Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/O4E9Cm3j-mxpTFB2oATbNmTbmio.roa
File: O4E9Cm3j-mxpTFB2oATbNmTbmio.roa (raw, json)
Hash identifier: eaTAN5qhUm5Rh8ohM48rBtyIAnoQRXaLBtOIWcriVSE=
Subject key identifier: 3B:81:3D:0A:6D:E3:FA:6C:69:4C:50:76:A0:04:DB:36:64:DB:9A:2A
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 018572E8055CD7A84B6BA5FDC344D7848ADF
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/O4E9Cm3j-mxpTFB2oATbNmTbmio.roa
Signing time: Mon 02 Jan 2023 14:34:46 +0000
ROA not before: Mon 02 Jan 2023 14:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57814
IP address blocks: 185.229.108.0/24 maxlen: 32
185.229.108.0/22 maxlen: 32
185.229.111.0/24 maxlen: 32
185.229.110.0/24 maxlen: 32
185.229.109.0/24 maxlen: 32
188.93.90.0/24 maxlen: 32
188.93.89.0/24 maxlen: 32
188.93.88.0/24 maxlen: 32
188.93.91.0/24 maxlen: 32
188.93.95.0/24 maxlen: 32
188.93.94.0/24 maxlen: 32
188.93.92.0/24 maxlen: 32
2a0a:5000::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 25 Aug 2023 08:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:05:5c:d7:a8:4b:6b:a5:fd:c3:44:d7:84:8a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jan 2 14:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b813d0a6de3fa6c694c5076a004db3664db9a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:26:1c:fa:c4:99:81:dc:83:73:e0:aa:3b:ef:
cc:9c:7c:8b:ed:03:df:58:ed:eb:6e:ad:96:3d:8f:
58:ee:b5:06:a8:a6:23:13:33:b9:4f:d2:ed:a3:aa:
3c:0b:f5:69:55:7b:92:27:3a:82:22:57:02:17:0c:
c2:ff:14:e4:cd:10:c1:29:e0:fb:ff:29:3d:42:6b:
ef:27:63:82:d4:2f:63:b3:79:4f:d2:90:d4:d1:0f:
89:02:6b:4d:25:2f:08:64:58:3a:11:c9:d5:1e:80:
10:fa:4e:c6:e2:3f:9c:f3:15:6c:8e:4f:60:31:87:
51:91:fb:20:4a:1d:db:67:8d:01:5c:e0:e5:a0:fd:
36:53:86:1f:2d:85:3c:88:73:a6:05:70:2c:3d:c2:
91:88:27:7d:1a:9e:53:cd:ee:5d:c9:fc:4e:11:74:
48:f1:04:9e:7a:de:21:0c:3e:83:da:80:3c:e6:f6:
16:a7:2f:ed:2b:6a:67:ad:b7:fd:68:b9:b7:0a:42:
a1:bf:24:4e:e9:0f:62:e8:45:01:8a:f3:2b:da:82:
88:51:9c:b8:8c:01:ea:1f:65:05:6b:cc:ee:61:a1:
aa:2e:7e:33:1a:1b:25:53:49:13:32:b7:8d:c3:01:
1f:d7:e3:f0:6a:5f:60:d5:74:e1:18:39:30:a6:03:
f6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:81:3D:0A:6D:E3:FA:6C:69:4C:50:76:A0:04:DB:36:64:DB:9A:2A
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/O4E9Cm3j-mxpTFB2oATbNmTbmio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.108.0/22
188.93.88.0-188.93.92.255
188.93.94.0/23
IPv6:
2a0a:5000::/29
