Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/O_mf9xLi8ogMN4EAS85rN-wjxTk.roa
File: O_mf9xLi8ogMN4EAS85rN-wjxTk.roa (raw, json)
Hash identifier: EakRSPuBr0cNYiEmIDJQxrmFrx3rHPVW8pvDMGlIFVM=
Subject key identifier: 3B:F9:9F:F7:12:E2:F2:88:0C:37:81:00:4B:CE:6B:37:EC:23:C5:39
Certificate issuer: /CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Certificate serial: 018CC56EDE64A5B1578A3A57F05DBF14381F
Authority key identifier: AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/O_mf9xLi8ogMN4EAS85rN-wjxTk.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21119
IP address blocks: 193.169.42.0/23 maxlen: 24
185.36.28.0/22 maxlen: 24
93.187.80.0/21 maxlen: 24
193.201.74.0/23 maxlen: 24
5.226.160.0/21 maxlen: 24
89.233.96.0/21 maxlen: 24
80.86.128.0/20 maxlen: 24
217.65.224.0/20 maxlen: 24
2001:a90::/32 maxlen: 64
2a01:b8c0::/32 maxlen: 64
2a03:6240::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 05 Apr 2024 08:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:de:64:a5:b1:57:8a:3a:57:f0:5d:bf:14:38:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0b79e4b59c5fcda493a20ad18e9455859d031b
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bf99ff712e2f2880c3781004bce6b37ec23c539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e7:60:9f:bf:35:16:0e:c0:84:46:f7:2d:48:
b9:d1:e0:92:41:d0:58:30:f4:14:df:2d:87:d9:ac:
c2:44:c4:4c:44:e5:ae:4a:8b:af:83:da:d7:cf:3d:
ac:16:57:3f:19:00:19:24:5a:9c:92:f4:4d:51:df:
05:ac:bf:1b:90:fd:25:2e:ed:8a:f3:59:4e:08:f8:
a3:c8:e1:98:0e:5c:95:b2:76:e1:c2:e8:06:ac:d7:
91:8f:ff:19:96:d9:9f:18:88:81:bf:7f:d0:7e:3f:
f9:a6:dd:c1:1f:93:84:ba:5f:ad:93:4c:64:5e:e6:
67:42:0f:be:5d:15:01:ab:33:b8:30:78:d6:5b:28:
e4:f2:7a:15:09:c7:05:2d:2a:2a:bc:c9:ad:1e:cf:
2f:55:29:be:0d:da:3b:25:87:6f:a4:ca:b8:41:92:
50:2c:35:a5:b9:e7:b6:c0:a7:c6:b4:bc:55:5f:0e:
69:09:52:2c:8b:6a:ee:d1:7b:a8:8c:d5:d5:b2:bc:
ed:84:1a:8e:8d:b8:a4:39:19:e0:8b:00:6b:63:28:
07:c7:73:9a:5c:df:38:eb:70:1d:a1:62:91:ca:c4:
fa:3e:09:6d:1b:61:5f:1c:27:58:09:c1:d5:e1:01:
ba:07:9b:57:28:76:cb:60:e6:e7:72:53:85:4a:9e:
63:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F9:9F:F7:12:E2:F2:88:0C:37:81:00:4B:CE:6B:37:EC:23:C5:39
X509v3 Authority Key Identifier:
keyid:AD:0B:79:E4:B5:9C:5F:CD:A4:93:A2:0A:D1:8E:94:55:85:9D:03:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQt55LWcX82kk6IK0Y6UVYWdAxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/O_mf9xLi8ogMN4EAS85rN-wjxTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/cd555b-f73e-48ad-b544-e3eb4e8a38db/1/rQt55LWcX82kk6IK0Y6UVYWdAxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.160.0/21
80.86.128.0/20
