:ad:0f:38:c8:ce:c6:69:d4:4a:06:2b:88:0e:41:
5a:63:55:25:40:c5:4d:c8:16:9d:cb:ab:f9:1b:ba:7f:48:79:
e0:aa:3f:a5:50:84:6b:f0:70:34:9e:cb:a5:6f:b9:cc:9b:9e:
0c:33:c7:c9:07:b3:b4:fe:3a:ba:8b:5c:a8:90:e4:9b:7f:d3:
06:69:b0:d2:f1:e8:3e:7c:52:e4:58:02:93:35:b6:55:f6:a6:
d3:e0:bb:4d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVugg0wPnU4pjh6ntWmXXFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMTIyYTVjYjA2NDNmNzM2YzdlYzc5NjE4MDlhMjU5Mzg2
NjhmMGUwHhcNMjMwMTAxMTgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTMzOWVkOWIwOTc0MWNmZGE0MWI1ODlhODY1YWFjMGRkMDEyZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYLV0iQ5zOdne/EcjV76x2JxI3UI
na/HKqU/85BHiBysSCYFXi1xOmnXEbpWo0wUL+CRz0PyOjGvbAo67twOjBH2+AW4
aAXAeI7CVSEm0KmyxY8TMG48ZIWOnMMnf5xym8kbT6gmu3PkS3kLOXbKEMJAglAz
jfRHCjGICpevdSWXnhMfjjSgY48OLe0V5nP3UimKKDn44DbDZmaxZWcI8CjlceYA
rkQesYKAsxdCZnjsr9DLQvSHseD6FpLPHV/J59DZl0MsqXJBhMtQdn70lFncffno
5QVzuV423sCsx577dn99EXKXlraPfaoWouz9Ym5mYKCkhUTjd1Zrw+NkgwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDkzntmwl0HP2kG1iahlqsDdAS2NMB8GA1UdIwQY
MBaAFNESKlywZD9zbH7HlhgJolk4Zo8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFJJcVhMQmtQM05zZnNlV0dBbWlXVGhtanc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2NkMzgtMGFlNi00YjQzLWExNjgt
MTE1MmY0MzkzMDIwLzEvT1RPZTJiQ1hRY19hUWJXSnFHV3F3TjBCTFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2NkMzgtMGFlNi00YjQzLWExNjgtMTE1MmY0MzkzMDIw
LzEvMFJJcVhMQmtQM05zZnNlV0dBbWlXVGhtanc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAC5+3ED
BAK5+3AwGAQCAAIwEjAQAwUGKgwZQAMHBCoMGUAAIDANBgkqhkiG9w0BAQsFAAOC
AQEAda8dqP/bEkb2hnfJEzwbM5BU408CKh2tBZKGTbnsKjGYiSRMHQHFp55SwZky
OnXJ2Buycxp6iK++1/F8U3ySkTLm7BwAbbnPHFLVT9pXbndISDDb64H0StnHy2jy
AP+/s5Q5thV0Stx5IGT+WxU+uQYeCUkzW8H391dfTS0NA9BgLTVJ/j+vygnzLtOQ
JILPFj1fj3DF4A58stofSNBdIfgOn1q5t60POMjOxmnUSgYriA5BWmNVJUDFTcgW
ncur+Ru6f0h54Ko/pVCEa/BwNJ7LpW+5zJueDDPHyQeztP46uotcqJDkm3/TBmmw
0vHoPnxS5FgCkzW2Vfam0+C7TQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:27 2024 by rpki-client on console-fra.rpki-client.org