Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/AO7O5LOy3CS62FckBnrHh_YyPQ0.roa
File: AO7O5LOy3CS62FckBnrHh_YyPQ0.roa (raw, json)
Hash identifier: SAD4ydRQPIexUixW1WLxPxRjl49V/Be0zoGHexNz3Sk=
Subject key identifier: 00:EE:CE:E4:B3:B2:DC:24:BA:D8:57:24:06:7A:C7:87:F6:32:3D:0D
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01856C7810C400E71E6E930C205970CF7F9C
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/AO7O5LOy3CS62FckBnrHh_YyPQ0.roa
Signing time: Sun 01 Jan 2023 08:34:46 +0000
ROA not before: Sun 01 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202984
IP address blocks: 92.63.203.0/24 maxlen: 24
185.176.25.0/24 maxlen: 24
92.63.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:10:c4:00:e7:1e:6e:93:0c:20:59:70:cf:7f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00eecee4b3b2dc24bad85724067ac787f6323d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4d:43:f7:65:75:fb:4c:db:60:54:c6:05:83:
58:58:f4:d9:50:23:07:ce:ac:d3:de:40:e3:c2:7a:
a5:25:58:69:eb:38:b6:e5:76:b1:71:fd:ce:9c:cb:
e0:a4:6e:da:98:38:5c:6f:ba:7b:3e:7c:18:7e:2a:
21:f7:7f:de:27:9a:30:53:95:4f:91:f5:59:13:cc:
33:16:ee:a7:87:f5:b0:83:d0:a0:14:df:b3:28:fc:
84:d6:fa:f6:45:70:65:60:35:f7:11:86:ad:6f:a6:
09:f2:18:07:79:cd:a8:ad:3b:04:c6:13:1a:6e:48:
6a:4f:3b:7a:4a:0d:42:16:68:37:af:6b:1d:b3:8f:
7b:bf:91:a7:ec:28:03:98:5f:c1:12:0d:8c:8d:12:
09:55:49:e0:fc:97:20:c9:aa:69:06:2d:d8:23:56:
68:b7:d1:83:24:0e:20:87:01:79:15:6f:42:cb:78:
c3:b1:9e:35:12:7f:d3:44:f8:ac:21:97:41:f9:48:
6a:45:92:a2:d4:c9:b6:0c:53:6d:8c:71:87:54:ee:
b4:a7:b0:fd:c5:76:68:85:46:a5:83:8c:b5:92:a1:
15:56:63:87:70:3a:29:b5:dd:0a:e9:a5:f8:f8:21:
bb:a2:46:b6:37:70:a2:ae:d1:e9:bc:c0:bf:b3:16:
42:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EE:CE:E4:B3:B2:DC:24:BA:D8:57:24:06:7A:C7:87:F6:32:3D:0D
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/AO7O5LOy3CS62FckBnrHh_YyPQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.199.0/24
92.63.203.0/24
185.176.25.0/24
Signature Algorithm: sha256WithRSAEncryption
34:40:4a:a4:4a:30:b3:3f:5a:4f:97:41:41:d2:4c:b2:4e:94:
8f:d5:9f:af:a8:eb:6f:72:bc:11:84:f9:52:08:fd:02:f5:4e:
86:b0:5a:8c:39:52:59:5d:a9:08:f3:b9:48:53:bf:78:ea:9e:
6e:8e:1c:bf:7a:3d:62:bf:1b:a2:7a:dc:d7:94:35:dc:07:76:
9b:6f:cd:b8:af:3d:47:ff:2b:f3:70:6e:4b:2d:b9:39:5b:70:
5c:d6:d1:5e:ff:e6:6a:51:ff:8e:c3:7d:f4:f0:54:be:0d:74:
00:e8:d4:1d:85:9f:ff:46:1c:c4:fc:bb:b0:ac:8b:e4:e0:05:
42:36:f6:00:d8:24:3c:c3:65:97:03:70:bc:b8:52:0e:cf:53:
ae:e4:76:ef:d4:9c:d0:9f:f6:f6:9a:bf:20:44:f5:38:fc:36:
fa:89:1e:67:39:0f:52:5a:27:72:9c:c9:3e:12:47:c4:97:71:
50:57:fe:cf:5a:cc:93:bd:a0:20:3b:1d:d4:73:84:74:86:36:
6d:e8:d7:db:85:53:14:46:d9:fb:66:91:4b:07:bf:bc:36:de:
9f:52:43:fc:84:33:79:3e:3d:25:af:62:38:87:da:0e:20:30:
c1:ee:60:2d:b3:77:d6:6b:d9:15:da:bb:2d:5a:e7:52:01:1b:
08:e2:9d:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVseBDEAOcebpMMIFlwz3+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjMwMTAxMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVlY2VlNGIzYjJkYzI0YmFkODU3MjQwNjdhYzc4N2Y2MzIzZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU1D92V1+0zbYFTGBYNYWPTZUCMH
zqzT3kDjwnqlJVhp6zi25Xaxcf3OnMvgpG7amDhcb7p7PnwYfioh93/eJ5owU5VP
kfVZE8wzFu6nh/Wwg9CgFN+zKPyE1vr2RXBlYDX3EYatb6YJ8hgHec2orTsExhMa
bkhqTzt6Sg1CFmg3r2sds497v5Gn7CgDmF/BEg2MjRIJVUng/JcgyappBi3YI1Zo
t9GDJA4ghwF5FW9Cy3jDsZ41En/TRPisIZdB+UhqRZKi1Mm2DFNtjHGHVO60p7D9
xXZohUalg4y1kqEVVmOHcDoptd0K6aX4+CG7oka2N3CirtHpvMC/sxZCvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFADuzuSzstwkuthXJAZ6x4f2Mj0NMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvQU83TzVMT3kzQ1M2MkZja0JuckhoX1l5UFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXD/HAwQA
XD/LAwQAubAZMA0GCSqGSIb3DQEBCwUAA4IBAQA0QEqkSjCzP1pPl0FB0kyyTpSP
1Z+vqOtvcrwRhPlSCP0C9U6GsFqMOVJZXakI87lIU7946p5ujhy/ej1ivxuietzX
lDXcB3abb824rz1H/yvzcG5LLbk5W3Bc1tFe/+ZqUf+Ow3308FS+DXQA6NQdhZ//
RhzE/LuwrIvk4AVCNvYA2CQ8w2WXA3C8uFIOz1Ou5Hbv1JzQn/b2mr8gRPU4/Db6
iR5nOQ9SWidynMk+EkfEl3FQV/7PWsyTvaAgOx3Uc4R0hjZt6NfbhVMURtn7ZpFL
B7+8Nt6fUkP8hDN5Pj0lr2I4h9oOIDDB7mAts3fWa9kV2rstWudSARsI4p3o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org