Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/O-o5cPfUJEq0B0kxNcfAX-2N2YE.roa
File: O-o5cPfUJEq0B0kxNcfAX-2N2YE.roa (raw, json)
Hash identifier: ms88VniLbaBsoisds+/+9ucfkjcuNsMI7OVOCDSHCIQ=
Subject key identifier: 3B:EA:39:70:F7:D4:24:4A:B4:07:49:31:35:C7:C0:5F:ED:8D:D9:81
Certificate issuer: /CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Certificate serial: 018649F4DCCFA48FFABD0CC6171C7F59A7FB
Authority key identifier: 02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/O-o5cPfUJEq0B0kxNcfAX-2N2YE.roa
Signing time: Mon 13 Feb 2023 08:47:09 +0000
ROA not before: Mon 13 Feb 2023 08:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2611
IP address blocks: 91.241.30.0/24 maxlen: 24
193.191.240.0/20 maxlen: 20
185.122.248.0/22 maxlen: 22
193.191.192.0/19 maxlen: 19
193.190.0.0/15 maxlen: 24
2001:6a8:a001::/48 maxlen: 48
2001:6a8::/29 maxlen: 48
2001:6a8:9200::/48 maxlen: 48
2001:6a8:8a00::/48 maxlen: 48
2001:6a8:be00::/48 maxlen: 48
2001:67c:2a58::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:f4:dc:cf:a4:8f:fa:bd:0c:c6:17:1c:7f:59:a7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Validity
Not Before: Feb 13 08:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bea3970f7d4244ab407493135c7c05fed8dd981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3d:5c:8e:fb:72:2b:5d:7c:78:26:d6:66:da:
a0:26:d7:08:52:25:b3:d6:a5:1d:60:9f:1d:f2:98:
f7:20:18:28:96:bb:d7:d3:38:29:a4:29:b8:de:6e:
07:6a:5e:ae:15:92:03:15:dc:ff:35:ab:6c:24:31:
b0:12:34:22:e2:c1:8e:73:63:6b:06:87:3f:5b:fa:
3c:7b:d1:23:79:90:31:4c:fa:e0:d6:6a:2f:4d:1a:
b0:db:eb:7b:af:5c:38:91:3c:ca:79:9a:0d:98:37:
8d:e3:f8:75:1d:97:78:a2:3b:bf:80:3c:50:fe:15:
a5:9f:35:de:c4:0a:eb:87:18:1f:23:6e:88:ba:47:
0a:19:d8:6a:de:a7:8b:e8:d8:35:f2:eb:71:1f:0c:
39:2c:03:59:04:60:5f:e1:c4:b4:99:5d:17:91:23:
79:2e:8e:28:f6:58:7a:e2:a2:25:a3:14:5c:e2:dd:
56:68:3f:42:70:13:23:6e:5f:9f:5f:ef:5d:62:7b:
08:db:a3:5e:93:9b:f5:fc:c7:b0:cf:be:56:ea:a5:
a4:42:b6:91:5f:07:0b:de:7b:04:49:55:5b:6d:1d:
d0:ac:48:37:96:64:02:72:51:32:11:51:60:31:39:
9c:d8:89:b7:2f:c8:40:9f:cc:16:86:60:33:ce:ea:
8a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EA:39:70:F7:D4:24:4A:B4:07:49:31:35:C7:C0:5F:ED:8D:D9:81
X509v3 Authority Key Identifier:
keyid:02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/O-o5cPfUJEq0B0kxNcfAX-2N2YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.30.0/24
185.122.248.0/22
193.190.0.0/15
IPv6:
2001:67c:2a58::/48
2001:6a8::/29
