Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/O9o3XFLCy_TgUWuLR5P0MMqFA-g.roa
File: O9o3XFLCy_TgUWuLR5P0MMqFA-g.roa (raw, json)
Hash identifier: rFTc1Aaxn9oiNCJ3iGdQtRyDeXvQVBE3tDL1V8jm9NQ=
Subject key identifier: 3B:DA:37:5C:52:C2:CB:F4:E0:51:6B:8B:47:93:F4:30:CA:85:03:E8
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018FE88EDEA44040C1D55FCB5D1A293D9784
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/O9o3XFLCy_TgUWuLR5P0MMqFA-g.roa
Signing time: Wed 05 Jun 2024 13:20:28 +0000
ROA not before: Wed 05 Jun 2024 13:20:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 86.104.227.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
194.29.67.0/24 maxlen: 24
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 10:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:8e:de:a4:40:40:c1:d5:5f:cb:5d:1a:29:3d:97:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jun 5 13:20:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bda375c52c2cbf4e0516b8b4793f430ca8503e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:d7:b6:15:d0:56:3d:8c:81:f2:54:aa:2d:
e9:48:b0:c6:00:7a:94:7d:94:6b:44:db:ea:a2:21:
50:c5:bd:23:fb:ad:00:51:40:60:94:1f:5a:43:45:
08:3a:7a:c3:a7:c3:ad:98:ca:b4:88:8f:10:aa:4f:
62:74:c0:f2:89:36:f3:a9:80:de:0a:17:f8:4b:0b:
a7:78:65:5f:23:38:7d:67:57:99:53:02:c5:bc:73:
70:3a:01:c0:db:92:b4:42:f6:a7:dc:d4:f1:e5:42:
14:e5:27:0c:fb:9c:e0:52:47:11:d2:dc:c4:43:ea:
96:89:0a:c4:b4:69:46:36:aa:67:42:b9:16:a7:9a:
81:f0:bb:8d:8d:4a:3f:d9:43:a7:35:58:92:7c:67:
3f:a2:b9:03:aa:fb:ee:b9:94:fd:78:59:67:0e:04:
92:95:04:3d:a6:b5:2a:a2:3e:9b:55:8c:e8:11:cc:
6d:d5:a0:ff:a9:2f:ba:8f:80:ea:ce:56:a0:64:8f:
b6:c4:73:55:9c:cc:99:51:9b:08:e7:e9:9d:2c:7d:
41:f7:79:2f:19:d3:5d:2e:62:4c:d1:01:08:31:1e:
9a:08:e5:1b:ac:a8:96:62:e0:d0:64:ab:48:eb:af:
3b:11:13:27:3e:bb:70:b3:c8:00:44:47:d5:9c:0b:
ca:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DA:37:5C:52:C2:CB:F4:E0:51:6B:8B:47:93:F4:30:CA:85:03:E8
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/O9o3XFLCy_TgUWuLR5P0MMqFA-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.227.0/24
89.47.34.0/24
162.218.157.0/24
193.200.96.0/23
194.29.67.0/24
194.29.70.0/24
194.29.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:be:b4:6a:c4:74:6e:a7:04:66:7f:35:fa:cd:bb:01:0b:15:
3c:67:bb:1b:b8:ca:0c:20:e6:f1:8e:ee:7b:a2:bf:4a:a3:5c:
cf:1f:ad:e7:97:2a:52:0b:1b:07:d4:27:1e:f9:f3:20:2e:92:
43:08:57:33:dd:63:fb:7c:3b:4d:bd:22:f4:16:7a:cc:75:f3:
3d:5f:7c:8f:67:3d:73:5e:bd:39:21:c5:ff:b5:18:d3:97:50:
68:97:29:be:ff:79:95:e8:7c:5d:5b:0b:7f:2a:77:1f:71:3e:
d2:b8:58:e6:7f:e9:37:f3:39:ec:ec:c1:d0:4d:b3:c5:a2:f0:
b3:65:f9:03:f5:eb:17:22:60:d3:92:cc:74:3e:d7:61:73:6d:
83:e4:90:6c:a7:4e:32:7c:70:b7:d6:61:af:14:88:55:ec:84:
56:66:0a:21:2d:eb:0d:ff:4b:8d:5d:7d:e8:d1:8e:51:7c:78:
07:92:1c:3e:f9:f4:e2:8a:3f:6e:b5:bf:4f:e5:3b:bf:59:37:
30:6f:07:4d:ae:14:2b:86:5a:47:e9:64:df:75:b4:73:2c:93:
ed:fc:f6:15:a5:d7:42:19:ef:66:6f:23:68:71:c1:90:1e:c0:
50:d3:20:dd:3e:a2:e3:90:40:84:fb:ee:8d:01:e4:25:d5:1b:
d8:c6:3f:2a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/ojt6kQEDB1V/LXRopPZeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwNjA1MTMyMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmRhMzc1YzUyYzJjYmY0ZTA1MTZiOGI0NzkzZjQzMGNhODUwM2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumzXthXQVj2MgfJUqi3pSLDGAHqU
fZRrRNvqoiFQxb0j+60AUUBglB9aQ0UIOnrDp8OtmMq0iI8Qqk9idMDyiTbzqYDe
Chf4SwuneGVfIzh9Z1eZUwLFvHNwOgHA25K0Qvan3NTx5UIU5ScM+5zgUkcR0tzE
Q+qWiQrEtGlGNqpnQrkWp5qB8LuNjUo/2UOnNViSfGc/orkDqvvuuZT9eFlnDgSS
lQQ9prUqoj6bVYzoEcxt1aD/qS+6j4DqzlagZI+2xHNVnMyZUZsI5+mdLH1B93kv
GdNdLmJM0QEIMR6aCOUbrKiWYuDQZKtI6687ERMnPrtws8gAREfVnAvK7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDvaN1xSwsv04FFri0eT9DDKhQPoMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvTzlvM1hGTEN5X1RnVVd1TFI1UDBNTXFGQS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVmjjAwQA
WS8iAwQAotqdAwQBwchgAwQAwh1DAwQAwh1GAwQAwh1QMA0GCSqGSIb3DQEBCwUA
A4IBAQBLvrRqxHRupwRmfzX6zbsBCxU8Z7sbuMoMIObxju57or9Ko1zPH63nlypS
CxsH1Cce+fMgLpJDCFcz3WP7fDtNvSL0FnrMdfM9X3yPZz1zXr05IcX/tRjTl1Bo
lym+/3mV6HxdWwt/KncfcT7SuFjmf+k38zns7MHQTbPFovCzZfkD9esXImDTksx0
Ptdhc22D5JBsp04yfHC31mGvFIhV7IRWZgohLesN/0uNXX3o0Y5RfHgHkhw++fTi
ij9utb9P5Tu/WTcwbwdNrhQrhlpH6WTfdbRzLJPt/PYVpddCGe9mbyNoccGQHsBQ
0yDdPqLjkECE++6NAeQl1RvYxj8q
-----END CERTIFICATE-----
Generated at Thu Jun 20 14:44:47 2024 by rpki-client on console-fra.rpki-client.org