Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa
File: coO3yJ-7XOpnS7dwT-tcSariPRU.roa (raw, json)
Hash identifier: iYBrtYk5j4wzuEIgL/QyEsv+r3DRoPGJYP84FQg98Ts=
Subject key identifier: 72:83:B7:C8:9F:BB:5C:EA:67:4B:B7:70:4F:EB:5C:49:AA:E2:3D:15
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 01856E8B2419CAD661C69D89E520ED8C4476
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa
Signing time: Sun 01 Jan 2023 18:14:50 +0000
ROA not before: Sun 01 Jan 2023 18:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206617
IP address blocks: 188.241.251.0/24 maxlen: 24
195.2.218.0/23 maxlen: 23
193.178.224.0/23 maxlen: 23
185.18.24.0/22 maxlen: 24
31.14.184.0/21 maxlen: 22
188.213.16.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
93.114.170.0/24 maxlen: 24
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.167.52.0/22 maxlen: 22
89.40.234.0/23 maxlen: 23
89.32.152.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:24:19:ca:d6:61:c6:9d:89:e5:20:ed:8c:44:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Jan 1 18:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7283b7c89fbb5cea674bb7704feb5c49aae23d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:f2:43:08:5f:6e:c7:e1:12:05:04:77:30:
9a:07:48:04:e9:6c:34:0f:22:ad:8a:1c:6f:87:f6:
f0:cf:65:6c:b3:10:f6:45:2a:65:42:96:9c:b2:0e:
fb:b3:3c:32:48:7a:bf:08:74:c8:87:8d:9b:5b:39:
5d:c6:d3:fe:8b:aa:5b:9a:e7:10:05:d9:bf:06:b9:
e6:37:73:13:f1:8d:58:1e:13:6c:3a:b1:27:08:cc:
bc:08:34:0a:61:49:3a:08:63:d8:42:cb:82:b6:4e:
16:e4:80:5c:6a:d3:44:b8:c0:4d:64:21:df:88:ca:
b2:5f:bb:47:8a:67:fa:55:a9:14:82:48:9a:e3:43:
92:78:26:bf:09:83:02:5f:80:d8:99:28:9e:20:18:
af:80:b5:5e:26:9d:50:a6:a2:5f:4e:de:71:47:36:
1e:68:16:99:cc:58:68:2a:68:08:d6:81:6d:19:03:
38:e1:ca:84:a8:ac:1b:21:bb:4e:b6:7b:a4:47:91:
c4:00:51:ac:92:d9:f3:51:a9:5c:3d:4f:2e:0b:c3:
5e:3b:4d:0d:56:03:11:42:6e:54:95:66:5a:21:63:
bb:b4:d9:44:b4:2a:8d:30:50:9f:b1:d0:04:a4:87:
0b:1c:47:93:cd:59:35:d8:4e:38:8d:81:f1:83:92:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:83:B7:C8:9F:BB:5C:EA:67:4B:B7:70:4F:EB:5C:49:AA:E2:3D:15
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/coO3yJ-7XOpnS7dwT-tcSariPRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
3a:17:37:d5:66:0b:17:f6:45:41:f9:75:40:58:cc:ac:55:52:
67:31:c4:c7:b4:8d:86:e7:25:09:f5:f1:2b:69:91:3e:63:fc:
24:76:5f:de:c3:d1:5e:98:7a:1d:99:0d:06:f5:5b:fa:86:ce:
c3:51:5a:8d:c2:a2:f4:c2:36:f1:ed:85:6c:0f:98:33:4c:c7:
c0:b7:9d:43:2f:bb:2a:12:d4:04:2b:0b:5f:84:0e:f3:1e:1e:
8d:83:ad:65:b1:13:30:32:fd:44:5d:5c:e5:48:a1:38:4c:1f:
ae:07:63:26:38:f6:17:c8:8a:51:9c:ad:74:13:7e:cb:c0:4f:
8b:3c:6f:76:52:05:6b:a8:88:61:72:64:8d:18:5b:5d:1d:3b:
91:87:04:de:5c:8e:f5:69:5d:df:46:f0:29:f3:38:cb:f1:06:
a5:48:5e:7e:5f:50:1c:32:9b:64:bf:66:68:a6:87:c1:8a:19:
fa:f8:fb:c1:57:1c:71:36:27:b6:bf:b5:70:01:0c:24:af:dc:
3a:44:74:f0:45:4e:55:3b:a9:40:a8:db:09:1d:e6:e3:6c:b6:
68:ed:ca:42:2f:f4:07:d2:d5:3e:97:c0:dd:6d:ba:de:b2:be:
cf:a2:a3:a0:6e:93:40:10:42:20:c5:f2:40:40:68:3b:c4:21:
c4:bb:c0:48
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVuiyQZytZhxp2J5SDtjER2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjMwMTAxMTgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgzYjdjODlmYmI1Y2VhNjc0YmI3NzA0ZmViNWM0OWFhZTIzZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ryQwhfbsfhEgUEdzCaB0gE6Ww0
DyKtihxvh/bwz2VssxD2RSplQpacsg77szwySHq/CHTIh42bWzldxtP+i6pbmucQ
Bdm/BrnmN3MT8Y1YHhNsOrEnCMy8CDQKYUk6CGPYQsuCtk4W5IBcatNEuMBNZCHf
iMqyX7tHimf6VakUgkia40OSeCa/CYMCX4DYmSieIBivgLVeJp1QpqJfTt5xRzYe
aBaZzFhoKmgI1oFtGQM44cqEqKwbIbtOtnukR5HEAFGsktnzUalcPU8uC8NeO00N
VgMRQm5UlWZaIWO7tNlEtCqNMFCfsdAEpIcLHEeTzVk12E44jYHxg5IW6QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFHKDt8ifu1zqZ0u3cE/rXEmq4j0VMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvY29PM3lKLTdYT3BuUzdkd1QtdGNTYXJpUFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAOhc31WYLF/ZFQfl1QFjM
rFVSZzHEx7SNhuclCfXxK2mRPmP8JHZf3sPRXph6HZkNBvVb+obOw1FajcKi9MI2
8e2FbA+YM0zHwLedQy+7KhLUBCsLX4QO8x4ejYOtZbETMDL9RF1c5UihOEwfrgdj
Jjj2F8iKUZytdBN+y8BPizxvdlIFa6iIYXJkjRhbXR07kYcE3lyO9Wld30bwKfM4
y/EGpUhefl9QHDKbZL9maKaHwYoZ+vj7wVcccTYntr+1cAEMJK/cOkR08EVOVTup
QKjbCR3m42y2aO3KQi/0B9LVPpfA3W263rK+z6KjoG6TQBBCIMXyQEBoO8QhxLvA
SA==
-----END CERTIFICATE-----
Generated at Thu Aug 24 10:08:14 2023 by rpki-client on console-ams.rpki-client.org