Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/O7rxgaIOJmYLug-kBqFgcn9_3Hg.roa
File: O7rxgaIOJmYLug-kBqFgcn9_3Hg.roa (raw, json)
Hash identifier: FFXdBANkaIkLljnK5irWWAOsIhySPwPY0GS+aHX/fls=
Subject key identifier: 3B:BA:F1:81:A2:0E:26:66:0B:BA:0F:A4:06:A1:60:72:7F:7F:DC:78
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 01856C1CADDB6123250FCB15A70BE92522FC
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/O7rxgaIOJmYLug-kBqFgcn9_3Hg.roa
Signing time: Sun 01 Jan 2023 06:54:56 +0000
ROA not before: Sun 01 Jan 2023 06:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33965
IP address blocks: 193.72.56.0/25 maxlen: 25
193.72.52.0/24 maxlen: 24
193.72.64.0/24 maxlen: 28
193.72.60.0/24 maxlen: 24
193.72.36.0/24 maxlen: 24
193.72.32.0/24 maxlen: 24
193.72.40.0/24 maxlen: 24
193.72.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:ad:db:61:23:25:0f:cb:15:a7:0b:e9:25:22:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 06:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bbaf181a20e26660bba0fa406a160727f7fdc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:bc:b4:50:0f:25:49:39:93:90:97:08:2c:
2a:34:36:82:04:49:bd:df:e8:21:ba:c8:f6:46:ea:
c7:78:63:7e:f4:60:3e:1c:91:a4:ef:c7:9c:34:ac:
67:f5:ce:e5:10:74:5c:ac:67:47:20:63:fe:29:fc:
da:48:19:32:81:8b:f7:01:8b:03:70:74:1f:c3:4d:
24:0f:3f:50:f3:9f:33:b8:87:91:53:a0:22:bc:08:
cf:e3:c7:0d:82:96:50:48:c4:b0:08:c7:35:8b:01:
e6:75:5d:17:d0:60:d0:98:f0:0a:e0:32:79:e5:88:
a5:b6:a7:a8:b0:10:a5:6e:ec:28:42:b0:e5:16:cb:
a4:0f:1d:72:ad:7a:07:77:c7:0b:dc:17:74:d8:cb:
ef:db:61:60:50:ff:82:ca:b3:41:dc:b8:b8:bf:4c:
65:58:4c:92:d9:ed:bc:6e:3b:15:0d:0d:9f:10:d7:
df:f4:9f:d5:63:73:b9:02:bb:6e:52:f4:7d:08:a2:
e2:fe:0d:df:d2:d8:12:2a:7e:6d:29:4b:52:47:36:
6a:d4:cc:21:e2:4b:c1:d9:70:54:55:d7:c1:df:02:
4b:99:e9:9b:a4:a8:ae:b8:15:5c:b6:25:59:7a:e6:
25:ff:ad:73:d6:df:8c:50:5e:aa:81:bd:db:63:31:
80:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BA:F1:81:A2:0E:26:66:0B:BA:0F:A4:06:A1:60:72:7F:7F:DC:78
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/O7rxgaIOJmYLug-kBqFgcn9_3Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.72.32.0/24
193.72.36.0/24
193.72.40.0/24
193.72.48.0/24
193.72.52.0/24
193.72.56.0/25
193.72.60.0/24
193.72.64.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d9:84:8b:9c:d0:9f:9d:98:92:27:fc:a0:c2:26:e5:f6:e6:
83:eb:fa:f5:e8:92:2f:15:1c:a0:ed:64:af:7e:89:66:78:63:
2d:6f:14:77:8f:7b:c3:27:14:1d:c8:11:db:8a:29:01:23:e1:
66:27:a3:79:68:24:6e:d9:10:cc:8f:c4:22:96:56:ec:a7:bb:
9b:bd:cd:73:9b:e8:ea:be:98:3b:0d:b8:79:53:e6:43:96:05:
de:ca:ed:45:d7:55:c9:61:a1:04:19:c3:29:11:67:81:1a:8f:
f8:10:77:fe:3f:75:b3:f5:2f:8f:1f:a2:f5:52:a0:94:c5:c8:
25:d4:16:79:4a:22:aa:f7:5b:e7:66:01:af:2d:78:1c:e8:6c:
82:ec:3d:64:df:6b:c5:dc:e9:5a:4d:50:e3:f7:06:f8:03:94:
97:41:b7:dd:29:f8:38:97:62:0c:20:a0:71:1c:13:91:96:2c:
5d:92:8d:9a:7d:a6:d0:c3:59:db:7e:b3:9b:66:39:5b:06:fb:
70:26:68:60:5f:58:2c:fb:c1:a8:63:f9:a9:0d:7a:c5:76:1e:
9a:6e:6b:c7:f5:46:33:96:f0:41:a4:27:44:04:f7:2b:b8:25:
ec:c9:4b:6a:1f:fd:e7:aa:c6:a3:35:96:52:34:99:a6:fe:e8:
72:58:a3:f6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVsHK3bYSMlD8sVpwvpJSL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjMwMTAxMDY1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJhZjE4MWEyMGUyNjY2MGJiYTBmYTQwNmExNjA3MjdmN2ZkYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJe8tFAPJUk5k5CXCCwqNDaCBEm9
3+ghusj2RurHeGN+9GA+HJGk78ecNKxn9c7lEHRcrGdHIGP+KfzaSBkygYv3AYsD
cHQfw00kDz9Q858zuIeRU6AivAjP48cNgpZQSMSwCMc1iwHmdV0X0GDQmPAK4DJ5
5YiltqeosBClbuwoQrDlFsukDx1yrXoHd8cL3Bd02Mvv22FgUP+CyrNB3Li4v0xl
WEyS2e28bjsVDQ2fENff9J/VY3O5ArtuUvR9CKLi/g3f0tgSKn5tKUtSRzZq1Mwh
4kvB2XBUVdfB3wJLmembpKiuuBVctiVZeuYl/61z1t+MUF6qgb3bYzGAHwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDu68YGiDiZmC7oPpAahYHJ/f9x4MB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvTzdyeGdhSU9KbVlMdWcta0JxRmdjbjlfM0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAATAxAwQAwUggAwQA
wUgkAwQAwUgoAwQAwUgwAwQAwUg0AwUHwUg4AAMEAMFIPAMEAMFIQDANBgkqhkiG
9w0BAQsFAAOCAQEAINmEi5zQn52Ykif8oMIm5fbmg+v69eiSLxUcoO1kr36JZnhj
LW8Ud497wycUHcgR24opASPhZiejeWgkbtkQzI/EIpZW7Ke7m73Nc5vo6r6YOw24
eVPmQ5YF3srtRddVyWGhBBnDKRFngRqP+BB3/j91s/Uvjx+i9VKglMXIJdQWeUoi
qvdb52YBry14HOhsguw9ZN9rxdzpWk1Q4/cG+AOUl0G33Sn4OJdiDCCgcRwTkZYs
XZKNmn2m0MNZ236zm2Y5Wwb7cCZoYF9YLPvBqGP5qQ16xXYemm5rx/VGM5bwQaQn
RAT3K7gl7MlLah/956rGozWWUjSZpv7oclij9g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:04 2024 by rpki-client on console-ams.rpki-client.org