Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/o3xqDoZIyVDwJRCSOBoMmgmO4SM.roa
File: o3xqDoZIyVDwJRCSOBoMmgmO4SM.roa (raw, json)
Hash identifier: nz7sDs2W4/uCQQwNdSpEj6nwyVBtvZ6Y7q90T/WoqwI=
Subject key identifier: A3:7C:6A:0E:86:48:C9:50:F0:25:10:92:38:1A:0C:9A:09:8E:E1:23
Certificate issuer: /CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Certificate serial: 01856BC12C62DD4DAE2FEFA1037595DA8183
Authority key identifier: 9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/o3xqDoZIyVDwJRCSOBoMmgmO4SM.roa
Signing time: Sun 01 Jan 2023 05:14:59 +0000
ROA not before: Sun 01 Jan 2023 05:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43940
IP address blocks: 62.4.32.0/19 maxlen: 19
109.72.96.0/20 maxlen: 20
213.133.0.0/19 maxlen: 19
185.64.0.0/22 maxlen: 22
185.179.92.0/22 maxlen: 22
2a03:7a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:2c:62:dd:4d:ae:2f:ef:a1:03:75:95:da:81:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bbc4239c9cb981f19a495e633d3bec889fcbe89
Validity
Not Before: Jan 1 05:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a37c6a0e8648c950f0251092381a0c9a098ee123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2c:e6:53:7f:6f:68:d1:90:0f:f7:2e:40:bc:
d8:0f:7c:3e:b4:ad:09:46:85:33:96:6e:e6:29:d6:
c4:c5:94:28:95:6f:ed:86:26:08:19:59:f1:a6:e4:
ab:e5:a2:d1:ba:9a:bc:d5:ea:62:cb:20:53:e0:8d:
6c:d5:43:94:e7:01:d3:58:a5:bc:7b:a1:8b:81:7e:
b5:9d:78:a4:2a:73:6c:e6:5d:f1:d3:0f:0e:b5:7c:
4c:2d:87:74:5a:04:8a:c6:ab:de:29:f6:fd:36:9a:
82:0c:1f:f9:8a:23:60:41:f3:3f:52:2a:3b:a6:8b:
14:dd:38:9d:13:53:20:7c:a9:5d:09:19:c5:91:08:
a7:94:5b:a8:2b:5b:f0:9b:fb:f7:c9:b2:c9:05:95:
62:a9:6d:6a:5d:fd:dd:80:a6:fa:35:12:c7:c9:67:
93:21:da:37:b6:86:10:b0:da:65:7d:de:00:17:e1:
21:f2:c3:e3:ac:80:cd:f1:d4:a6:ca:24:e5:1f:50:
18:47:db:5c:e2:db:a6:83:8b:3e:97:d9:1b:60:c4:
88:47:f3:14:03:ee:75:01:27:95:d0:20:b5:49:0b:
c6:2a:ba:61:b1:65:9f:39:02:97:cd:6b:b4:ee:fe:
59:f7:d6:7d:1e:6b:61:7b:c7:71:55:0d:40:ec:1c:
7a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7C:6A:0E:86:48:C9:50:F0:25:10:92:38:1A:0C:9A:09:8E:E1:23
X509v3 Authority Key Identifier:
keyid:9B:BC:42:39:C9:CB:98:1F:19:A4:95:E6:33:D3:BE:C8:89:FC:BE:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7xCOcnLmB8ZpJXmM9O-yIn8vok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/o3xqDoZIyVDwJRCSOBoMmgmO4SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c84a4d-9e57-4756-bdbb-01aa056b1f6f/1/m7xCOcnLmB8ZpJXmM9O-yIn8vok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.32.0/19