Signature Algorithm: sha256WithRSAEncryption
a7:9b:24:b2:2b:d6:46:3e:58:dc:88:fb:11:9c:28:ba:31:fe:
22:1e:15:49:3c:c2:5e:6e:59:24:23:22:16:41:69:c4:3e:e6:
e9:62:7e:e2:4f:7b:64:ac:88:7f:2a:b8:80:f5:7b:65:6b:02:
f8:6e:00:65:3f:78:98:d4:bd:f8:3a:69:c7:26:9e:8a:88:46:
22:88:e9:fa:cc:a4:bc:5e:51:4b:90:58:ff:9f:72:dd:98:2f:
68:0c:1d:02:6e:3e:2b:19:d5:16:a2:17:e3:22:11:ac:a1:f7:
38:de:80:23:ab:23:0d:64:4a:cc:7f:ab:2e:40:5e:1d:58:f0:
84:7b:6f:85:81:2e:af:c3:4f:da:7c:bf:8c:38:6a:61:a7:02:
67:84:14:ae:70:9f:ef:33:4a:e9:14:ee:ca:cb:ff:4a:86:f6:
77:d0:63:19:8b:e5:f0:d6:d0:fc:f2:ad:c7:f6:02:31:45:89:
b0:2b:29:57:8c:cb:0c:6a:eb:ec:90:1b:f5:0e:91:d7:6a:53:
10:ff:57:1c:05:bd:21:5d:52:b1:7d:06:37:86:32:2d:eb:4a:
62:72:8e:5e:bd:9f:07:d5:2c:b4:fd:75:18:01:9b:f9:81:bc:
42:4c:61:3c:d8:4f:e7:54:8e:cf:46:87:b7:38:d4:c9:98:6e:
9b:89:8f:5a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVy6AVc16hLa6X9w0TXhIrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZWM1N2JjODQ2NGZlYzJlOWExYjA5OGZmY2UzNGMyMWFh
ZjljYTYwHhcNMjMwMTAyMTQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgxM2QwYTZkZTNmYTZjNjk0YzUwNzZhMDA0ZGIzNjY0ZGI5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCYc+sSZgdyDc+CqO+/MnHyL7QPf
WO3rbq2WPY9Y7rUGqKYjEzO5T9Lto6o8C/VpVXuSJzqCIlcCFwzC/xTkzRDBKeD7
/yk9QmvvJ2OC1C9js3lP0pDU0Q+JAmtNJS8IZFg6EcnVHoAQ+k7G4j+c8xVsjk9g
MYdRkfsgSh3bZ40BXODloP02U4YfLYU8iHOmBXAsPcKRiCd9Gp5Tze5dyfxOEXRI
8QSeet4hDD6D2oA85vYWpy/tK2pnrbf9aLm3CkKhvyRO6Q9i6EUBivMr2oKIUZy4
jAHqH2UFa8zuYaGqLn4zGhslU0kTMreNwwEf1+Pwal9g1XThGDkwpgP2AQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDuBPQpt4/psaUxQdqAE2zZk25oqMB8GA1UdIwQY
MBaAFKnsV7yEZP7C6aGwmP/ONMIar5ymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMt
MTlhM2M1NjQ5YjU3LzEvTzRFOUNtM2otbXhwVEZCMm9BVGJObVRibWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MWI0MGMtZjNiNi00MGI4LTg0MGMtMTlhM2M1NjQ5YjU3
LzEvcWV4WHZJUmtfc0xwb2JDWV84NDB3aHF2bktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCueVsMAwD
BAO8XVgDBAC8XVwDBAG8XV4wDQQCAAIwBwMFAyoKUAAwDQYJKoZIhvcNAQELBQAD
ggEBAKebJLIr1kY+WNyI+xGcKLox/iIeFUk8wl5uWSQjIhZBacQ+5ulifuJPe2Ss
iH8quID1e2VrAvhuAGU/eJjUvfg6accmnoqIRiKI6frMpLxeUUuQWP+fct2YL2gM
HQJuPisZ1RaiF+MiEayh9zjegCOrIw1kSsx/qy5AXh1Y8IR7b4WBLq/DT9p8v4w4
amGnAmeEFK5wn+8zSukU7srL/0qG9nfQYxmL5fDW0Pzyrcf2AjFFibArKVeMywxq
6+yQG/UOkddqUxD/VxwFvSFdUrF9BjeGMi3rSmJyjl69nwfVLLT9dRgBm/mBvEJM
YTzYT+dUjs9Gh7c41MmYbpuJj1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org