Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OygG8SEKrwYWQoUNqL8b7SP7QDE.roa
File: OygG8SEKrwYWQoUNqL8b7SP7QDE.roa (raw, json)
Hash identifier: XOUmAkwk64Fk9/FHEAGCtzPiJMoJ98TLdoPHWSTpu7k=
Subject key identifier: 3B:28:06:F1:21:0A:AF:06:16:42:85:0D:A8:BF:1B:ED:23:FB:40:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018ACB6040C1047F764BA169A173E675DFC4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OygG8SEKrwYWQoUNqL8b7SP7QDE.roa
Signing time: Mon 25 Sep 2023 08:06:37 +0000
ROA not before: Mon 25 Sep 2023 08:06:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.198.243.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
45.80.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:60:40:c1:04:7f:76:4b:a1:69:a1:73:e6:75:df:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 25 08:06:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2806f1210aaf061642850da8bf1bed23fb4031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d6:5a:90:cd:cd:1e:e0:ca:9f:30:72:b2:a7:
e7:d8:d4:d0:d9:70:5a:74:7d:26:b2:93:1e:a4:bd:
f3:32:a7:56:5d:ab:18:8c:a2:74:05:3a:54:8a:58:
dd:f7:d2:98:a6:c9:e6:a9:b3:5d:61:30:9b:1d:e9:
18:82:fb:c5:51:c7:97:00:ff:38:d6:27:1c:c1:96:
b7:59:e2:2d:94:e8:30:b3:0e:c9:e5:ab:a1:49:e3:
15:ed:04:de:85:36:c1:79:a5:1c:c2:b6:9d:cd:51:
29:7a:82:69:6b:99:51:80:21:e3:1a:db:57:ef:91:
e1:49:17:d3:bc:87:41:a9:68:b7:f7:ab:b6:0c:25:
38:f9:e0:e3:cd:ab:6f:f2:c5:20:b2:65:6d:bf:a8:
cf:5b:5d:8b:ff:86:cf:ac:ce:25:cd:2e:14:ab:7b:
ea:7e:4f:c7:ec:ae:0e:ee:91:13:30:64:5f:fa:ea:
d7:e1:ca:a1:7f:56:b4:79:09:f2:4d:3c:58:76:17:
c6:3c:da:22:6b:bf:19:c3:ee:00:77:ea:e3:7f:fb:
25:5c:b4:51:e3:5d:1a:17:de:46:e4:41:3c:16:13:
35:99:39:78:3a:2b:34:20:ec:0a:2b:68:a2:2f:4e:
06:dd:a7:b1:d5:c3:69:f1:45:e8:45:65:47:f0:6c:
78:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:28:06:F1:21:0A:AF:06:16:42:85:0D:A8:BF:1B:ED:23:FB:40:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OygG8SEKrwYWQoUNqL8b7SP7QDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
91.217.249.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:6c:34:9a:33:9d:9a:e3:18:f6:48:13:16:0f:12:2b:0c:0e:
72:36:b2:26:7a:7f:f2:c5:6a:25:71:84:46:d2:27:20:fa:6f:
28:b3:46:ca:18:23:06:5c:e6:5a:66:d0:1f:7a:f0:9b:fe:ed:
de:09:02:16:27:58:c1:49:fc:dd:87:f3:5e:f0:f3:1f:84:df:
44:e0:fe:f8:c5:ab:98:2b:0e:a4:9d:5b:fd:8d:05:97:2c:f9:
59:60:3b:94:eb:99:cc:c8:4b:71:2f:60:4d:f3:23:97:f7:61:
49:8a:ed:22:3f:4c:f1:64:34:a4:a0:74:32:14:08:c9:4c:b1:
97:71:f5:f5:0c:63:65:31:35:6f:fb:51:f7:be:5b:01:3b:18:
79:a0:cf:95:c0:ae:96:7c:14:14:ee:0a:5a:e9:11:42:47:88:
74:c9:ce:78:79:42:b0:41:1d:a8:1d:ad:34:d6:f7:35:e8:1e:
a5:d8:fe:a7:f0:8a:bd:4c:e3:eb:dc:ad:8f:b1:62:0b:f0:6e:
40:a8:a6:03:70:4d:fa:f4:14:5b:4d:a7:f0:ce:ac:4f:95:2b:
46:41:84:bf:11:28:2a:82:94:27:78:8e:56:23:c1:fb:af:90:
ca:2d:fc:af:de:6c:79:15:4b:98:9e:c2:ac:9c:3e:ae:c6:bd:
d9:19:7c:9b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYrLYEDBBH92S6FpoXPmdd/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI1MDgwNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI4MDZmMTIxMGFhZjA2MTY0Mjg1MGRhOGJmMWJlZDIzZmI0MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tZakM3NHuDKnzBysqfn2NTQ2XBa
dH0mspMepL3zMqdWXasYjKJ0BTpUiljd99KYpsnmqbNdYTCbHekYgvvFUceXAP84
1iccwZa3WeItlOgwsw7J5auhSeMV7QTehTbBeaUcwradzVEpeoJpa5lRgCHjGttX
75HhSRfTvIdBqWi396u2DCU4+eDjzatv8sUgsmVtv6jPW12L/4bPrM4lzS4Uq3vq
fk/H7K4O7pETMGRf+urX4cqhf1a0eQnyTTxYdhfGPNoia78Zw+4Ad+rjf/slXLRR
410aF95G5EE8FhM1mTl4Ois0IOwKK2iiL04G3aex1cNp8UXoRWVH8Gx4qwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDsoBvEhCq8GFkKFDai/G+0j+0AxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT3lnRzhTRUtyd1lXUW9VTnFMOGI3U1A3UURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVCdAwQA
W9n5AwQAucBFAwQAucbwAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQAM
bDSaM52a4xj2SBMWDxIrDA5yNrImen/yxWolcYRG0icg+m8os0bKGCMGXOZaZtAf
evCb/u3eCQIWJ1jBSfzdh/Ne8PMfhN9E4P74xauYKw6knVv9jQWXLPlZYDuU65nM
yEtxL2BN8yOX92FJiu0iP0zxZDSkoHQyFAjJTLGXcfX1DGNlMTVv+1H3vlsBOxh5
oM+VwK6WfBQU7gpa6RFCR4h0yc54eUKwQR2oHa001vc16B6l2P6n8Iq9TOPr3K2P
sWIL8G5AqKYDcE369BRbTafwzqxPlStGQYS/ESgqgpQneI5WI8H7r5DKLfyv3mx5
FUuYnsKsnD6uxr3ZGXyb
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:17 2024 by rpki-client on console-ams.rpki-client.org