Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/O2MyxUbtTc0QeqZtEmz3k0-LMuk.roa
File: O2MyxUbtTc0QeqZtEmz3k0-LMuk.roa (raw, json)
Hash identifier: LZp+GMV8v9zZPLJADwCQXt0+HRMYfupVwHOo4YznL8c=
Subject key identifier: 3B:63:32:C5:46:ED:4D:CD:10:7A:A6:6D:12:6C:F7:93:4F:8B:32:E9
Certificate issuer: /CN=93b474d05571df3d44f63cca21b40b6e12c392d9
Certificate serial: 01856CAEFA8FB100CD1CF4A945706FB785E9
Authority key identifier: 93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/O2MyxUbtTc0QeqZtEmz3k0-LMuk.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20860
IP address blocks: 185.182.230.0/24 maxlen: 24
185.182.228.0/24 maxlen: 24
185.182.231.0/24 maxlen: 24
185.182.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fa:8f:b1:00:cd:1c:f4:a9:45:70:6f:b7:85:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b474d05571df3d44f63cca21b40b6e12c392d9
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b6332c546ed4dcd107aa66d126cf7934f8b32e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b9:b9:35:f1:34:b2:40:f8:ff:2c:c0:2c:3c:
45:5d:91:f3:10:94:67:6e:be:60:25:0a:09:9b:fe:
af:7e:f3:70:25:69:f1:40:2b:a9:38:8a:68:e3:47:
b6:12:f8:f7:68:9f:57:06:21:4f:9a:01:63:33:fa:
62:1e:45:24:2c:a7:10:bb:38:2f:d9:74:c2:de:c9:
df:11:f0:21:8d:38:cf:65:df:34:8a:10:88:91:d1:
35:19:6f:28:40:ef:84:00:25:5c:28:04:01:85:7a:
6c:28:12:fb:71:ce:1b:7b:d9:fb:04:39:9a:4e:57:
9c:53:07:cb:f3:17:ad:b2:4a:a2:c4:e0:6b:5b:ec:
84:50:06:a4:c0:34:c9:ff:d2:9d:df:0d:66:36:8b:
f2:2e:53:da:f9:16:ea:1e:7d:bf:fe:ce:98:9d:c3:
a4:40:2a:e3:c2:02:8b:19:ab:48:6d:ca:f8:99:08:
58:32:93:25:1f:44:1c:77:55:06:db:46:6d:b2:1c:
6b:67:dd:77:8d:9c:a6:ac:ef:08:6c:74:55:26:14:
db:0c:cd:8f:45:20:c0:2a:6a:bd:9b:fa:91:79:95:
88:05:56:b6:3f:c2:cc:94:09:e3:71:90:f5:0e:16:
f6:b6:7d:c5:2b:47:b5:29:fd:ad:e9:3c:7e:fa:56:
51:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:63:32:C5:46:ED:4D:CD:10:7A:A6:6D:12:6C:F7:93:4F:8B:32:E9
X509v3 Authority Key Identifier:
keyid:93:B4:74:D0:55:71:DF:3D:44:F6:3C:CA:21:B4:0B:6E:12:C3:92:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7R00FVx3z1E9jzKIbQLbhLDktk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/O2MyxUbtTc0QeqZtEmz3k0-LMuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/8da624-31c5-4509-bc5a-2049f6abfd9d/1/k7R00FVx3z1E9jzKIbQLbhLDktk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.228.0/22
Signature Algorithm: sha256WithRSAEncryption
33:f1:b0:11:59:73:c3:64:cb:60:d5:45:17:8b:f7:51:b9:72:
