Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/fyiNHcWxQwEbAS6UmK7Z6bp9UNk.roa
File: fyiNHcWxQwEbAS6UmK7Z6bp9UNk.roa (raw, json)
Hash identifier: /cYIodHXmN+TvC3umpRdx8QJ/HzQLqjRB9qKC2Z0yws=
Subject key identifier: 7F:28:8D:1D:C5:B1:43:01:1B:01:2E:94:98:AE:D9:E9:BA:7D:50:D9
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 0186E0AACFFEE0753057171073CF5E405683
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/fyiNHcWxQwEbAS6UmK7Z6bp9UNk.roa
Signing time: Tue 14 Mar 2023 15:08:56 +0000
ROA not before: Tue 14 Mar 2023 15:08:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24796
IP address blocks: 193.201.40.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
185.33.110.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.111.0/24 maxlen: 24
185.33.108.0/23 maxlen: 23
185.33.108.0/24 maxlen: 24
185.33.108.0/22 maxlen: 22
185.33.109.0/24 maxlen: 24
2a0f:80::/32 maxlen: 32
2a0f:80:b::/48 maxlen: 48
2a0f:80:a::/48 maxlen: 48
2a0f:80:d::/48 maxlen: 48
2a0f:80:3::/48 maxlen: 48
2a0f:80:e::/48 maxlen: 48
2a0f:80:1::/48 maxlen: 48
2a0f:80:c::/48 maxlen: 48
2a0f:80:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:aa:cf:fe:e0:75:30:57:17:10:73:cf:5e:40:56:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Mar 14 15:08:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f288d1dc5b143011b012e9498aed9e9ba7d50d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:5d:1a:5c:cd:50:07:56:9c:c5:64:42:34:
99:6f:df:91:0f:14:69:1c:12:47:2a:98:25:ef:85:
bf:02:bd:1e:b6:a8:18:72:46:a8:a9:2d:93:22:0a:
88:d7:dd:bc:c2:76:8d:e4:25:5e:de:a8:9d:0d:33:
f2:cb:0a:55:3a:f6:fa:6a:d1:df:71:5f:33:a4:83:
97:5c:a0:df:c9:f3:82:e1:53:7a:63:aa:ce:65:f7:
56:dc:62:23:f6:f5:6c:b6:00:43:1d:89:08:6e:83:
5c:a0:a5:a5:5d:06:8c:35:17:3e:9f:88:35:a8:1b:
88:36:84:4c:12:b2:61:bf:f9:57:a4:6f:ca:c5:63:
50:0f:59:e3:87:32:64:e5:1c:89:7e:bc:32:ad:38:
7b:25:42:08:bb:34:61:69:d2:92:71:21:45:23:ba:
3d:f9:13:55:3b:11:0b:3b:b9:b5:08:6d:ab:7a:6d:
c9:32:64:65:ec:fa:43:27:e8:99:0c:45:29:e5:76:
82:e1:d9:86:8e:51:bb:49:4b:67:75:86:43:a0:be:
89:6a:5c:32:3b:a4:c2:50:1e:70:3f:ed:28:1c:84:
27:71:fd:2c:0b:67:e7:4a:71:57:d1:0d:20:33:14:
5f:09:b2:bb:e1:d7:0e:5c:c3:96:6b:f5:15:e3:6e:
cb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:28:8D:1D:C5:B1:43:01:1B:01:2E:94:98:AE:D9:E9:BA:7D:50:D9
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/fyiNHcWxQwEbAS6UmK7Z6bp9UNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2a0f:80::/32
Signature Algorithm: sha256WithRSAEncryption
81:0d:04:49:28:44:07:56:33:5c:18:49:3b:b9:dd:e0:7d:5f:
4a:8d:a3:4f:38:b3:e8:aa:5a:f5:02:aa:c0:27:1d:9f:ec:88:
e0:87:b6:cc:46:61:2b:55:9c:b9:8e:a6:29:9f:22:0d:04:22:
2a:72:31:22:35:ac:cd:09:b8:58:22:8b:8c:b9:ab:3f:76:43:
e7:21:fc:26:49:48:4a:74:c2:bc:b4:05:7c:87:ff:dc:28:cc:
71:ec:3b:86:df:5d:34:d2:8c:a5:c4:58:75:a6:17:a9:aa:f7:
1b:17:00:50:e7:a1:c4:31:2b:33:eb:44:7f:66:6d:19:5a:71:
6a:6d:f0:94:ef:18:e5:28:59:4f:14:49:b4:88:2b:df:cf:78:
8e:ab:e1:11:d5:6c:6f:75:8d:8e:9b:0b:dd:99:b6:45:3b:cc:
6e:f5:27:09:81:cb:b3:4b:a8:04:4f:c9:f9:05:18:8c:ef:19:
e7:a7:db:f8:5f:56:99:aa:15:9e:a9:9e:f6:b3:e8:bc:71:3c:
7b:4d:ff:58:21:19:bc:af:c0:ac:e2:aa:50:4b:37:57:b8:1d:
25:40:93:0d:ff:43:8f:81:d0:0e:c1:85:de:5a:0e:39:6f:ae:
12:c7:ec:77:eb:c2:7c:86:75:9e:93:cf:42:d7:7b:bd:41:e6:
8d:ff:8b:47
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYbgqs/+4HUwVxcQc89eQFaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjMwMzE0MTUwODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI4OGQxZGM1YjE0MzAxMWIwMTJlOTQ5OGFlZDllOWJhN2Q1MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD5dGlzNUAdWnMVkQjSZb9+RDxRp
HBJHKpgl74W/Ar0etqgYckaoqS2TIgqI1928wnaN5CVe3qidDTPyywpVOvb6atHf
cV8zpIOXXKDfyfOC4VN6Y6rOZfdW3GIj9vVstgBDHYkIboNcoKWlXQaMNRc+n4g1
qBuINoRMErJhv/lXpG/KxWNQD1njhzJk5RyJfrwyrTh7JUIIuzRhadKScSFFI7o9
+RNVOxELO7m1CG2rem3JMmRl7PpDJ+iZDEUp5XaC4dmGjlG7SUtndYZDoL6Jalwy
O6TCUB5wP+0oHIQncf0sC2fnSnFX0Q0gMxRfCbK74dcOXMOWa/UV427LVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH8ojR3FsUMBGwEulJiu2em6fVDZMB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvZnlpTkhjV3hRd0ViQVM2VW1LN1o2YnA5VU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuSFsAwQA
wRgdAwQAwckoMA0EAgACMAcDBQAqDwCAMA0GCSqGSIb3DQEBCwUAA4IBAQCBDQRJ
KEQHVjNcGEk7ud3gfV9KjaNPOLPoqlr1AqrAJx2f7Ijgh7bMRmErVZy5jqYpnyIN
BCIqcjEiNazNCbhYIouMuas/dkPnIfwmSUhKdMK8tAV8h//cKMxx7DuG31000oyl
xFh1phepqvcbFwBQ56HEMSsz60R/Zm0ZWnFqbfCU7xjlKFlPFEm0iCvfz3iOq+ER
1WxvdY2OmwvdmbZFO8xu9ScJgcuzS6gET8n5BRiM7xnnp9v4X1aZqhWeqZ72s+i8
cTx7Tf9YIRm8r8Cs4qpQSzdXuB0lQJMN/0OPgdAOwYXeWg45b64Sx+x368J8hnWe
k89C13u9QeaN/4tH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org