Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/OY2y7s2j5qRA3mSuCdyx80yIgbk.roa
File: OY2y7s2j5qRA3mSuCdyx80yIgbk.roa (raw, json)
Hash identifier: NXOox2/e/3jbXTFxe4euXDfWprlIiClTcS+JbZu+drM=
Subject key identifier: 39:8D:B2:EE:CD:A3:E6:A4:40:DE:64:AE:09:DC:B1:F3:4C:88:81:B9
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018A5F8BAF3E9AAE5ADBAB98DE65614EF750
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/OY2y7s2j5qRA3mSuCdyx80yIgbk.roa
Signing time: Mon 04 Sep 2023 09:35:04 +0000
ROA not before: Mon 04 Sep 2023 09:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39238
IP address blocks: 193.109.217.0/24 maxlen: 24
45.153.72.0/23 maxlen: 23
185.183.160.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:8b:af:3e:9a:ae:5a:db:ab:98:de:65:61:4e:f7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Sep 4 09:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=398db2eecda3e6a440de64ae09dcb1f34c8881b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a0:0e:6e:e6:a5:ba:78:fc:fa:5d:11:1e:60:
ef:10:fd:df:1a:d9:9a:77:52:19:e4:c6:ac:bc:fb:
8e:d7:d9:37:7d:85:7e:1d:f8:ca:fb:ed:be:82:dc:
3f:b4:19:80:88:f1:d7:b6:87:4e:07:8b:d3:58:b7:
08:7d:4e:30:f0:f8:ba:a0:75:5c:56:85:71:22:0f:
44:fd:99:26:d9:61:6c:a7:3f:c6:15:99:39:16:b4:
d7:27:b6:4e:59:a4:4d:d6:21:a8:d2:c6:a3:c9:3a:
5b:c4:80:46:db:fd:b5:39:d8:6c:1b:30:8a:65:ff:
d6:d3:85:fe:4d:d4:a3:d3:12:6f:ff:19:c3:4a:1f:
81:74:50:c7:6c:c8:0f:16:52:0a:5b:87:00:a6:b4:
b9:69:fe:ab:96:34:af:0d:b1:d1:e2:4c:41:f6:6a:
0d:3b:a6:a9:35:30:40:c0:49:ce:01:6e:f2:db:09:
63:d4:93:dd:02:8b:4d:83:5d:99:5d:76:d8:52:a8:
14:28:c8:0a:03:5e:71:c5:09:ed:f3:21:b0:41:9c:
b2:5a:3d:9d:53:c4:84:13:9a:4e:40:2b:2e:65:c7:
17:8d:f4:db:9b:84:bf:4f:ed:18:b7:fb:aa:3e:08:
0d:48:37:52:6e:5a:79:21:53:5b:3f:7c:0d:36:11:
07:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8D:B2:EE:CD:A3:E6:A4:40:DE:64:AE:09:DC:B1:F3:4C:88:81:B9
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/OY2y7s2j5qRA3mSuCdyx80yIgbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.72.0/23
185.183.160.0/22
193.109.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:94:61:3d:d7:72:d2:2e:8c:b9:28:71:b5:71:b4:1f:3a:f5:
d7:1c:24:6c:4f:a0:dd:68:68:e9:64:d0:4b:57:46:86:8f:dd:
fe:28:66:40:29:fa:fa:b7:b6:1a:e1:3a:1b:a1:ff:3a:42:3f:
35:46:21:6f:be:f6:36:c2:35:30:cd:5f:ca:fc:1b:3a:01:8e:
79:87:bf:8a:c6:5a:e4:7d:19:45:f3:29:75:d5:cb:fd:1b:42:
d9:bf:3e:0f:21:99:4e:de:7c:b2:90:42:c3:87:12:b5:c0:d1:
c4:74:87:ce:1a:57:4f:95:31:44:6f:a1:5a:43:61:db:f5:77:
4c:79:7f:97:0d:6f:8f:a5:c9:cb:3f:e7:8b:89:a2:39:f1:d9:
3a:d3:45:31:56:a2:75:7d:1b:98:6f:df:41:64:cd:d7:2c:9c:
81:10:40:b3:c1:c0:39:f0:2f:dd:0b:54:bd:0e:fc:94:1b:3f:
f6:ec:0b:29:43:8a:82:07:e2:63:23:6b:f0:f5:3d:38:1a:6f:
3e:43:28:e1:4b:81:6b:51:7c:c8:15:b2:c6:0c:49:1e:36:4f:
1d:6a:fc:11:63:38:5f:f5:46:ea:4c:36:e3:00:42:6a:e3:39:
e5:c9:08:78:e9:1b:2d:9e:2d:c9:04:a1:a1:bd:85:ce:d0:de:
f9:c9:76:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpfi68+mq5a26uY3mVhTvdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwOTA0MDkzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThkYjJlZWNkYTNlNmE0NDBkZTY0YWUwOWRjYjFmMzRjODg4MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKAObualunj8+l0RHmDvEP3fGtma
d1IZ5MasvPuO19k3fYV+HfjK++2+gtw/tBmAiPHXtodOB4vTWLcIfU4w8Pi6oHVc
VoVxIg9E/Zkm2WFspz/GFZk5FrTXJ7ZOWaRN1iGo0sajyTpbxIBG2/21OdhsGzCK
Zf/W04X+TdSj0xJv/xnDSh+BdFDHbMgPFlIKW4cAprS5af6rljSvDbHR4kxB9moN
O6apNTBAwEnOAW7y2wlj1JPdAotNg12ZXXbYUqgUKMgKA15xxQnt8yGwQZyyWj2d
U8SEE5pOQCsuZccXjfTbm4S/T+0Yt/uqPggNSDdSblp5IVNbP3wNNhEH1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDmNsu7No+akQN5krgncsfNMiIG5MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvT1kyeTdzMmo1cVJBM21TdUNkeXg4MHlJZ2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZlIAwQC
ubegAwQAwW3ZMA0GCSqGSIb3DQEBCwUAA4IBAQArlGE913LSLoy5KHG1cbQfOvXX
HCRsT6DdaGjpZNBLV0aGj93+KGZAKfr6t7Ya4Tobof86Qj81RiFvvvY2wjUwzV/K
/Bs6AY55h7+KxlrkfRlF8yl11cv9G0LZvz4PIZlO3nyykELDhxK1wNHEdIfOGldP
lTFEb6FaQ2Hb9XdMeX+XDW+PpcnLP+eLiaI58dk600UxVqJ1fRuYb99BZM3XLJyB
EECzwcA58C/dC1S9DvyUGz/27AspQ4qCB+JjI2vw9T04Gm8+QyjhS4FrUXzIFbLG
DEkeNk8davwRYzhf9UbqTDbjAEJq4znlyQh46Rstni3JBKGhvYXO0N75yXYP
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:42 2024 by rpki-client on console-fra.rpki-client.org