4d:8f:1d:70:94:13:e9:b7:a4:de:65:7e:f9:c7:6e:3b:91:b7:
92:83:25:6b:ad:af:97:80:ec:68:5e:21:c5:b4:9f:34:e3:3f:
46:a3:e6:15:a9:91:61:79:1f:f0:6b:c1:00:5b:ac:15:21:82:
dc:6c:9e:92:e8:14:4f:68:ea:ac:ba:2c:53:da:82:37:dc:57:
1f:a7:3a:91:5f:95:ed:67:76:4d:30:73:0e:bf:f5:0c:41:d9:
c3:b4:f5:a7:a3:5b:58:53:dc:96:f6:5b:b0:71:50:bf:08:0d:
40:2d:4a:a7:6c:e8:c9:85:e3:26:65:a7:04:08:a1:21:f6:f8:
e7:40:9a:f5:db:5b:e2:aa:c1:7e:a0:af:c4:bb:82:c6:1b:23:
74:c7:3b:c1:df:84:78:4a:2d:a5:eb:19:1b:dd:7d:78:ac:e8:
32:50:96:16:03:ae:05:2a:64:d9:4b:70:cf:8e:62:a0:4d:2b:
1d:84:59:63:41:67:df:60:77:a3:1b:62:cc:74:0e:28:24:b7:
90:6c:b6:65:96:3c:57:8e:56:6b:36:61:09:e6:4d:2e:f1:78:
68:62:77:18:03:34:7a:79:c9:3f:88:20:6b:13:6f:d6:e5:19:
66:f0:5b:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvqPsQDNHPSpRXBvt4XpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjQ3NGQwNTU3MWRmM2Q0NGY2M2NjYTIxYjQwYjZlMTJj
MzkyZDkwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYzMzJjNTQ2ZWQ0ZGNkMTA3YWE2NmQxMjZjZjc5MzRmOGIzMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLm5NfE0skD4/yzALDxFXZHzEJRn
br5gJQoJm/6vfvNwJWnxQCupOIpo40e2Evj3aJ9XBiFPmgFjM/piHkUkLKcQuzgv
2XTC3snfEfAhjTjPZd80ihCIkdE1GW8oQO+EACVcKAQBhXpsKBL7cc4be9n7BDma
TlecUwfL8xetskqixOBrW+yEUAakwDTJ/9Kd3w1mNovyLlPa+RbqHn2//s6YncOk
QCrjwgKLGatIbcr4mQhYMpMlH0Qcd1UG20ZtshxrZ913jZymrO8IbHRVJhTbDM2P
RSDAKmq9m/qReZWIBVa2P8LMlAnjcZD1Dhb2tn3FK0e1Kf2t6Tx++lZRrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtjMsVG7U3NEHqmbRJs95NPizLpMB8GA1UdIwQY
MBaAFJO0dNBVcd89RPY8yiG0C24Sw5LZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdSMDBGVngzejFFOWp6S0liUUxiaExEa3RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84ZGE2MjQtMzFjNS00NTA5LWJjNWEt
MjA0OWY2YWJmZDlkLzEvTzJNeXhVYnRUYzBRZXFadEVtejNrMC1MTXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84ZGE2MjQtMzFjNS00NTA5LWJjNWEtMjA0OWY2YWJmZDlk
LzEvazdSMDBGVngzejFFOWp6S0liUUxiaExEa3RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubbkMA0G
CSqGSIb3DQEBCwUAA4IBAQAz8bARWXPDZMtg1UUXi/dRuXJNjx1wlBPpt6TeZX75
x247kbeSgyVrra+XgOxoXiHFtJ804z9Go+YVqZFheR/wa8EAW6wVIYLcbJ6S6BRP
aOqsuixT2oI33FcfpzqRX5XtZ3ZNMHMOv/UMQdnDtPWno1tYU9yW9luwcVC/CA1A
LUqnbOjJheMmZacECKEh9vjnQJr121viqsF+oK/Eu4LGGyN0xzvB34R4Si2l6xkb
3X14rOgyUJYWA64FKmTZS3DPjmKgTSsdhFljQWffYHejG2LMdA4oJLeQbLZlljxX
jlZrNmEJ5k0u8XhoYncYAzR6eck/iCBrE2/W5Rlm8Fv4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:04 2024 by rpki-client on console-ams.rpki-client.org