89.233.96.0/21
93.187.80.0/21
185.36.28.0/22
193.169.42.0/23
193.201.74.0/23
217.65.224.0/20
IPv6:
2001:a90::/32
2a01:b8c0::/32
2a03:6240::/32
Signature Algorithm: sha256WithRSAEncryption
41:eb:26:3d:f7:8c:b6:89:9a:62:20:d8:03:39:2b:5e:4f:c3:
49:71:aa:5d:ad:61:59:91:d7:ca:a1:19:82:7a:a3:1d:e6:71:
0a:54:c4:f8:50:9c:3d:3c:49:85:49:35:17:7d:3a:99:05:88:
c4:d8:87:81:ca:d2:45:e8:19:a8:9d:cb:d5:63:13:68:bb:ef:
d0:bc:12:50:03:5c:d1:94:fc:ed:1a:07:da:34:81:3d:a7:ea:
47:e9:d0:2e:a9:10:86:8a:fa:16:81:ee:06:b5:79:29:a6:69:
c4:f4:c8:f6:5d:71:15:ae:12:6c:f4:1d:fe:c3:b3:b7:b4:ca:
60:ea:f1:26:bb:ae:08:99:e5:55:d6:14:c5:9d:ef:09:51:e3:
20:1a:6e:53:60:42:6b:8b:d0:df:35:6b:c3:1f:3b:3d:e1:7a:
5b:f5:0c:35:2f:0f:3e:47:d6:71:35:f6:33:ac:01:40:50:97:
46:72:4d:7b:a0:f0:3a:fd:cf:d9:92:bb:70:c5:1f:d6:cd:80:
ff:54:97:3f:44:0d:5c:75:53:78:db:70:5a:a7:bf:e9:7a:69:
90:1e:6d:0a:02:9e:98:c1:3b:94:00:35:c3:89:39:bc:e0:e5:
0f:49:a5:bf:4f:de:9c:4c:cc:28:5a:3a:2b:a3:3d:c7:0c:2c:
7b:77:5f:3e
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzFbt5kpbFXijpX8F2/FDgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGI3OWU0YjU5YzVmY2RhNDkzYTIwYWQxOGU5NDU1ODU5
ZDAzMWIwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY5OWZmNzEyZTJmMjg4MGMzNzgxMDA0YmNlNmIzN2VjMjNjNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiedgn781Fg7AhEb3LUi50eCSQdBY
MPQU3y2H2azCRMRMROWuSouvg9rXzz2sFlc/GQAZJFqckvRNUd8FrL8bkP0lLu2K
81lOCPijyOGYDlyVsnbhwugGrNeRj/8ZltmfGIiBv3/Qfj/5pt3BH5OEul+tk0xk
XuZnQg++XRUBqzO4MHjWWyjk8noVCccFLSoqvMmtHs8vVSm+Ddo7JYdvpMq4QZJQ
LDWluee2wKfGtLxVXw5pCVIsi2ru0XuojNXVsrzthBqOjbikORngiwBrYygHx3Oa
XN8463AdoWKRysT6PgltG2FfHCdYCcHV4QG6B5tXKHbLYObnclOFSp5jowIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDv5n/cS4vKIDDeBAEvOazfsI8U5MB8GA1UdIwQY
MBaAFK0LeeS1nF/NpJOiCtGOlFWFnQMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQt
ZTNlYjRlOGEzOGRiLzEvT19tZjl4TGk4b2dNTjRFQVM4NXJOLXdqeFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jZDU1NWItZjczZS00OGFkLWI1NDQtZTNlYjRlOGEzOGRi
LzEvclF0NTVMV2NYODJrazZJSzBZNlVWWVdkQXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDBeKgAwQE
UFaAAwQDWelgAwQDXbtQAwQCuSQcAwQBwakqAwQBwclKAwQE2UHgMBsEAgACMBUD
BQAgAQqQAwUAKgG4wAMFACoDYkAwDQYJKoZIhvcNAQELBQADggEBAEHrJj33jLaJ
mmIg2AM5K15Pw0lxql2tYVmR18qhGYJ6ox3mcQpUxPhQnD08SYVJNRd9OpkFiMTY
h4HK0kXoGaidy9VjE2i779C8ElADXNGU/O0aB9o0gT2n6kfp0C6pEIaK+haB7ga1
eSmmacT0yPZdcRWuEmz0Hf7Ds7e0ymDq8Sa7rgiZ5VXWFMWd7wlR4yAablNgQmuL
0N81a8MfOz3helv1DDUvDz5H1nE19jOsAUBQl0ZyTXug8Dr9z9mSu3DFH9bNgP9U
lz9EDVx1U3jbcFqnv+l6aZAebQoCnpjBO5QANcOJObzg5Q9Jpb9P3pxMzChaOiuj
PccMLHt3Xz4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org