Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/opdDiMgwfgPaLo__nmySfRqGL7Y.roa
File: opdDiMgwfgPaLo__nmySfRqGL7Y.roa (raw, json)
Hash identifier: SJifiitGO7I+NIQW/cgX74pOvx3A99hJnJCh2xtdiso=
Subject key identifier: A2:97:43:88:C8:30:7E:03:DA:2E:8F:FF:9E:6C:92:7D:1A:86:2F:B6
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8B9DFC838C2427A00A7307E68B36DAE
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/opdDiMgwfgPaLo__nmySfRqGL7Y.roa
Signing time: Thu 16 Nov 2023 15:22:21 +0000
ROA not before: Thu 16 Nov 2023 15:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
85.205.0.0/16 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:b9:df:c8:38:c2:42:7a:00:a7:30:7e:68:b3:6d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 15:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2974388c8307e03da2e8fff9e6c927d1a862fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:9c:7b:3a:7c:2f:e1:5e:97:55:f0:c2:c3:
de:6f:c4:21:f7:79:b4:74:fd:a6:bd:45:ce:c9:2f:
3b:c1:4d:f0:cb:59:a2:1e:9e:b3:c3:ca:8a:3f:4d:
69:80:e0:11:ee:e3:26:03:d8:f3:1d:92:69:8b:1f:
3b:85:60:1f:aa:5c:cc:ec:21:31:b6:5d:d7:9e:31:
c6:83:3b:3b:e6:d3:9d:4b:0a:75:4b:da:b9:b8:b1:
1e:18:ac:89:98:5a:b4:5b:1a:d6:7a:90:c3:5c:1c:
57:b5:08:13:fe:2f:5b:8f:c5:3a:8f:f8:8f:57:05:
07:ef:9d:14:69:4d:86:9f:55:df:d3:77:cc:f0:ba:
eb:76:a7:1f:cf:e8:e7:23:66:a2:7f:5d:74:18:04:
ea:db:7d:01:56:46:28:d8:9f:5e:74:95:b3:19:02:
92:e4:19:85:c8:e4:33:8a:5c:54:9c:26:6b:5e:dc:
16:4b:ce:1e:e1:9a:54:1b:7d:a2:76:b3:49:fe:18:
f8:0a:76:e4:d5:b8:94:34:86:a1:91:65:58:b5:34:
ba:47:eb:63:b0:08:d6:44:aa:ef:20:72:86:cd:d1:
0a:d3:3e:a4:f9:85:7f:2a:c0:30:9f:0a:ab:d0:52:
af:e7:5b:d7:60:e8:76:04:d1:4b:c8:e6:9b:87:46:
71:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:97:43:88:C8:30:7E:03:DA:2E:8F:FF:9E:6C:92:7D:1A:86:2F:B6
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/opdDiMgwfgPaLo__nmySfRqGL7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
85.205.0.0/16
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
92:1b:12:bc:1a:e8:ac:95:c5:97:bc:54:3d:a1:ff:18:af:c2:
07:87:36:34:bc:55:77:e3:74:ac:0b:3d:ef:84:cb:b9:51:8f:
f0:41:53:85:31:98:da:83:51:aa:09:06:16:ae:10:12:b3:f1:
c6:57:d3:82:ac:3b:a8:a5:9a:fe:d3:df:58:4a:bf:90:45:c3:
7f:55:0a:db:72:a1:0c:98:ff:21:d8:36:c8:ed:91:54:16:12:
01:8f:ce:94:15:c8:db:33:46:c8:39:76:0f:24:a1:ac:81:a3:
86:3d:d3:69:cb:a5:12:1f:24:6f:63:5d:dc:88:d0:7c:10:9a:
26:3a:05:3c:75:a0:ea:2d:14:ba:88:a5:e1:da:7e:cc:87:da:
f5:77:e0:ce:89:34:a7:f5:ee:f8:35:60:49:b7:6b:d0:83:a5:
2a:c8:46:da:58:ab:8f:46:1c:d9:7b:a3:d3:36:61:96:0d:ea:
79:77:dd:93:36:6f:62:52:a2:2b:c4:79:4f:5d:b4:f3:9d:e8:
84:98:b4:53:34:0f:4e:bc:59:45:8b:62:f8:0a:93:4f:0a:90:
af:b0:72:3f:ea:bc:7e:97:54:ce:f3:99:29:87:72:08:75:ad:
8e:62:f1:aa:ee:f8:3b:86:26:c8:bc:28:e4:4d:65:b6:02:98:
4b:c0:fc:fd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYvYud/IOMJCegCnMH5os22uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTUyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk3NDM4OGM4MzA3ZTAzZGEyZThmZmY5ZTZjOTI3ZDFhODYyZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTqcezp8L+Fel1XwwsPeb8Qh93m0
dP2mvUXOyS87wU3wy1miHp6zw8qKP01pgOAR7uMmA9jzHZJpix87hWAfqlzM7CEx
tl3XnjHGgzs75tOdSwp1S9q5uLEeGKyJmFq0WxrWepDDXBxXtQgT/i9bj8U6j/iP
VwUH750UaU2Gn1Xf03fM8Lrrdqcfz+jnI2aif110GATq230BVkYo2J9edJWzGQKS
5BmFyOQzilxUnCZrXtwWS84e4ZpUG32idrNJ/hj4Cnbk1biUNIahkWVYtTS6R+tj
sAjWRKrvIHKGzdEK0z6k+YV/KsAwnwqr0FKv51vXYOh2BNFLyOabh0ZxKQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKKXQ4jIMH4D2i6P/55skn0ahi+2MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvb3BkRGlNZ3dmZ1BhTG9fX25teVNmUnFHTDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwQHJRmAAwMA
LmwDBAcuvoADAwBVzTALAwQHw+iAAwMBw+gwDQYJKoZIhvcNAQELBQADggEBAJIb
Erwa6KyVxZe8VD2h/xivwgeHNjS8VXfjdKwLPe+Ey7lRj/BBU4UxmNqDUaoJBhau
EBKz8cZX04KsO6ilmv7T31hKv5BFw39VCttyoQyY/yHYNsjtkVQWEgGPzpQVyNsz
Rsg5dg8koayBo4Y902nLpRIfJG9jXdyI0HwQmiY6BTx1oOotFLqIpeHafsyH2vV3
4M6JNKf17vg1YEm3a9CDpSrIRtpYq49GHNl7o9M2YZYN6nl33ZM2b2JSoivEeU9d
tPOd6ISYtFM0D068WUWLYvgKk08KkK+wcj/qvH6XVM7zmSmHcgh1rY5i8aru+DuG
Jsi8KORNZbYCmEvA/P0=
-----END CERTIFICATE-----
Generated at Thu Nov 16 16:50:29 2023 by rpki-client on console-fra.rpki-client.org