Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/O6FmYHMr1qhIhDV_DmbrbGHITbE.roa
File: O6FmYHMr1qhIhDV_DmbrbGHITbE.roa (raw, json)
Hash identifier: Ciw1WLtOagozdwBkR3KzKZvYYDdizB9Hdy5ZQacMkf0=
Subject key identifier: 3B:A1:66:60:73:2B:D6:A8:48:84:35:7F:0E:66:EB:6C:61:C8:4D:B1
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018EF2B4E8F46E53C98CC05C2E3407500204
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/O6FmYHMr1qhIhDV_DmbrbGHITbE.roa
Signing time: Thu 18 Apr 2024 19:35:26 +0000
ROA not before: Thu 18 Apr 2024 19:35:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52041
IP address blocks: 82.215.64.0/24 maxlen: 24
185.248.134.0/24 maxlen: 24
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:e40::/44 maxlen: 44
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
2a12:bec0:7002::/48 maxlen: 48
2a12:bec0:7003::/48 maxlen: 48
2a12:bec0:7004::/48 maxlen: 48
2a12:bec0:7006::/48 maxlen: 48
2a12:bec0:7007::/48 maxlen: 48
2a12:bec0:7008::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec1::/32 maxlen: 48
2a12:bec1:2::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec2::/32 maxlen: 32
2a12:bec2:b00b::/48 maxlen: 48
2a12:bec3:b00b::/48 maxlen: 48
2a12:bec4:100::/44 maxlen: 44
2a12:bec4:1120::/44 maxlen: 44
Validation: Failed, certificate revoked on Tue 23 Jul 2024 21:10:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f2:b4:e8:f4:6e:53:c9:8c:c0:5c:2e:34:07:50:02:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Apr 18 19:35:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ba16660732bd6a84884357f0e66eb6c61c84db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:80:11:63:bb:8e:6d:42:42:78:66:73:60:
6f:11:81:42:b4:8b:d5:e8:51:c5:fa:75:4c:43:53:
c9:18:a4:58:5e:b4:e7:89:56:ba:ea:fd:cb:4f:80:
78:4c:c1:60:8a:86:83:05:53:45:83:15:37:3f:2a:
67:9a:98:0e:91:62:80:30:9c:38:5b:a1:f3:f1:95:
0f:e4:67:59:d8:8a:cc:7d:72:ca:45:0c:fb:28:f2:
50:bb:f3:82:eb:5f:6a:e7:e2:de:dc:3e:54:b0:81:
ba:4b:fa:01:3b:39:55:2d:03:b2:76:a4:a1:dd:9e:
24:ca:8a:8a:f6:f5:83:55:73:54:e1:41:4c:71:22:
ff:0e:87:ea:b9:c0:64:98:b4:45:4c:8b:bc:40:54:
55:39:a6:7b:2a:e2:12:02:b8:4c:59:d4:f6:35:2e:
e6:c1:21:56:c1:e3:59:6c:fa:54:78:b2:3b:83:d7:
83:57:bc:14:81:cd:92:df:c2:ef:5f:53:2f:40:46:
17:55:cc:d0:4e:12:34:68:64:45:cc:8d:17:8b:9a:
f3:a3:6b:4a:27:a5:48:09:e6:ab:6d:17:ad:fe:8b:
95:a1:98:a0:f2:84:36:d8:3f:e7:0c:be:6c:ff:4b:
e9:77:10:51:59:01:e8:9c:92:14:06:99:72:83:cf:
92:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A1:66:60:73:2B:D6:A8:48:84:35:7F:0E:66:EB:6C:61:C8:4D:B1
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/O6FmYHMr1qhIhDV_DmbrbGHITbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.64.0/24
