Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/OF79aryMbKwE9tNB2uvXzGmmdQM.roa
File: OF79aryMbKwE9tNB2uvXzGmmdQM.roa (raw, json)
Hash identifier: x8/SCUjM4w/JSSZ53pUKyp+WCzGtToBt7vyx9RK/y6s=
Subject key identifier: 38:5E:FD:6A:BC:8C:6C:AC:04:F6:D3:41:DA:EB:D7:CC:69:A6:75:03
Certificate issuer: /CN=eccfdaee1e9eabd80237602961baa25abc69cd64
Certificate serial: 01856D13C1083A63858A95F6F2FE06CDC960
Authority key identifier: EC:CF:DA:EE:1E:9E:AB:D8:02:37:60:29:61:BA:A2:5A:BC:69:CD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/OF79aryMbKwE9tNB2uvXzGmmdQM.roa
Signing time: Sun 01 Jan 2023 11:24:49 +0000
ROA not before: Sun 01 Jan 2023 11:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50399
IP address blocks: 92.42.232.0/21 maxlen: 24
185.223.140.0/22 maxlen: 24
185.3.204.0/22 maxlen: 24
109.232.40.0/21 maxlen: 24
2a00:11e8::/32 maxlen: 64
2a03:3300::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:c1:08:3a:63:85:8a:95:f6:f2:fe:06:cd:c9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eccfdaee1e9eabd80237602961baa25abc69cd64
Validity
Not Before: Jan 1 11:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=385efd6abc8c6cac04f6d341daebd7cc69a67503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:8b:30:de:b9:cc:c3:92:45:3c:3e:91:1d:3f:
4e:0b:2d:4c:58:49:e8:61:b6:17:f4:23:1f:96:1d:
7d:13:54:6f:57:53:9e:43:ef:78:63:9b:85:8b:69:
b0:cd:4e:89:38:cb:7c:2a:0c:72:de:77:93:ea:20:
e2:06:e4:53:cf:55:6a:ec:ae:4c:5f:7a:bf:cf:08:
9a:f2:75:9d:ab:23:c5:f9:4a:af:18:ef:f9:a7:4b:
68:df:a4:fa:dd:65:2d:14:bd:fa:e8:4b:77:ff:5a:
c0:df:25:c3:69:0f:9f:7d:b6:42:f9:6e:87:0b:9c:
29:59:63:db:39:3e:a0:0a:9d:5c:bb:6e:b4:ad:63:
c2:07:05:b8:cd:97:2d:90:02:33:e9:5d:66:d1:af:
3b:83:e0:3f:b2:e8:23:f0:2b:16:fd:a8:64:87:8d:
8d:2f:f4:96:a2:0d:d1:2d:ae:a6:c5:bf:53:26:54:
27:44:b0:8c:a0:37:46:ac:18:92:e2:72:ab:77:38:
c6:bf:15:05:7a:ac:b9:d7:0d:78:26:c7:4c:50:14:
83:cc:09:24:e6:7b:7c:20:59:76:e2:f7:ad:22:48:
77:5f:0a:8c:71:1e:1d:02:22:88:32:d5:32:3a:8a:
63:6b:a9:81:a0:74:2c:c3:59:25:c8:97:8f:c7:b5:
57:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5E:FD:6A:BC:8C:6C:AC:04:F6:D3:41:DA:EB:D7:CC:69:A6:75:03
X509v3 Authority Key Identifier:
keyid:EC:CF:DA:EE:1E:9E:AB:D8:02:37:60:29:61:BA:A2:5A:BC:69:CD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/OF79aryMbKwE9tNB2uvXzGmmdQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.232.0/21
109.232.40.0/21
185.3.204.0/22
185.223.140.0/22
IPv6:
2a00:11e8::/32
2a03:3300::/32
Signature Algorithm: sha256WithRSAEncryption
52:a5:61:b7:f7:b2:97:66:27:b0:84:9c:eb:b1:1b:16:28:67:
