Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/3OVs7_EWZvAsAFH3ew3rWI6khUk.roa
File: 3OVs7_EWZvAsAFH3ew3rWI6khUk.roa (raw, json)
Hash identifier: gEV2nN4/h57EntTnzihnmgzGEsiT7RTX9FTEalDZa8I=
Subject key identifier: DC:E5:6C:EF:F1:16:66:F0:2C:00:51:F7:7B:0D:EB:58:8E:A4:85:49
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 018572DED6663A3F7EF6A89B65163901369C
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/3OVs7_EWZvAsAFH3ew3rWI6khUk.roa
Signing time: Mon 02 Jan 2023 14:24:44 +0000
ROA not before: Mon 02 Jan 2023 14:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28918
IP address blocks: 188.95.0.0/21 maxlen: 24
194.59.172.0/22 maxlen: 24
185.55.232.0/22 maxlen: 24
194.147.133.0/24 maxlen: 24
193.28.96.0/21 maxlen: 24
2a00:b400::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:d6:66:3a:3f:7e:f6:a8:9b:65:16:39:01:36:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 2 14:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce56ceff11666f02c0051f77b0deb588ea48549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a8:f5:d3:13:99:76:cd:82:1c:89:08:3d:c9:
87:ce:7e:7a:e3:9c:04:fd:3f:85:b9:55:ed:59:1d:
a2:e6:cd:07:d9:60:24:b7:2d:0a:f0:fb:1c:17:92:
44:57:59:9f:7a:ac:73:42:ec:7f:28:58:a4:3e:ef:
bf:37:fd:2f:7c:a3:0f:8d:4c:a5:83:b0:5a:87:21:
18:a3:c2:33:70:1f:44:9d:50:95:f1:f5:34:ed:42:
56:7b:ef:61:7a:f0:42:9c:68:79:af:07:7d:b8:b4:
98:91:67:cd:14:a0:2d:fa:07:ec:27:26:8f:3d:e0:
7d:23:03:ac:f7:b5:0d:0f:63:53:db:89:b8:f0:aa:
db:d1:60:89:ad:ea:26:a4:3d:6c:d8:22:9f:4d:42:
97:34:c0:4d:ad:a4:21:ee:5e:d7:7c:8a:4c:c6:98:
34:d9:13:f0:d5:6c:76:34:b9:d1:2f:16:af:14:d9:
0d:92:a4:74:dd:74:82:c1:4a:8d:9c:59:c8:81:06:
32:ad:c1:a4:b3:fd:b3:7a:06:73:5c:69:27:38:67:
2a:23:a4:b9:15:47:dd:f4:0b:23:45:33:26:cf:63:
4f:d8:c8:81:0e:62:d2:78:b5:a7:e1:e2:fb:51:48:
13:af:b5:1c:d2:81:02:dd:a5:45:e2:5f:5f:f9:0d:
83:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E5:6C:EF:F1:16:66:F0:2C:00:51:F7:7B:0D:EB:58:8E:A4:85:49
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/3OVs7_EWZvAsAFH3ew3rWI6khUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.232.0/22
188.95.0.0/21
193.28.96.0/21
194.59.172.0/22
194.147.133.0/24
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
23:52:5c:da:d1:27:85:cf:50:a6:04:c7:bc:6e:b2:af:4d:6e:
80:dc:51:8e:ff:1a:a7:a5:13:a1:ab:e0:65:d3:f9:af:8e:2c:
ce:77:dc:2e:ce:61:8d:8e:4c:67:d6:2e:ea:a7:53:c1:b7:1a:
06:aa:cb:0d:bd:fa:c1:05:74:7f:70:cb:d2:cc:99:30:c4:a2:
f0:4b:42:be:c6:45:ce:d9:93:d2:5e:7c:20:82:d4:b5:00:10:
73:d8:eb:57:9e:38:3a:8b:46:d7:31:c9:15:3b:69:eb:0f:1b:
d9:f4:7d:3a:f7:15:e6:cf:27:27:65:5a:87:75:8a:df:70:87:
fe:94:52:af:76:4c:5f:2f:97:ba:be:25:87:d9:cb:b3:80:38:
e7:5d:d3:dc:ce:e5:bd:dd:18:dd:97:0d:5c:db:0d:1d:86:22:
f2:30:df:98:9e:1f:52:86:4a:04:33:ee:0e:c6:44:b1:35:3f:
f6:2b:f4:cf:54:73:67:8c:4d:4f:c9:a9:5b:24:87:c9:af:7d:
25:b2:3c:49:0b:1b:0c:7a:c3:03:00:b7:12:7f:f9:24:b3:cb:
e2:1a:ec:1e:bc:f5:c4:25:8f:c1:4d:a6:b4:bc:72:66:8f:9a:
7b:99:71:4e:c0:cc:99:1b:6b:be:9f:b7:a8:e4:35:d0:6d:36:
0d:e7:9c:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVy3tZmOj9+9qibZRY5ATacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjMwMTAyMTQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U1NmNlZmYxMTY2NmYwMmMwMDUxZjc3YjBkZWI1ODhlYTQ4NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqj10xOZds2CHIkIPcmHzn5645wE
/T+FuVXtWR2i5s0H2WAkty0K8PscF5JEV1mfeqxzQux/KFikPu+/N/0vfKMPjUyl
g7BahyEYo8IzcB9EnVCV8fU07UJWe+9hevBCnGh5rwd9uLSYkWfNFKAt+gfsJyaP
PeB9IwOs97UND2NT24m48Krb0WCJreompD1s2CKfTUKXNMBNraQh7l7XfIpMxpg0
2RPw1Wx2NLnRLxavFNkNkqR03XSCwUqNnFnIgQYyrcGks/2zegZzXGknOGcqI6S5
FUfd9AsjRTMmz2NP2MiBDmLSeLWn4eL7UUgTr7Uc0oEC3aVF4l9f+Q2DVwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNzlbO/xFmbwLABR93sN61iOpIVJMB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvM09WczdfRVdadkFzQUZIM2V3M3JXSTZraFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuTfoAwQD
vF8AAwQDwRxgAwQCwjusAwQAwpOFMA0EAgACMAcDBQMqALQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjUlza0SeFz1CmBMe8brKvTW6A3FGO/xqnpROhq+Bl0/mvjizOd9wu
zmGNjkxn1i7qp1PBtxoGqssNvfrBBXR/cMvSzJkwxKLwS0K+xkXO2ZPSXnwggtS1
ABBz2OtXnjg6i0bXMckVO2nrDxvZ9H069xXmzycnZVqHdYrfcIf+lFKvdkxfL5e6
viWH2cuzgDjnXdPczuW93Rjdlw1c2w0dhiLyMN+Ynh9ShkoEM+4OxkSxNT/2K/TP
VHNnjE1PyalbJIfJr30lsjxJCxsMesMDALcSf/kks8viGuwevPXEJY/BTaa0vHJm
j5p7mXFOwMyZG2u+n7eo5DXQbTYN55yq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:18 2024 by rpki-client on console-ams.rpki-client.org