185.248.134.0/24
IPv6:
2a12:bec0:d0::/44
2a12:bec0:e40::/44
2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
2a12:bec0:7006::-2a12:bec0:7008:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1::-2a12:bec2:ffff:ffff:ffff:ffff:ffff:ffff
2a12:bec3:b00b::/48
2a12:bec4:100::/44
2a12:bec4:1120::/44
Signature Algorithm: sha256WithRSAEncryption
38:ae:bb:37:eb:4d:ed:32:b4:56:88:c2:95:7e:d3:b1:cf:b1:
0f:bb:ae:68:dc:24:14:9d:e5:80:ff:87:8e:89:e2:2c:87:37:
4d:be:a8:6d:02:25:d6:68:76:4b:5a:5a:3c:fa:fd:42:7f:ac:
f9:52:cf:4e:cd:06:08:60:4a:aa:05:cd:98:73:e6:b5:72:f5:
2e:2f:24:d5:c6:73:82:ec:dd:33:bf:85:5d:4b:67:eb:28:28:
de:32:8a:52:06:25:9a:f4:4f:ed:3d:d7:bb:5e:8a:d1:76:c8:
5d:1b:45:bf:f0:e9:4c:58:65:54:82:b5:8e:e9:4e:66:90:62:
57:d1:a3:36:81:4c:39:d1:c8:e0:00:d9:b5:66:8f:82:e6:ad:
98:03:54:9e:4e:92:1f:53:72:ac:e7:fa:16:83:e3:b8:4f:7c:
a7:16:15:e8:04:09:82:aa:d3:b8:90:44:db:5c:6d:d2:d2:54:
65:18:75:71:00:4b:cf:f9:a6:e1:e9:c1:53:be:d6:5e:27:51:
39:b6:08:6b:80:e7:fc:95:c3:94:d2:d0:60:a4:a6:6d:58:f9:
c1:e5:6d:c9:06:16:c5:61:ba:5d:b1:aa:2c:c2:47:3c:a3:f3:
12:4d:22:21:94:c8:83:02:ac:0f:20:64:63:1d:95:11:ba:ac:
7b:69:b5:f6
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY7ytOj0blPJjMBcLjQHUAIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwNDE4MTkzNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmExNjY2MDczMmJkNmE4NDg4NDM1N2YwZTY2ZWI2YzYxYzg0ZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjOAEWO7jm1CQnhmc2BvEYFCtIvV
6FHF+nVMQ1PJGKRYXrTniVa66v3LT4B4TMFgioaDBVNFgxU3PypnmpgOkWKAMJw4
W6Hz8ZUP5GdZ2IrMfXLKRQz7KPJQu/OC619q5+Le3D5UsIG6S/oBOzlVLQOydqSh
3Z4kyoqK9vWDVXNU4UFMcSL/DofqucBkmLRFTIu8QFRVOaZ7KuISArhMWdT2NS7m
wSFWweNZbPpUeLI7g9eDV7wUgc2S38LvX1MvQEYXVczQThI0aGRFzI0Xi5rzo2tK
J6VICearbRet/ouVoZig8oQ22D/nDL5s/0vpdxBRWQHonJIUBplyg8+SwwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFDuhZmBzK9aoSIQ1fw5m62xhyE2xMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvTzZGbVlITXIxcWhJaERWX0RtYnJiR0hJVGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTASBAIAATAMAwQAUtdA
AwQAufiGMHMEAgACMG0DBwQqEr7AANADBwQqEr7ADkAwEQMGBCoSvsBwAwcAKhK+
wHAEMBIDBwEqEr7AcAYDBwAqEr7AcAgDBwAqEr7AsAswDgMFACoSvsEDBQAqEr7C
AwcAKhK+w7ALAwcEKhK+xAEAAwcEKhK+xBEgMA0GCSqGSIb3DQEBCwUAA4IBAQA4
rrs3603tMrRWiMKVftOxz7EPu65o3CQUneWA/4eOieIshzdNvqhtAiXWaHZLWlo8
+v1Cf6z5Us9OzQYIYEqqBc2Yc+a1cvUuLyTVxnOC7N0zv4VdS2frKCjeMopSBiWa
9E/tPde7XorRdshdG0W/8OlMWGVUgrWO6U5mkGJX0aM2gUw50cjgANm1Zo+C5q2Y
A1SeTpIfU3Ks5/oWg+O4T3ynFhXoBAmCqtO4kETbXG3S0lRlGHVxAEvP+abh6cFT
vtZeJ1E5tghrgOf8lcOU0tBgpKZtWPnB5W3JBhbFYbpdsaoswkc8o/MSTSIhlMiD
AqwPIGRjHZURuqx7abX2
-----END CERTIFICATE-----
Generated at Tue Jul 23 22:49:39 2024 by rpki-client on console-ams.rpki-client.org