Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/RcOiNIxRPyhFK-2hWdBiqhq70gE.roa
File: RcOiNIxRPyhFK-2hWdBiqhq70gE.roa (raw, json)
Hash identifier: EfLLND7QKPxVfb2ia69aGlUdu7z6JqD2VSVQakSwRus=
Subject key identifier: 45:C3:A2:34:8C:51:3F:28:45:2B:ED:A1:59:D0:62:AA:1A:BB:D2:01
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 0186306AA9D6DD446DEB5856DDCCA6D90137
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/RcOiNIxRPyhFK-2hWdBiqhq70gE.roa
Signing time: Wed 08 Feb 2023 09:45:42 +0000
ROA not before: Wed 08 Feb 2023 09:45:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24796
IP address blocks: 193.201.40.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
185.33.110.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.111.0/24 maxlen: 24
185.33.108.0/23 maxlen: 23
185.33.108.0/24 maxlen: 24
185.33.108.0/22 maxlen: 22
185.33.109.0/24 maxlen: 24
2a0f:80::/32 maxlen: 32
2001:7f8:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Feb 2023 14:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:6a:a9:d6:dd:44:6d:eb:58:56:dd:cc:a6:d9:01:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Feb 8 09:45:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45c3a2348c513f28452beda159d062aa1abbd201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:53:07:ce:bc:08:ac:ae:ca:b6:07:20:10:f0:
cd:bd:bd:fd:bb:48:70:3b:33:a6:18:56:9a:e4:f1:
66:85:11:7d:3f:11:09:6d:a7:eb:51:40:b0:01:76:
67:a5:90:cf:8e:60:71:a3:42:ca:c0:81:54:f6:2a:
4e:7e:b3:6a:5f:f5:bd:e2:c5:0c:9d:b1:f4:0f:0f:
39:99:ab:4e:58:1c:50:76:66:e1:54:12:27:c1:2c:
18:5d:a2:78:77:5b:79:c0:2a:c9:ff:b1:96:22:8d:
73:af:9c:67:c9:63:e9:c1:87:fe:60:56:bf:66:55:
fe:f4:a5:a2:dd:ad:2a:5f:a2:3e:31:a4:e0:ea:10:
29:d1:91:11:e9:bb:96:1a:9e:56:ac:cb:f6:34:9f:
31:97:b2:fb:5a:fd:0c:97:d7:f9:f1:4d:9f:ca:b2:
45:ea:5c:b5:2a:33:6b:41:d8:00:62:5b:7b:70:bc:
eb:03:7f:f7:3a:b9:a2:bb:40:27:2b:2b:99:3b:21:
9b:fe:06:a9:5d:cc:03:47:c1:68:0c:fb:0f:47:9d:
4e:2a:d5:61:d0:b4:85:b2:96:fa:77:e0:7e:28:01:
08:6c:36:4a:b2:57:79:24:a4:ed:aa:24:bf:e9:06:
54:29:67:15:f2:f5:31:94:d1:3f:82:e4:c2:4f:02:
55:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C3:A2:34:8C:51:3F:28:45:2B:ED:A1:59:D0:62:AA:1A:BB:D2:01
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/RcOiNIxRPyhFK-2hWdBiqhq70gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2001:7f8:10::/48
2a0f:80::/32
Signature Algorithm: sha256WithRSAEncryption
50:cd:22:e0:79:bf:e2:c0:98:f7:82:0a:59:df:d7:d3:07:07:
ce:62:a5:61:58:02:ef:57:5e:25:82:ba:18:d7:e0:64:16:af:
ad:85:7e:94:4d:be:9a:bf:0f:d3:1e:0b:f8:60:32:76:3f:93:
c3:44:9f:a0:c7:ae:18:a0:85:33:89:18:54:17:59:09:df:83:
2f:1e:72:51:0e:eb:fb:2d:38:f9:76:ae:b0:3f:6b:9b:e5:ba:
86:98:05:a0:04:2e:5c:0f:74:b2:3a:ca:61:44:fe:4a:d1:fa:
4d:bf:42:ad:d0:25:04:f0:06:d4:c2:ef:df:52:00:79:4f:e5:
54:44:b9:6a:8d:2c:75:83:9c:a6:fe:6e:dd:dd:69:fc:e4:d2:
b7:8e:02:89:e0:5d:20:e7:be:db:cb:11:96:d8:60:e2:3d:0e:
fd:6b:08:cf:5d:91:54:e2:73:83:d2:cf:58:42:6d:13:16:72:
04:24:6c:0d:a5:b2:b1:aa:6c:fe:b0:c8:17:50:82:e3:6f:16:
70:13:8a:42:58:23:d3:2e:89:9f:d0:89:81:d7:62:aa:7d:79:
d2:c0:6a:5d:0b:de:0f:59:7e:ab:cd:ca:09:96:d3:50:cc:53:
fc:fe:f8:28:47:f0:0f:77:57:1b:49:48:ce:05:97:c9:42:70:
fe:14:9c:79
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYwaqnW3URt61hW3cym2QE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjMwMjA4MDk0NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWMzYTIzNDhjNTEzZjI4NDUyYmVkYTE1OWQwNjJhYTFhYmJkMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1MHzrwIrK7KtgcgEPDNvb39u0hw
OzOmGFaa5PFmhRF9PxEJbafrUUCwAXZnpZDPjmBxo0LKwIFU9ipOfrNqX/W94sUM
nbH0Dw85matOWBxQdmbhVBInwSwYXaJ4d1t5wCrJ/7GWIo1zr5xnyWPpwYf+YFa/
ZlX+9KWi3a0qX6I+MaTg6hAp0ZER6buWGp5WrMv2NJ8xl7L7Wv0Ml9f58U2fyrJF
6ly1KjNrQdgAYlt7cLzrA3/3Ormiu0AnKyuZOyGb/gapXcwDR8FoDPsPR51OKtVh
0LSFspb6d+B+KAEIbDZKsld5JKTtqiS/6QZUKWcV8vUxlNE/guTCTwJVwQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEXDojSMUT8oRSvtoVnQYqoau9IBMB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvUmNPaU5JeFJQeWhGSy0yaFdkQmlxaHE3MGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuSFsAwQA
wRgdAwQAwckoMBYEAgACMBADBwAgAQf4ABADBQAqDwCAMA0GCSqGSIb3DQEBCwUA
A4IBAQBQzSLgeb/iwJj3ggpZ39fTBwfOYqVhWALvV14lgroY1+BkFq+thX6UTb6a
vw/THgv4YDJ2P5PDRJ+gx64YoIUziRhUF1kJ34MvHnJRDuv7LTj5dq6wP2ub5bqG
mAWgBC5cD3SyOsphRP5K0fpNv0Kt0CUE8AbUwu/fUgB5T+VURLlqjSx1g5ym/m7d
3Wn85NK3jgKJ4F0g577byxGW2GDiPQ79awjPXZFU4nOD0s9YQm0TFnIEJGwNpbKx
qmz+sMgXUILjbxZwE4pCWCPTLomf0ImB12KqfXnSwGpdC94PWX6rzcoJltNQzFP8
/vgoR/APd1cbSUjOBZfJQnD+FJx5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org