Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Oc5tvUGTi4jpy49j6MbidQDKUnI.roa
File: Oc5tvUGTi4jpy49j6MbidQDKUnI.roa (raw, json)
Hash identifier: m7Rw6PZ5oNmWYw3VfxbxnsnvUhTcxY8RVjxM+Y/E8a4=
Subject key identifier: 39:CE:6D:BD:41:93:8B:88:E9:CB:8F:63:E8:C6:E2:75:00:CA:52:72
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018BAAC1F40C3DACB72C020EFC39D30A137E
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Oc5tvUGTi4jpy49j6MbidQDKUnI.roa
Signing time: Tue 07 Nov 2023 17:08:39 +0000
ROA not before: Tue 07 Nov 2023 17:08:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 185.251.44.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:c1:f4:0c:3d:ac:b7:2c:02:0e:fc:39:d3:0a:13:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Nov 7 17:08:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39ce6dbd41938b88e9cb8f63e8c6e27500ca5272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:85:99:19:4c:4d:39:5d:ce:5f:75:63:cf:c6:
46:d5:b3:96:c4:4e:7b:ee:78:61:de:0b:b0:0c:fb:
af:70:f7:a3:5b:5d:78:28:09:24:69:7a:3e:f3:0d:
a3:c7:75:bf:cf:29:34:4b:79:7b:53:e4:4d:96:03:
4e:4e:a2:9d:19:50:d6:b2:38:b3:63:62:29:5b:be:
1c:39:dc:0e:b2:51:62:c0:f4:15:d2:a4:48:fe:d3:
7f:e1:f5:f2:01:ca:3b:73:f2:6b:0e:62:3e:31:14:
95:9d:65:b2:2b:91:3e:c0:27:6d:cf:80:4e:6e:63:
09:4c:3b:9b:ec:07:6c:fa:44:58:9f:8e:2f:6e:a3:
d0:9c:04:cd:45:27:0f:ca:33:d8:e0:f4:6d:22:e5:
2a:68:40:b0:b7:9a:f6:8a:8f:a7:43:f8:76:2d:0e:
dd:29:5f:77:3f:29:14:57:83:c4:99:4d:85:9e:c6:
5c:5c:a2:c4:2a:bd:73:f0:e4:a8:89:f4:86:e9:ce:
bc:8b:07:4f:51:d8:20:7d:f1:c5:57:70:21:6a:42:
76:bc:b6:05:a3:2b:b1:13:0a:ef:a3:d3:fb:21:2a:
e1:b0:2c:a5:7d:0e:04:18:6e:d0:be:44:e8:f2:e0:
68:99:f3:f6:1d:51:5a:14:84:6b:3b:d4:11:0f:c3:
10:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CE:6D:BD:41:93:8B:88:E9:CB:8F:63:E8:C6:E2:75:00:CA:52:72
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Oc5tvUGTi4jpy49j6MbidQDKUnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
195.66.216.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:1f:bc:e9:80:f0:ff:ca:8c:59:d6:7c:5d:ad:42:3d:1b:b1:
49:6a:92:25:70:92:fd:c1:82:63:54:7a:d6:3d:3a:f8:ef:85:
8e:9c:a6:5e:15:92:cc:17:f8:37:38:e8:58:ea:6c:bb:ac:39:
b0:21:82:e5:33:37:08:b8:11:5b:76:89:7a:d1:31:44:30:89:
91:aa:2c:87:0e:38:ac:48:0e:f7:0c:74:8e:7f:4d:63:47:b6:
b7:a2:f2:89:52:f0:56:55:96:9c:c8:16:16:b5:0a:78:a9:95:
1a:12:35:af:02:8c:67:f0:b7:5e:ec:e3:67:e2:92:df:6c:d9:
79:80:7e:c9:1c:96:14:7f:6c:cd:a1:c1:c2:e5:fd:c1:de:0f:
4f:63:b4:48:25:fd:41:9e:7a:d5:e2:f9:e6:56:ba:fe:19:5a:
bf:00:9b:81:8e:02:7d:f7:29:60:7c:2b:86:6b:80:aa:31:e8:
a3:67:c3:bd:ff:d9:98:8f:1b:fd:1e:f9:6f:5d:a5:ee:1f:69:
08:8e:1b:11:9d:7f:a5:e5:e2:03:f2:4e:ff:26:1d:0c:de:10:
7e:86:80:1a:be:a4:31:51:74:e2:48:41:90:37:3c:e7:a3:c1:
3d:71:70:0c:e8:ff:ef:51:98:49:94:92:07:b4:ab:83:63:b2:
30:81:19:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuqwfQMPay3LAIO/DnTChN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMTA3MTcwODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNlNmRiZDQxOTM4Yjg4ZTljYjhmNjNlOGM2ZTI3NTAwY2E1MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24WZGUxNOV3OX3Vjz8ZG1bOWxE57
7nhh3guwDPuvcPejW114KAkkaXo+8w2jx3W/zyk0S3l7U+RNlgNOTqKdGVDWsjiz
Y2IpW74cOdwOslFiwPQV0qRI/tN/4fXyAco7c/JrDmI+MRSVnWWyK5E+wCdtz4BO
bmMJTDub7Ads+kRYn44vbqPQnATNRScPyjPY4PRtIuUqaECwt5r2io+nQ/h2LQ7d
KV93PykUV4PEmU2FnsZcXKLEKr1z8OSoifSG6c68iwdPUdggffHFV3AhakJ2vLYF
oyuxEwrvo9P7ISrhsCylfQ4EGG7QvkTo8uBomfP2HVFaFIRrO9QRD8MQ7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDnObb1Bk4uI6cuPY+jG4nUAylJyMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvT2M1dHZVR1RpNGpweTQ5ajZNYmlkUURLVW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFX69AAwQC
uffkAwQCufssAwQCufv4AwQDw0LYMA0GCSqGSIb3DQEBCwUAA4IBAQBsH7zpgPD/
yoxZ1nxdrUI9G7FJapIlcJL9wYJjVHrWPTr474WOnKZeFZLMF/g3OOhY6my7rDmw
IYLlMzcIuBFbdol60TFEMImRqiyHDjisSA73DHSOf01jR7a3ovKJUvBWVZacyBYW
tQp4qZUaEjWvAoxn8Lde7ONn4pLfbNl5gH7JHJYUf2zNocHC5f3B3g9PY7RIJf1B
nnrV4vnmVrr+GVq/AJuBjgJ99ylgfCuGa4CqMeijZ8O9/9mYjxv9HvlvXaXuH2kI
jhsRnX+l5eID8k7/Jh0M3hB+hoAavqQxUXTiSEGQNzzno8E9cXAM6P/vUZhJlJIH
tKuDY7IwgRnd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org