109.72.96.0/20
185.64.0.0/22
185.179.92.0/22
213.133.0.0/19
IPv6:
2a03:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
83:87:c0:e0:c5:1d:55:ef:cb:3d:90:de:c1:d3:f7:c6:ab:30:
0b:0b:f9:76:a4:12:72:3b:4d:d9:ab:ce:8f:52:05:47:9f:30:
4e:18:6e:c7:42:77:91:90:88:be:d4:f2:1c:27:0b:dc:80:5b:
35:b5:84:8b:f9:b9:16:71:b9:4c:d7:88:ff:cd:1a:58:5d:fe:
be:60:48:a9:f9:48:64:c3:58:8e:46:34:d4:a4:73:98:81:43:
b4:6a:4d:34:df:e1:97:14:c6:d8:39:e0:c5:f9:39:e9:80:96:
79:23:c4:0c:e8:0d:78:94:6b:75:cf:10:ee:ac:26:c8:ac:aa:
12:6e:bc:ea:a2:4b:16:24:fd:42:5d:31:e0:06:fb:6d:5c:2b:
24:b3:bc:65:6c:b7:7c:72:55:91:46:9a:74:af:95:ff:fe:68:
7d:67:52:53:d0:25:17:65:67:3f:d0:78:44:05:93:12:7b:19:
3e:0d:3f:f4:0b:24:11:81:91:5f:8f:bc:e7:9d:8f:ce:d0:a2:
7b:47:27:a3:7b:be:ef:f3:0c:72:1b:42:38:9f:e4:46:a9:a8:
79:3d:db:69:77:3b:0b:7e:52:dc:a8:fb:76:50:3f:9d:dd:b9:
29:cc:70:08:be:60:d8:c4:8d:a6:96:3f:19:14:9f:b7:01:7b:
46:04:d9:d0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVrwSxi3U2uL++hA3WV2oGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYmM0MjM5YzljYjk4MWYxOWE0OTVlNjMzZDNiZWM4ODlm
Y2JlODkwHhcNMjMwMTAxMDUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdjNmEwZTg2NDhjOTUwZjAyNTEwOTIzODFhMGM5YTA5OGVlMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSzmU39vaNGQD/cuQLzYD3w+tK0J
RoUzlm7mKdbExZQolW/thiYIGVnxpuSr5aLRupq81epiyyBT4I1s1UOU5wHTWKW8
e6GLgX61nXikKnNs5l3x0w8OtXxMLYd0WgSKxqveKfb9NpqCDB/5iiNgQfM/Uio7
posU3TidE1MgfKldCRnFkQinlFuoK1vwm/v3ybLJBZViqW1qXf3dgKb6NRLHyWeT
Ido3toYQsNplfd4AF+Eh8sPjrIDN8dSmyiTlH1AYR9tc4tumg4s+l9kbYMSIR/MU
A+51ASeV0CC1SQvGKrphsWWfOQKXzWu07v5Z99Z9Hmthe8dxVQ1A7Bx6YwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKN8ag6GSMlQ8CUQkjgaDJoJjuEjMB8GA1UdIwQY
MBaAFJu8QjnJy5gfGaSV5jPTvsiJ/L6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmIt
MDFhYTA1NmIxZjZmLzEvbzN4cURvWkl5VkR3SlJDU09Cb01tZ21PNFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jODRhNGQtOWU1Ny00NzU2LWJkYmItMDFhYTA1NmIxZjZm
LzEvbTd4Q09jbkxtQjhacEpYbU05Ty15SW44dm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPgQgAwQE
bUhgAwQCuUAAAwQCubNcAwQF1YUAMA0EAgACMAcDBQMqAwegMA0GCSqGSIb3DQEB
CwUAA4IBAQCDh8DgxR1V78s9kN7B0/fGqzALC/l2pBJyO03Zq86PUgVHnzBOGG7H
QneRkIi+1PIcJwvcgFs1tYSL+bkWcblM14j/zRpYXf6+YEip+Uhkw1iORjTUpHOY
gUO0ak003+GXFMbYOeDF+TnpgJZ5I8QM6A14lGt1zxDurCbIrKoSbrzqoksWJP1C
XTHgBvttXCsks7xlbLd8clWRRpp0r5X//mh9Z1JT0CUXZWc/0HhEBZMSexk+DT/0
CyQRgZFfj7znnY/O0KJ7Ryeje77v8wxyG0I4n+RGqah5PdtpdzsLflLcqPt2UD+d
3bkpzHAIvmDYxI2mlj8ZFJ+3AXtGBNnQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org