Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/O6IJAQ7nAKFQqD1ac7GVUvr48rI.roa
File: O6IJAQ7nAKFQqD1ac7GVUvr48rI.roa (raw, json)
Hash identifier: QxI5F7fkhT24nyv5odbjntCjMkKhsBaE2uAomwUCWkA=
Subject key identifier: 3B:A2:09:01:0E:E7:00:A1:50:A8:3D:5A:73:B1:95:52:FA:F8:F2:B2
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 018C5FBC9FEC9BBD089E851F6FB74394C493
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/O6IJAQ7nAKFQqD1ac7GVUvr48rI.roa
Signing time: Tue 12 Dec 2023 20:34:06 +0000
ROA not before: Tue 12 Dec 2023 20:34:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 77.105.167.0/24 maxlen: 24
185.225.201.0/24 maxlen: 24
185.225.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:bc:9f:ec:9b:bd:08:9e:85:1f:6f:b7:43:94:c4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Dec 12 20:34:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ba209010ee700a150a83d5a73b19552faf8f2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:f7:c0:c1:8e:cd:b6:24:88:1d:e5:f6:96:
1a:c8:06:35:f8:f4:f8:47:be:97:1e:23:f6:70:f3:
31:63:bc:0d:ad:5f:3a:97:cd:ac:0a:81:f2:4a:7a:
3f:1b:7a:e5:1a:6b:e8:c9:4b:28:60:19:c3:56:d1:
3d:65:7a:bc:c9:af:0c:73:8d:88:00:d1:cd:61:65:
5b:f5:bc:94:de:cd:ae:b5:0b:1c:67:80:d3:36:5f:
19:39:9b:b4:7d:80:16:e5:2b:ec:34:1b:99:9a:22:
0e:5c:54:20:ea:85:92:23:b7:61:a4:ce:fd:0a:8f:
e4:7f:b2:bf:0f:ad:3d:c7:7e:fd:d3:98:98:03:87:
a4:59:43:5e:a8:d1:8a:1c:a9:7f:7c:8f:f8:4f:6f:
da:08:2e:7c:93:a0:32:71:44:1c:24:41:77:0b:0b:
8f:ab:5d:c0:55:f7:bb:f5:0e:ff:42:c1:23:07:55:
1f:3f:f5:ca:91:89:fc:da:b2:a6:70:ce:84:3c:03:
99:99:77:8a:c0:bf:2a:d9:f6:71:e5:1c:16:66:a9:
17:0a:11:14:dc:12:ed:7b:89:65:a0:dc:f7:f9:10:
89:1a:7b:33:2b:54:20:fa:85:d0:6e:70:d1:fc:d6:
62:aa:70:18:60:50:1f:25:b2:fe:49:cf:22:ae:97:
37:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A2:09:01:0E:E7:00:A1:50:A8:3D:5A:73:B1:95:52:FA:F8:F2:B2
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/O6IJAQ7nAKFQqD1ac7GVUvr48rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.167.0/24
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
40:0f:ba:88:b2:a0:5e:5b:29:db:6b:10:c6:b7:15:9c:56:f0:
77:e9:1d:ca:29:92:d4:51:88:c8:3c:02:dd:25:ab:ea:08:df:
34:41:c0:d6:0a:cf:b8:76:cb:b8:0a:f4:8e:28:aa:7a:6c:bc:
eb:38:39:44:e5:7c:d7:b6:2d:f6:f8:d9:64:55:76:9d:5a:73:
c1:cf:80:9b:03:85:f1:68:0f:e3:02:6f:ce:be:4e:4f:56:8e:
26:56:f4:c8:c0:3c:36:9e:84:20:7c:32:d4:cd:dc:1d:63:c6:
cf:d2:da:1c:4a:ac:bb:5d:11:a1:eb:7d:a5:99:fb:c1:fa:77:
28:4b:19:00:72:04:44:17:83:9f:86:a7:bf:bd:b9:48:0c:ab:
f9:a6:aa:d0:0e:d1:56:bb:d0:51:23:3a:09:c7:9d:9b:25:84:
80:12:88:31:05:31:01:02:42:ef:3a:ac:c7:fb:26:3e:1b:fa:
e7:bd:f0:d5:8c:e1:1b:4f:2a:25:e0:3b:52:8b:d0:bb:8c:e8:
b8:cf:ea:f9:2a:5e:7c:3f:fe:f5:54:eb:d5:6e:f7:03:7b:ad:
2f:6f:50:47:70:a4:02:08:d9:d8:6e:bf:f5:bd:a8:f5:0e:0d:
b8:b4:b3:1e:36:57:fd:d1:99:f4:a0:a2:b0:d6:c0:6e:17:92:
b0:b3:81:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxfvJ/sm70InoUfb7dDlMSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMxMjEyMjAzNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmEyMDkwMTBlZTcwMGExNTBhODNkNWE3M2IxOTU1MmZhZjhmMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnb3wMGOzbYkiB3l9pYayAY1+PT4
R76XHiP2cPMxY7wNrV86l82sCoHySno/G3rlGmvoyUsoYBnDVtE9ZXq8ya8Mc42I
ANHNYWVb9byU3s2utQscZ4DTNl8ZOZu0fYAW5SvsNBuZmiIOXFQg6oWSI7dhpM79
Co/kf7K/D609x37905iYA4ekWUNeqNGKHKl/fI/4T2/aCC58k6AycUQcJEF3CwuP
q13AVfe79Q7/QsEjB1UfP/XKkYn82rKmcM6EPAOZmXeKwL8q2fZx5RwWZqkXChEU
3BLte4lloNz3+RCJGnszK1Qg+oXQbnDR/NZiqnAYYFAfJbL+Sc8irpc3JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuiCQEO5wChUKg9WnOxlVL6+PKyMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvTzZJSkFRN25BS0ZRcUQxYWM3R1ZVdnI0OHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATWmnAwQB
ueHIMA0GCSqGSIb3DQEBCwUAA4IBAQBAD7qIsqBeWynbaxDGtxWcVvB36R3KKZLU
UYjIPALdJavqCN80QcDWCs+4dsu4CvSOKKp6bLzrODlE5XzXti32+NlkVXadWnPB
z4CbA4XxaA/jAm/Ovk5PVo4mVvTIwDw2noQgfDLUzdwdY8bP0tocSqy7XRGh632l
mfvB+ncoSxkAcgREF4Ofhqe/vblIDKv5pqrQDtFWu9BRIzoJx52bJYSAEogxBTEB
AkLvOqzH+yY+G/rnvfDVjOEbTyol4DtSi9C7jOi4z+r5Kl58P/71VOvVbvcDe60v
b1BHcKQCCNnYbr/1vaj1Dg24tLMeNlf90Zn0oKKw1sBuF5Kws4Hm
Generated at Tue Dec 12 22:28:25 2023 by rpki-client on console-fra.rpki-client.org