Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/O8FBKvAz_PN0V7yUFKrMsIcWwX0.roa
File: O8FBKvAz_PN0V7yUFKrMsIcWwX0.roa (raw, json)
Hash identifier: PUa13xpsCsxeluA1shIt+0MxziUgO22Z9cTQdlfNkds=
Subject key identifier: 3B:C1:41:2A:F0:33:FC:F3:74:57:BC:94:14:AA:CC:B0:87:16:C1:7D
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 0186C1CEFC5C42EEA1E3FC445E6E8030FD9B
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/O8FBKvAz_PN0V7yUFKrMsIcWwX0.roa
Signing time: Wed 08 Mar 2023 15:20:13 +0000
ROA not before: Wed 08 Mar 2023 15:20:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 91.209.234.0/24 maxlen: 24
185.193.68.0/22 maxlen: 24
185.251.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:ce:fc:5c:42:ee:a1:e3:fc:44:5e:6e:80:30:fd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Mar 8 15:20:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc1412af033fcf37457bc9414aaccb08716c17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b2:44:2a:48:ba:73:3e:bb:d1:f4:74:5d:d5:
be:eb:0c:20:7f:4f:a8:a3:04:87:1c:f0:cb:8b:b5:
87:e3:55:b0:8a:e5:ff:be:c9:59:e5:02:4f:db:f2:
14:73:bc:25:ce:71:ad:f2:d7:e5:42:68:65:e1:bd:
ca:16:d2:00:56:62:51:63:64:26:93:6f:03:24:83:
71:82:67:25:2d:d9:14:e4:c8:d2:97:71:43:61:25:
33:e7:2f:cc:f5:ef:77:8a:27:31:1a:c8:0d:76:10:
68:53:24:4e:59:92:8d:db:46:83:1d:a5:83:c2:78:
6a:d5:40:f7:aa:40:f7:ef:18:65:11:d0:29:57:55:
8c:8a:57:ca:84:aa:c1:16:17:46:1f:d9:70:e2:d1:
67:e6:72:c1:e0:df:bd:4f:4e:e2:a9:d7:16:51:3d:
69:ed:12:60:3d:b6:53:58:6b:8f:23:c9:ec:e4:a6:
a1:19:61:75:ac:1a:53:5a:4c:b9:05:31:ae:1d:86:
c4:bf:c6:4d:da:40:cc:3e:15:03:f4:a3:53:a2:27:
cb:ee:ed:f6:e4:60:01:c3:fe:ff:3c:03:db:f5:c5:
bc:91:ef:2c:99:69:ab:61:96:0b:34:54:2a:45:83:
47:ea:d5:14:48:d8:e8:37:c5:4e:6b:03:75:d2:58:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C1:41:2A:F0:33:FC:F3:74:57:BC:94:14:AA:CC:B0:87:16:C1:7D
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/O8FBKvAz_PN0V7yUFKrMsIcWwX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.234.0/24
185.193.68.0/22
185.251.13.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2c:2f:de:08:10:8c:5e:16:21:aa:37:f6:f4:83:f7:36:2f:
f2:28:47:17:bb:fc:2e:d2:9a:64:e1:74:a9:f6:47:19:9c:e8:
07:2d:be:45:4f:cb:4c:63:bc:52:fe:34:c4:10:5b:2c:9d:64:
74:66:0a:39:32:f3:0d:d3:1e:5a:64:de:bc:62:ac:0e:79:53:
89:c0:78:26:04:6e:76:43:e4:81:24:e7:5d:38:74:89:d5:5a:
b7:cc:46:d2:60:94:90:b3:eb:7a:7b:8d:99:45:0f:7e:d6:8c:
ff:87:65:f2:f7:ab:c5:12:b0:ac:38:a9:b2:3c:73:de:ce:f9:
8e:fb:e0:d5:76:1b:7a:8f:0f:ef:6e:5b:62:4e:f2:f8:7b:f3:
2a:12:1a:68:2e:d9:0f:69:6f:e6:d3:db:e3:3b:d2:a4:a8:a1:
72:d0:ca:1b:cd:fa:ca:a0:88:00:4b:5f:8a:37:8d:a8:9e:2d:
3b:34:d8:74:9c:70:55:84:26:47:f6:ce:99:fd:2c:16:6a:6a:
42:00:8f:b9:5c:5c:78:6b:b5:6b:f1:90:49:43:0b:61:93:b3:
b3:d4:42:6d:08:28:0f:16:e0:5a:c7:fd:73:2d:37:99:71:0f:
e0:17:69:6c:5c:6d:56:a9:47:d9:a9:56:d3:5f:c5:d0:7d:78:
c2:1f:3e:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbBzvxcQu6h4/xEXm6AMP2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjMwMzA4MTUyMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMxNDEyYWYwMzNmY2YzNzQ1N2JjOTQxNGFhY2NiMDg3MTZjMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7JEKki6cz670fR0XdW+6wwgf0+o
owSHHPDLi7WH41WwiuX/vslZ5QJP2/IUc7wlznGt8tflQmhl4b3KFtIAVmJRY2Qm
k28DJINxgmclLdkU5MjSl3FDYSUz5y/M9e93iicxGsgNdhBoUyROWZKN20aDHaWD
wnhq1UD3qkD37xhlEdApV1WMilfKhKrBFhdGH9lw4tFn5nLB4N+9T07iqdcWUT1p
7RJgPbZTWGuPI8ns5KahGWF1rBpTWky5BTGuHYbEv8ZN2kDMPhUD9KNToifL7u32
5GABw/7/PAPb9cW8ke8smWmrYZYLNFQqRYNH6tUUSNjoN8VOawN10ljDEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDvBQSrwM/zzdFe8lBSqzLCHFsF9MB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvTzhGQkt2QXpfUE4wVjd5VUZLck1zSWNXd1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9HqAwQC
ucFEAwQAufsNMA0GCSqGSIb3DQEBCwUAA4IBAQBHLC/eCBCMXhYhqjf29IP3Ni/y
KEcXu/wu0ppk4XSp9kcZnOgHLb5FT8tMY7xS/jTEEFssnWR0Zgo5MvMN0x5aZN68
YqwOeVOJwHgmBG52Q+SBJOddOHSJ1Vq3zEbSYJSQs+t6e42ZRQ9+1oz/h2Xy96vF
ErCsOKmyPHPezvmO++DVdht6jw/vbltiTvL4e/MqEhpoLtkPaW/m09vjO9KkqKFy
0MobzfrKoIgAS1+KN42oni07NNh0nHBVhCZH9s6Z/SwWampCAI+5XFx4a7Vr8ZBJ
Qwthk7Oz1EJtCCgPFuBax/1zLTeZcQ/gF2lsXG1WqUfZqVbTX8XQfXjCHz6F
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:20 2024 by rpki-client on console-fra.rpki-client.org