8b:57:e0:5a:63:72:03:fe:0e:8d:28:0f:c1:99:5c:c9:91:3d:
47:26:d2:92:c7:c8:78:e7:48:27:be:be:30:f9:f4:4a:30:be:
5b:3b:fa:9b:ef:c9:29:61:55:f0:cf:a0:8a:8c:7b:25:c2:eb:
2a:00:99:af:5d:b0:89:5a:dd:06:78:b7:0f:18:62:c0:a7:f7:
41:8f:1f:0c:7d:ae:82:77:f4:3a:29:0f:06:56:d5:9e:ce:84:
ae:c9:7c:a8:66:b0:7a:2e:a2:f7:e2:12:11:0f:95:d7:55:aa:
8e:b7:88:9a:3a:7e:75:59:cc:8f:8f:fc:da:57:13:46:54:42:
a5:72:04:aa:ce:35:4b:04:71:e1:d7:88:36:89:2f:b1:cd:ce:
6b:f8:51:6a:e4:d6:4b:56:e4:e2:df:fa:70:dd:8f:ba:9c:72:
3d:f0:24:c0:92:2b:ee:7c:93:5a:8f:66:0a:93:b5:54:a2:a4:
f3:84:75:51:65:4e:9e:9c:57:61:35:9e:90:a5:65:65:c2:cf:
6b:81:3e:65:7e:d7:0e:e2:63:eb:0a:b5:2c:dd:bb:07:d8:f6:
f3:aa:fa:06:61:34:32:c3:a0:46:ed:b0:43:9c:a4:1f:1e:09:
3f:d2:24:97
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVtE8EIOmOFipX28v4GzclgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjY2ZkYWVlMWU5ZWFiZDgwMjM3NjAyOTYxYmFhMjVhYmM2
OWNkNjQwHhcNMjMwMTAxMTEyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVlZmQ2YWJjOGM2Y2FjMDRmNmQzNDFkYWViZDdjYzY5YTY3NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+osw3rnMw5JFPD6RHT9OCy1MWEno
YbYX9CMflh19E1RvV1OeQ+94Y5uFi2mwzU6JOMt8Kgxy3neT6iDiBuRTz1Vq7K5M
X3q/zwia8nWdqyPF+UqvGO/5p0to36T63WUtFL366Et3/1rA3yXDaQ+ffbZC+W6H
C5wpWWPbOT6gCp1cu260rWPCBwW4zZctkAIz6V1m0a87g+A/sugj8CsW/ahkh42N
L/SWog3RLa6mxb9TJlQnRLCMoDdGrBiS4nKrdzjGvxUFeqy51w14JsdMUBSDzAkk
5nt8IFl24vetIkh3XwqMcR4dAiKIMtUyOopja6mBoHQsw1klyJePx7VXiQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDhe/Wq8jGysBPbTQdrr18xppnUDMB8GA1UdIwQY
MBaAFOzP2u4enqvYAjdgKWG6olq8ac1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01fYTdoNmVxOWdDTjJBcFlicWlXcnhweldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jMmE1YmQtNWYyOC00NmY5LWE0MTQt
M2YxYzE1MjNhMTIzLzEvT0Y3OWFyeU1iS3dFOXROQjJ1dlh6R21tZFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jMmE1YmQtNWYyOC00NmY5LWE0MTQtM2YxYzE1MjNhMTIz
LzEvN01fYTdoNmVxOWdDTjJBcFlicWlXcnhweldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDXCroAwQD
begoAwQCuQPMAwQCud+MMBQEAgACMA4DBQAqABHoAwUAKgMzADANBgkqhkiG9w0B
AQsFAAOCAQEAUqVht/eyl2YnsISc67EbFihni1fgWmNyA/4OjSgPwZlcyZE9RybS
ksfIeOdIJ76+MPn0SjC+Wzv6m+/JKWFV8M+giox7JcLrKgCZr12wiVrdBni3Dxhi
wKf3QY8fDH2ugnf0OikPBlbVns6Ersl8qGawei6i9+ISEQ+V11WqjreImjp+dVnM
j4/82lcTRlRCpXIEqs41SwRx4deINokvsc3Oa/hRauTWS1bk4t/6cN2PupxyPfAk
wJIr7nyTWo9mCpO1VKKk84R1UWVOnpxXYTWekKVlZcLPa4E+ZX7XDuJj6wq1LN27
B9j286r6BmE0MsOgRu2wQ5ykHx4JP9Iklw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:05 2024 by rpki-client on console-fra.rpki-client.org