Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/Ori7DPoU576ri_qN9zfDuJO1wl4.roa
File: Ori7DPoU576ri_qN9zfDuJO1wl4.roa (raw, json)
Hash identifier: dGc1GS+IJmG6hH2D9G5Px6ONWipXeOByR2z7fs74zA0=
Subject key identifier: 3A:B8:BB:0C:FA:14:E7:BE:AB:8B:FA:8D:F7:37:C3:B8:93:B5:C2:5E
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018BD00346E10BDD1099475934C6D29AC07D
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/Ori7DPoU576ri_qN9zfDuJO1wl4.roa
Signing time: Tue 14 Nov 2023 22:45:57 +0000
ROA not before: Tue 14 Nov 2023 22:45:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 5.44.249.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.36.162.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
185.230.245.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
91.192.81.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d0:03:46:e1:0b:dd:10:99:47:59:34:c6:d2:9a:c0:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Nov 14 22:45:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ab8bb0cfa14e7beab8bfa8df737c3b893b5c25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cc:a1:52:d0:52:6e:b5:35:7a:5d:d4:b7:f7:
56:a2:aa:25:68:1f:59:37:85:d6:66:7e:4e:89:13:
84:9f:86:c2:40:d1:cb:14:bb:8e:66:cf:7d:29:67:
40:bf:60:23:0e:d4:18:20:69:19:f7:98:5c:8d:73:
54:da:82:d9:73:09:12:9c:fe:93:78:98:91:25:b0:
65:3f:94:c2:ca:4d:a6:8d:ad:1e:5e:53:ea:f7:20:
62:81:67:3e:21:dd:0f:6c:74:79:99:2a:0b:5e:13:
29:81:2f:63:e1:93:2f:40:32:8e:96:a9:82:16:bb:
a9:47:55:b7:57:8b:39:41:a2:45:2f:74:3d:62:47:
20:ef:4b:c1:66:ac:f2:f8:50:14:2d:08:0f:1e:11:
de:5f:ef:5d:bc:04:9c:3e:88:56:73:c9:cd:33:24:
c0:e9:1a:db:b6:bc:9f:36:5f:c0:3b:da:0a:8f:3e:
aa:0e:44:48:6e:bf:32:38:e8:18:b5:7a:1f:5c:ac:
eb:58:71:9d:83:42:ed:f9:39:1a:af:c9:1b:74:1d:
6e:d1:e6:93:75:96:0f:ee:bd:7e:34:66:1e:86:8e:
a1:c0:c6:c5:9f:48:75:15:8a:38:f1:25:cf:29:ba:
4e:a5:59:db:f6:1b:7f:cb:91:98:e7:c5:f9:89:8e:
ab:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B8:BB:0C:FA:14:E7:BE:AB:8B:FA:8D:F7:37:C3:B8:93:B5:C2:5E
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/Ori7DPoU576ri_qN9zfDuJO1wl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.111.112.0/22
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
44:e0:03:ba:07:68:b0:c6:81:82:c4:36:5d:2f:55:d7:d4:28:
25:7f:20:23:bb:19:06:10:1d:e9:1b:42:e2:37:09:75:8d:fa:
be:8c:3d:d0:ec:00:8e:b4:c7:97:83:67:e9:29:cc:07:b1:ae:
98:4b:c8:12:e5:58:39:44:93:19:24:b1:51:19:33:03:02:c6:
f0:65:ee:24:41:c0:51:21:4a:cc:46:ac:91:c1:6d:9a:8e:14:
00:dd:22:42:95:69:d6:49:1a:47:54:48:2f:b3:43:d8:ff:b3:
9d:96:3a:84:90:b3:28:22:9a:f5:30:9c:52:f6:61:9c:64:ff:
36:58:f6:ef:74:b2:a4:da:56:f1:35:f6:d6:10:8c:a3:50:e5:
b7:26:8e:48:bf:02:fb:77:b2:29:86:46:6f:a9:15:33:23:85:
74:48:d3:78:ab:88:02:1c:42:b5:02:e5:de:be:64:7c:66:d2:
c4:2b:35:25:bb:a2:c7:c8:60:c8:e7:15:e4:0d:ae:11:a5:b7:
51:e4:91:b4:64:7e:84:a3:1a:92:79:ea:c9:ec:24:bb:16:58:
9d:33:80:24:d9:c4:cb:3e:72:90:f3:7c:18:0f:33:fc:86:eb:
a4:b8:08:15:cc:70:e0:1a:43:14:f1:97:fb:53:bc:6b:49:38:
48:69:ee:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYvQA0bhC90QmUdZNMbSmsB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMxMTE0MjI0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI4YmIwY2ZhMTRlN2JlYWI4YmZhOGRmNzM3YzNiODkzYjVjMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cyhUtBSbrU1el3Ut/dWoqolaB9Z
N4XWZn5OiROEn4bCQNHLFLuOZs99KWdAv2AjDtQYIGkZ95hcjXNU2oLZcwkSnP6T
eJiRJbBlP5TCyk2mja0eXlPq9yBigWc+Id0PbHR5mSoLXhMpgS9j4ZMvQDKOlqmC
FrupR1W3V4s5QaJFL3Q9Ykcg70vBZqzy+FAULQgPHhHeX+9dvAScPohWc8nNMyTA
6RrbtryfNl/AO9oKjz6qDkRIbr8yOOgYtXofXKzrWHGdg0Lt+Tkar8kbdB1u0eaT
dZYP7r1+NGYeho6hwMbFn0h1FYo48SXPKbpOpVnb9ht/y5GY58X5iY6rwwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFDq4uwz6FOe+q4v6jfc3w7iTtcJeMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvT3JpN0RQb1U1NzZyaV9xTjl6ZkR1Sk8xd2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBmBAIAATBgAwQABSz5
AwQAH97iAwQAPnq7AwQBWNIkAwQBWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQCZ29w
AwQAnv9MAwQAsGHAAwQBuYzSAwQAuZM1AwQAueD5AwQAueb1AwQAwSPgMCYEAgAC
MCADBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkqhkiG9w0BAQsF
AAOCAQEAROADugdosMaBgsQ2XS9V19QoJX8gI7sZBhAd6RtC4jcJdY36vow90OwA
jrTHl4Nn6SnMB7GumEvIEuVYOUSTGSSxURkzAwLG8GXuJEHAUSFKzEaskcFtmo4U
AN0iQpVp1kkaR1RIL7ND2P+znZY6hJCzKCKa9TCcUvZhnGT/Nlj273SypNpW8TX2
1hCMo1DltyaOSL8C+3eyKYZGb6kVMyOFdEjTeKuIAhxCtQLl3r5kfGbSxCs1Jbui
x8hgyOcV5A2uEaW3UeSRtGR+hKMaknnqyewkuxZYnTOAJNnEyz5ykPN8GA8z/Ibr
pLgIFcxw4BpDFPGX+1O8a0k4SGnuqw==
-----END CERTIFICATE-----
Generated at Sun Nov 26 23:06:36 2023 by rpki-client on console-fra.rpki-client.org