Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/oIbHBKfpMExDItNQZw2G2lmvRBw.roa
File: oIbHBKfpMExDItNQZw2G2lmvRBw.roa (raw, json)
Hash identifier: K7J98mh6/LG3a57YfZ2kLjWgOO63VosqOKstzoa9oco=
Subject key identifier: A0:86:C7:04:A7:E9:30:4C:43:22:D3:50:67:0D:86:DA:59:AF:44:1C
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 01900625558EB2694DAD42577F7932DDC24D
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/oIbHBKfpMExDItNQZw2G2lmvRBw.roa
Signing time: Tue 11 Jun 2024 07:13:48 +0000
ROA not before: Tue 11 Jun 2024 07:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Jun 2024 16:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:25:55:8e:b2:69:4d:ad:42:57:7f:79:32:dd:c2:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Jun 11 07:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a086c704a7e9304c4322d350670d86da59af441c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:11:58:7e:f7:bc:e5:b0:de:55:c2:e1:97:1e:
e8:be:73:bb:ee:2b:16:19:89:e1:b4:95:cd:c2:ac:
6c:ba:6f:5a:33:e9:98:1a:70:b3:2e:50:59:e7:6d:
8f:1a:58:b5:96:a3:16:01:0f:75:89:54:2c:c9:63:
0b:3c:20:cb:54:8f:eb:76:06:2d:8b:8a:97:f2:19:
e4:bf:9f:21:fb:06:2b:ce:c6:f9:9b:cb:69:87:1a:
f8:49:d9:76:11:5d:c5:87:27:87:52:6c:bc:cd:05:
60:28:1d:93:19:13:f4:8d:57:80:a3:04:1b:91:cc:
a5:44:c9:c5:89:fb:b0:61:f2:13:f0:6c:b8:13:08:
7f:50:62:2a:1b:c2:a7:01:02:8d:f5:0b:58:e0:ff:
4c:a7:2d:9a:71:2b:bf:62:39:1c:f6:a0:5e:09:49:
bc:55:60:16:0b:b8:fa:fd:da:db:cc:01:7f:4a:01:
5d:7c:93:6d:80:9f:66:fe:95:42:81:bd:1c:9b:07:
ea:8e:f5:e0:67:a4:3c:bd:98:f1:43:a7:97:70:03:
12:e6:4d:d2:09:4e:5e:d1:d3:7a:c9:a4:3b:1a:68:
c3:86:8f:3c:5b:c1:b5:8c:64:4b:ef:88:3d:70:9a:
e1:06:4c:34:3f:30:0e:08:85:b7:26:59:be:06:2c:
21:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:86:C7:04:A7:E9:30:4C:43:22:D3:50:67:0D:86:DA:59:AF:44:1C
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/oIbHBKfpMExDItNQZw2G2lmvRBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0/23
193.3.191.0/24
IPv6:
2a0d:280::/29
Signature Algorithm: sha256WithRSAEncryption
4d:b9:a4:64:00:3e:90:43:89:73:ff:53:71:cf:98:05:e7:3f:
12:8b:bb:85:e5:81:e7:18:44:8a:57:f9:61:0d:8d:be:b1:cf:
7d:8d:1a:00:ae:1d:c6:be:1e:30:89:fa:85:36:a3:cb:1c:fa:
2e:79:e2:67:3f:da:5b:08:07:18:88:ea:04:18:73:5c:35:a9:
83:97:25:e8:a7:8a:5b:34:fe:12:f3:6e:e6:a7:8a:ec:6b:47:
c6:a0:28:bd:0a:89:59:eb:e7:98:ea:dc:d8:29:d1:0c:db:97:
41:a2:42:ed:09:d3:a3:d2:b8:d3:5a:4d:86:cf:15:fb:6d:9a:
7d:7d:2a:2c:d1:13:7f:f9:1f:01:40:ab:78:98:1a:e3:ef:28:
5d:f9:fb:f0:42:21:c2:62:b9:a0:29:02:39:a5:18:36:42:52:
79:d3:b7:6d:69:f7:ad:a9:e0:37:20:eb:f4:1f:e9:aa:70:f7:
0a:43:7a:9f:e4:98:ad:7a:2f:d6:d2:57:ea:cb:9c:37:70:63:
f9:02:e1:e6:95:23:d6:eb:2b:93:18:f2:7d:0f:87:14:e9:43:
48:e7:44:b6:b9:bd:75:9c:20:0b:c2:48:f6:aa:14:24:6c:ee:
36:cc:ff:67:e3:40:95:d4:5a:46:a6:ff:87:ad:29:8f:71:06:
87:1c:0d:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZAGJVWOsmlNrUJXf3ky3cJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjQwNjExMDcxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg2YzcwNGE3ZTkzMDRjNDMyMmQzNTA2NzBkODZkYTU5YWY0NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hFYfve85bDeVcLhlx7ovnO77isW
GYnhtJXNwqxsum9aM+mYGnCzLlBZ522PGli1lqMWAQ91iVQsyWMLPCDLVI/rdgYt
i4qX8hnkv58h+wYrzsb5m8tphxr4Sdl2EV3FhyeHUmy8zQVgKB2TGRP0jVeAowQb
kcylRMnFifuwYfIT8Gy4Ewh/UGIqG8KnAQKN9QtY4P9Mpy2acSu/Yjkc9qBeCUm8
VWAWC7j6/drbzAF/SgFdfJNtgJ9m/pVCgb0cmwfqjvXgZ6Q8vZjxQ6eXcAMS5k3S
CU5e0dN6yaQ7GmjDho88W8G1jGRL74g9cJrhBkw0PzAOCIW3Jlm+BiwhMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKCGxwSn6TBMQyLTUGcNhtpZr0QcMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvb0liSEJLZnBNRXhESXROUVp3MkcybG12UkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBufMoAwQA
wQO/MA0EAgACMAcDBQMqDQKAMA0GCSqGSIb3DQEBCwUAA4IBAQBNuaRkAD6QQ4lz
/1Nxz5gF5z8Si7uF5YHnGESKV/lhDY2+sc99jRoArh3Gvh4wifqFNqPLHPoueeJn
P9pbCAcYiOoEGHNcNamDlyXop4pbNP4S827mp4rsa0fGoCi9ColZ6+eY6tzYKdEM
25dBokLtCdOj0rjTWk2GzxX7bZp9fSos0RN/+R8BQKt4mBrj7yhd+fvwQiHCYrmg
KQI5pRg2QlJ507dtafetqeA3IOv0H+mqcPcKQ3qf5Jitei/W0lfqy5w3cGP5AuHm
lSPW6yuTGPJ9D4cU6UNI50S2ub11nCALwkj2qhQkbO42zP9n40CV1FpGpv+HrSmP
cQaHHA3k
-----END CERTIFICATE-----
Generated at Fri Jun 14 18:56:28 2024 by rpki-client on console-fra.rpki-client.org