Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O5Aqikp8AIoHL3rvVvUuf8kkriU.roa
File: O5Aqikp8AIoHL3rvVvUuf8kkriU.roa (raw, json)
Hash identifier: a//UWn13Omrdg/Hbuu1wec54n3A6YyaW941PsXN3HCo=
Subject key identifier: 3B:90:2A:8A:4A:7C:00:8A:07:2F:7A:EF:56:F5:2E:7F:C9:24:AE:25
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0187CD6B7084A9E1774B75E8FEA2119275DC
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O5Aqikp8AIoHL3rvVvUuf8kkriU.roa
Signing time: Sat 29 Apr 2023 14:29:42 +0000
ROA not before: Sat 29 Apr 2023 14:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209908
IP address blocks: 149.3.186.0/24 maxlen: 24
185.161.216.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cd:6b:70:84:a9:e1:77:4b:75:e8:fe:a2:11:92:75:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Apr 29 14:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b902a8a4a7c008a072f7aef56f52e7fc924ae25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:34:fd:db:a7:f1:d3:03:4b:de:1c:27:35:52:
f9:39:e4:29:08:ee:08:cf:8f:66:b4:ef:c9:1d:76:
a6:8c:ef:e3:f3:4d:d1:fb:05:2f:35:13:d3:62:91:
10:db:cf:46:51:96:cf:5b:12:38:8e:a6:b7:6e:1c:
16:21:53:4b:53:82:2f:f0:e1:ca:f9:7d:71:76:1f:
5a:cd:a1:36:a1:9a:04:1d:27:fb:4f:e2:9a:cc:57:
cd:66:0d:c7:84:dc:e7:b1:85:56:17:39:09:49:5f:
95:7d:17:c6:07:4a:d0:3e:fa:05:f7:4b:22:c6:a7:
08:4e:44:2c:ba:e7:1b:a8:68:92:75:4f:7e:80:5d:
5f:92:dc:6f:38:2d:ad:ea:44:bb:35:19:a2:68:40:
95:f9:d7:57:44:6f:8a:3d:62:26:75:e8:6a:53:f6:
8f:22:4e:d3:00:8e:46:75:d7:7e:92:55:c0:e2:74:
5e:72:e1:74:60:ca:42:36:1c:f2:41:a9:b9:67:06:
d2:dc:a9:ff:d8:fd:82:dd:ef:31:0c:9e:0a:55:dd:
55:ef:e1:20:9d:65:80:5d:0c:92:b8:74:f7:0f:c9:
f2:9c:78:8a:c0:1c:b5:d3:a6:10:d5:a2:eb:d7:58:
6d:42:df:d3:80:3c:d1:5e:47:2c:50:b9:59:a5:09:
ff:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:90:2A:8A:4A:7C:00:8A:07:2F:7A:EF:56:F5:2E:7F:C9:24:AE:25
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O5Aqikp8AIoHL3rvVvUuf8kkriU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.186.0/24
185.161.216.0/23
Signature Algorithm: sha256WithRSAEncryption
09:ba:af:a4:ab:aa:63:23:bb:c3:a6:a7:c3:b8:44:bd:d4:80:
11:87:a0:42:36:93:c5:4e:02:fc:7a:a2:15:bb:f2:9c:1a:51:
1a:e7:50:de:31:1e:c1:b6:4f:d2:62:cb:90:51:2e:77:33:85:
76:51:fe:91:f6:72:95:e9:d4:ed:c3:5b:f4:e5:ab:ca:55:4f:
90:87:02:30:7a:db:2d:18:78:69:83:4f:ef:f8:7f:f3:3d:b9:
89:ed:a3:97:14:22:67:20:6f:fb:ce:fe:7e:1f:1e:67:7f:b6:
ee:39:d7:b3:19:78:d5:f8:a0:0b:79:68:4a:d0:5e:a3:35:0a:
3f:68:d4:2a:73:12:11:b1:bc:4c:8e:51:29:1d:f7:2b:75:3f:
78:d2:30:b3:00:9b:3a:2a:04:45:ac:d9:15:27:54:f2:4a:50:
df:79:36:62:95:86:f5:0f:ee:67:a9:e9:b6:0c:80:5f:b2:0c:
9c:b3:53:0f:e2:32:d5:29:a8:7e:97:7c:32:b7:28:a7:35:1f:
37:45:6d:7f:13:b5:82:f1:a8:74:52:ac:74:7d:df:ab:39:b3:
37:e6:fa:43:f6:07:45:da:63:27:fd:36:a0:20:0f:02:6c:aa:
2b:5e:00:8b:f3:0c:96:14:95:36:19:b6:a1:f7:5c:9f:9f:38:
e0:3c:fb:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfNa3CEqeF3S3Xo/qIRknXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwNDI5MTQyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjkwMmE4YTRhN2MwMDhhMDcyZjdhZWY1NmY1MmU3ZmM5MjRhZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjT926fx0wNL3hwnNVL5OeQpCO4I
z49mtO/JHXamjO/j803R+wUvNRPTYpEQ289GUZbPWxI4jqa3bhwWIVNLU4Iv8OHK
+X1xdh9azaE2oZoEHSf7T+KazFfNZg3HhNznsYVWFzkJSV+VfRfGB0rQPvoF90si
xqcITkQsuucbqGiSdU9+gF1fktxvOC2t6kS7NRmiaECV+ddXRG+KPWImdehqU/aP
Ik7TAI5Gddd+klXA4nRecuF0YMpCNhzyQam5ZwbS3Kn/2P2C3e8xDJ4KVd1V7+Eg
nWWAXQySuHT3D8nynHiKwBy106YQ1aLr11htQt/TgDzRXkcsULlZpQn/PQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuQKopKfACKBy9671b1Ln/JJK4lMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvTzVBcWlrcDhBSW9ITDNydlZ2VXVmOGtrcmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlQO6AwQB
uaHYMA0GCSqGSIb3DQEBCwUAA4IBAQAJuq+kq6pjI7vDpqfDuES91IARh6BCNpPF
TgL8eqIVu/KcGlEa51DeMR7Btk/SYsuQUS53M4V2Uf6R9nKV6dTtw1v05avKVU+Q
hwIwetstGHhpg0/v+H/zPbmJ7aOXFCJnIG/7zv5+Hx5nf7buOdezGXjV+KALeWhK
0F6jNQo/aNQqcxIRsbxMjlEpHfcrdT940jCzAJs6KgRFrNkVJ1TySlDfeTZilYb1
D+5nqem2DIBfsgycs1MP4jLVKah+l3wytyinNR83RW1/E7WC8ah0Uqx0fd+rObM3
5vpD9gdF2mMn/TagIA8CbKorXgCL8wyWFJU2Gbah91yfnzjgPPuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org