Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/O3b_yGBdAo7ZRn7tnTX-ei9tdLg.roa
File: O3b_yGBdAo7ZRn7tnTX-ei9tdLg.roa (raw, json)
Hash identifier: Eds3QPo72a3UGKiLzRwSQLiuDDHFLmxRlXKndiD+AWA=
Subject key identifier: 3B:76:FF:C8:60:5D:02:8E:D9:46:7E:ED:9D:35:FE:7A:2F:6D:74:B8
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 01856BB7D3D3FF89D6C2F59702718F0A8254
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/O3b_yGBdAo7ZRn7tnTX-ei9tdLg.roa
Signing time: Sun 01 Jan 2023 05:04:47 +0000
ROA not before: Sun 01 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6786
IP address blocks: 85.215.0.0/19 maxlen: 24
85.214.9.0/24 maxlen: 24
85.214.11.0/24 maxlen: 24
2a01:238:e000::/35 maxlen: 48
2a01:238:3000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:d3:d3:ff:89:d6:c2:f5:97:02:71:8f:0a:82:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Jan 1 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b76ffc8605d028ed9467eed9d35fe7a2f6d74b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:5e:49:18:c5:7c:a8:e9:6d:69:4b:84:3a:
be:ee:5d:11:5c:5b:72:b8:44:7c:bb:f6:1b:e6:83:
53:00:82:56:92:df:f1:18:10:23:db:1c:b5:37:33:
16:42:60:fa:d0:e7:06:f2:c9:67:71:94:16:2a:67:
f8:bf:40:56:c9:4a:6b:08:4d:6f:5d:11:76:24:58:
dd:27:95:1d:7e:e3:a9:dc:36:6c:3a:d5:42:10:3f:
e9:78:a3:a6:b8:eb:24:95:c9:3b:84:d2:b2:08:a7:
e3:4e:e0:43:73:08:a6:a8:11:7c:6f:a1:54:0d:7a:
29:92:8e:d1:f9:11:cb:02:93:d8:12:4c:d4:fe:f2:
da:55:84:80:3f:5f:8d:df:1d:d5:00:d9:b6:4c:63:
ea:55:74:a5:ea:2e:4d:80:99:ae:68:26:8e:5a:a2:
34:fd:a7:bb:77:1d:ab:02:e5:5a:95:e9:f7:18:2c:
0d:7c:00:e1:92:15:d4:f5:bf:81:92:47:12:c4:28:
da:42:c1:21:8f:39:16:a0:3f:94:69:4d:01:2e:72:
98:39:cc:d0:ab:55:b4:f5:b3:d3:08:d0:8a:4e:52:
1b:14:f0:2b:8d:5c:6d:66:fd:55:ee:f2:78:7b:bf:
4c:72:25:b7:4a:47:08:0c:df:76:80:58:1a:23:c7:
62:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:76:FF:C8:60:5D:02:8E:D9:46:7E:ED:9D:35:FE:7A:2F:6D:74:B8
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/O3b_yGBdAo7ZRn7tnTX-ei9tdLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.214.9.0/24
85.214.11.0/24
85.215.0.0/19
IPv6:
2a01:238:3000::/36
2a01:238:e000::/35
Signature Algorithm: sha256WithRSAEncryption
07:be:3e:d6:e5:d3:7e:9d:d0:38:62:e4:97:88:51:1a:ea:8c:
19:6f:84:70:c6:05:bc:39:0d:0e:57:a1:23:48:bd:e7:12:76:
52:30:af:50:bd:d2:69:49:53:0a:30:86:a3:68:12:df:ab:8c:
b3:c4:02:c7:32:8c:9c:3b:3a:2a:da:67:9a:08:e7:85:21:c8:
74:52:60:cf:e3:0b:21:d7:1b:81:32:1d:1f:51:3e:82:6a:2b:
7b:80:2c:eb:f1:f0:7a:70:d4:12:6c:8a:3a:5b:3e:0e:ac:c6:
63:7e:e5:a8:4a:6d:d4:70:69:f4:02:45:5f:e0:a9:dc:1c:ce:
50:60:cf:c0:d6:f9:2d:f5:bf:73:82:78:4c:ae:e9:9f:0f:9d:
04:28:5f:01:10:e2:92:da:6a:37:57:63:96:f4:0a:12:f2:da:
6c:a3:81:c6:6e:c9:6a:14:2a:1d:cf:4b:2d:cb:3b:a2:57:15:
ed:b3:cf:30:91:f8:97:6d:4e:0c:14:56:1b:6a:d2:30:77:45:
d6:ac:a6:15:b3:33:dd:23:c3:92:e3:57:84:23:dd:1e:be:b2:
ba:67:2e:17:1e:6f:60:64:94:be:e4:f2:93:84:d8:d9:43:20:
d1:22:c6:89:b2:e0:1a:8c:2f:df:86:14:85:e2:4d:08:f5:4f:
a0:41:22:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVrt9PT/4nWwvWXAnGPCoJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjMwMTAxMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc2ZmZjODYwNWQwMjhlZDk0NjdlZWQ5ZDM1ZmU3YTJmNmQ3NGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLheSRjFfKjpbWlLhDq+7l0RXFty
uER8u/Yb5oNTAIJWkt/xGBAj2xy1NzMWQmD60OcG8slncZQWKmf4v0BWyUprCE1v
XRF2JFjdJ5UdfuOp3DZsOtVCED/peKOmuOsklck7hNKyCKfjTuBDcwimqBF8b6FU
DXopko7R+RHLApPYEkzU/vLaVYSAP1+N3x3VANm2TGPqVXSl6i5NgJmuaCaOWqI0
/ae7dx2rAuValen3GCwNfADhkhXU9b+BkkcSxCjaQsEhjzkWoD+UaU0BLnKYOczQ
q1W09bPTCNCKTlIbFPArjVxtZv1V7vJ4e79MciW3SkcIDN92gFgaI8divQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDt2/8hgXQKO2UZ+7Z01/novbXS4MB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvTzNiX3lHQmRBbzdaUm43dG5UWC1laTl0ZExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQAVdYJAwQA
VdYLAwQFVdcAMBYEAgACMBADBgQqAQI4MAMGBSoBAjjgMA0GCSqGSIb3DQEBCwUA
A4IBAQAHvj7W5dN+ndA4YuSXiFEa6owZb4RwxgW8OQ0OV6EjSL3nEnZSMK9QvdJp
SVMKMIajaBLfq4yzxALHMoycOzoq2meaCOeFIch0UmDP4wsh1xuBMh0fUT6Cait7
gCzr8fB6cNQSbIo6Wz4OrMZjfuWoSm3UcGn0AkVf4KncHM5QYM/A1vkt9b9zgnhM
rumfD50EKF8BEOKS2mo3V2OW9AoS8tpso4HGbslqFCodz0styzuiVxXts88wkfiX
bU4MFFYbatIwd0XWrKYVszPdI8OS41eEI90evrK6Zy4XHm9gZJS+5PKThNjZQyDR
IsaJsuAajC/fhhSF4k0I9U+gQSIb
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:11 2024 by rpki-client on console-fra.rpki-client.org