Signature Algorithm: sha256WithRSAEncryption
47:e3:a3:ea:a7:fe:0d:f8:c7:22:e1:ef:83:35:0b:97:54:56:
7b:60:de:89:10:d4:89:5e:07:4f:20:0a:69:eb:d0:23:85:5b:
c7:24:b2:05:11:1b:7d:7d:80:38:78:93:a9:30:04:e3:42:37:
92:12:0b:93:92:60:37:66:b7:29:4a:41:da:89:95:44:50:7e:
96:b2:cd:25:de:af:c9:a0:2e:74:03:86:46:60:32:d8:90:f5:
b4:dc:5c:7c:bd:ba:66:12:c5:21:b9:be:13:2e:7a:27:c6:f9:
7f:e8:90:dd:94:da:2b:e0:df:ed:24:0a:eb:97:ba:92:7e:0f:
11:99:9d:a0:04:df:ef:5c:ef:eb:3a:56:13:9e:3d:f0:7c:cd:
de:6b:e8:86:5c:b0:66:be:39:e7:17:60:ea:08:d7:67:d6:04:
78:89:b4:f0:c0:19:d1:26:fb:40:ed:3b:2c:a7:23:d3:c2:a2:
de:5f:a5:18:73:0d:ea:93:e5:05:d5:c1:09:26:1e:5d:8d:21:
a7:37:d7:6b:f0:2b:d3:2f:fe:6d:da:08:ac:b7:1c:e9:79:34:
6e:5f:08:dd:7d:ef:ec:d3:83:2e:00:1e:84:19:bc:86:9c:c0:
75:cc:ef:b0:80:98:88:50:e6:96:f1:e9:49:5d:53:6e:ac:4f:
0c:e3:bd:1c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYZJ9NzPpI/6vQzGFxx/Waf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzM5NDAyYzQyYjNmODQ5OTVjNGQ1OGVmNjcwZThkMTZj
MmFmZTIwHhcNMjMwMjEzMDg0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVhMzk3MGY3ZDQyNDRhYjQwNzQ5MzEzNWM3YzA1ZmVkOGRkOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD1cjvtyK118eCbWZtqgJtcIUiWz
1qUdYJ8d8pj3IBgolrvX0zgppCm43m4Hal6uFZIDFdz/NatsJDGwEjQi4sGOc2Nr
Boc/W/o8e9EjeZAxTPrg1movTRqw2+t7r1w4kTzKeZoNmDeN4/h1HZd4oju/gDxQ
/hWlnzXexArrhxgfI26IukcKGdhq3qeL6Ng18utxHww5LANZBGBf4cS0mV0XkSN5
Lo4o9lh64qIloxRc4t1WaD9CcBMjbl+fX+9dYnsI26Nek5v1/Mewz75W6qWkQraR
XwcL3nsESVVbbR3QrEg3lmQCclEyEVFgMTmc2Im3L8hAn8wWhmAzzuqKqwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDvqOXD31CRKtAdJMTXHwF/tjdmBMB8GA1UdIwQY
MBaAFAIzlALEKz+EmVxNWO9nDo0Wwq/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2It
ZmM2NGJmYzNkMmY5LzEvTy1vNWNQZlVKRXEwQjBreE5jZkFYLTJOMllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2ItZmM2NGJmYzNkMmY5
LzEvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAXBAIAATARAwQAW/EeAwQC
uXr4AwMBwb4wFgQCAAIwEAMHACABBnwqWAMFAyABBqgwDQYJKoZIhvcNAQELBQAD
ggEBAEfjo+qn/g34xyLh74M1C5dUVntg3okQ1IleB08gCmnr0COFW8cksgURG319
gDh4k6kwBONCN5ISC5OSYDdmtylKQdqJlURQfpayzSXer8mgLnQDhkZgMtiQ9bTc
XHy9umYSxSG5vhMueifG+X/okN2U2ivg3+0kCuuXupJ+DxGZnaAE3+9c7+s6VhOe
PfB8zd5r6IZcsGa+OecXYOoI12fWBHiJtPDAGdEm+0DtOyynI9PCot5fpRhzDeqT
5QXVwQkmHl2NIac312vwK9Mv/m3aCKy3HOl5NG5fCN197+zTgy4AHoQZvIacwHXM
77CAmIhQ5pbx6UldU26sTwzjvRw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:13 2024 by rpki-client on console-ams.rpki-client.org