Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/oDL9FLB9hNmI3y_ynlE6RyUsdVg.roa
File: oDL9FLB9hNmI3y_ynlE6RyUsdVg.roa (raw, json)
Hash identifier: w+Y9mEyokPFVxGv1U/3C4SPe/2l6H1ebo4GbQ1ISnP4=
Subject key identifier: A0:32:FD:14:B0:7D:84:D9:88:DF:2F:F2:9E:51:3A:47:25:2C:75:58
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0185715E987D7A7126C1F522ADF39F5DC5D8
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/oDL9FLB9hNmI3y_ynlE6RyUsdVg.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211531
IP address blocks: 80.245.87.0/24 maxlen: 24
149.3.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:98:7d:7a:71:26:c1:f5:22:ad:f3:9f:5d:c5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a032fd14b07d84d988df2ff29e513a47252c7558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a3:61:6e:92:51:18:2a:a3:cf:a3:f7:07:b9:
2a:d2:78:d0:22:0c:38:38:b5:f6:aa:64:42:58:d5:
d7:84:c8:de:7b:19:be:37:24:79:94:77:fb:83:49:
34:11:e0:6d:4b:d1:e7:e2:bd:76:8e:64:f5:a6:3a:
dc:4f:90:cc:81:d4:72:f1:76:5d:5d:d3:35:e2:ec:
4d:a3:86:52:ef:60:8b:4c:28:f0:8b:55:a7:01:a8:
1e:44:7c:ee:9d:45:0f:21:39:52:90:b2:57:bc:af:
18:9f:24:08:78:02:da:a8:92:51:88:eb:6e:e9:40:
fe:ca:c9:ac:27:97:aa:68:85:94:45:54:aa:0e:b8:
8f:d8:46:c6:e9:64:cd:0e:15:8e:52:89:41:ad:c6:
04:4e:0f:bb:da:c6:5f:66:32:c9:be:9a:49:6b:e0:
60:ce:85:08:27:95:ae:b0:3b:9d:2c:6c:5e:66:bf:
6f:c0:10:cd:4d:53:38:97:82:1d:f5:a8:f5:8a:9b:
a8:b5:26:ec:2f:38:e7:b2:61:99:e9:f3:df:23:d7:
98:26:de:24:bf:8d:c9:ca:6a:0b:13:02:83:65:b9:
5d:3a:19:7f:42:16:5e:fe:b5:2c:b6:c8:0b:f4:84:
c0:13:12:e8:fa:ba:51:b8:95:29:4b:29:51:f9:b1:
4b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:32:FD:14:B0:7D:84:D9:88:DF:2F:F2:9E:51:3A:47:25:2C:75:58
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/oDL9FLB9hNmI3y_ynlE6RyUsdVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.87.0/24
149.3.184.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:60:6e:50:68:57:09:84:89:0d:68:10:b2:b3:37:a8:c7:29:
24:d1:6f:43:90:dc:02:dd:cb:08:09:a3:3c:e8:f3:98:d8:9a:
f5:4c:d5:a0:a2:4a:fe:30:cf:9b:4e:7c:e0:26:8f:92:17:5b:
b2:c4:71:5b:d3:3c:c1:33:e7:45:0e:e0:55:75:74:26:41:86:
c7:66:0e:1f:f8:27:23:e2:28:77:19:e2:1b:9b:3c:43:96:28:
0d:c2:8e:6d:25:93:e7:99:55:52:cf:58:85:89:65:ed:9c:be:
0f:31:90:84:60:06:f9:ac:a5:e1:10:a2:30:f7:b8:9a:2a:45:
6d:04:7a:f2:b4:e7:e0:bf:6b:fd:ae:74:84:28:7f:6a:00:69:
16:2a:c3:41:ff:34:09:67:c4:b0:64:b5:14:6c:84:5f:d3:cd:
6a:bc:be:ef:22:f1:33:78:7f:d4:30:c8:6f:38:dd:f6:6e:53:
0e:d5:c6:3d:d9:7e:f3:b7:8a:fa:77:05:f5:ee:46:b4:4f:09:
68:c4:6d:20:07:c5:30:2b:c3:da:44:60:a4:82:6c:09:b7:b4:
ca:cb:47:26:91:c9:9f:6b:4a:cd:35:36:70:c0:6b:63:a6:a8:
47:20:13:17:1d:19:03:6c:dc:23:2d:b9:b8:49:f8:ed:f5:ab:
e7:69:1c:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxXph9enEmwfUirfOfXcXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMyZmQxNGIwN2Q4NGQ5ODhkZjJmZjI5ZTUxM2E0NzI1MmM3NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6NhbpJRGCqjz6P3B7kq0njQIgw4
OLX2qmRCWNXXhMjeexm+NyR5lHf7g0k0EeBtS9Hn4r12jmT1pjrcT5DMgdRy8XZd
XdM14uxNo4ZS72CLTCjwi1WnAageRHzunUUPITlSkLJXvK8YnyQIeALaqJJRiOtu
6UD+ysmsJ5eqaIWURVSqDriP2EbG6WTNDhWOUolBrcYETg+72sZfZjLJvppJa+Bg
zoUIJ5WusDudLGxeZr9vwBDNTVM4l4Id9aj1ipuotSbsLzjnsmGZ6fPfI9eYJt4k
v43JymoLEwKDZbldOhl/QhZe/rUstsgL9ITAExLo+rpRuJUpSylR+bFLNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAy/RSwfYTZiN8v8p5ROkclLHVYMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvb0RMOUZMQjloTm1JM3lfeW5sRTZSeVVzZFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPVXAwQA
lQO4MA0GCSqGSIb3DQEBCwUAA4IBAQCbYG5QaFcJhIkNaBCyszeoxykk0W9DkNwC
3csICaM86POY2Jr1TNWgokr+MM+bTnzgJo+SF1uyxHFb0zzBM+dFDuBVdXQmQYbH
Zg4f+Ccj4ih3GeIbmzxDligNwo5tJZPnmVVSz1iFiWXtnL4PMZCEYAb5rKXhEKIw
97iaKkVtBHrytOfgv2v9rnSEKH9qAGkWKsNB/zQJZ8SwZLUUbIRf081qvL7vIvEz
eH/UMMhvON32blMO1cY92X7zt4r6dwX17ka0TwloxG0gB8UwK8PaRGCkgmwJt7TK
y0cmkcmfa0rNNTZwwGtjpqhHIBMXHRkDbNwjLbm4Sfjt9avnaRxa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org