Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/oEo8KRxS0Ju6na8-XiMWCKW51TY.roa
File: oEo8KRxS0Ju6na8-XiMWCKW51TY.roa (raw, json)
Hash identifier: oXvMtXtuFsKqf8563eaROMJOAXtHfkdOYdGChlJCXTo=
Subject key identifier: A0:4A:3C:29:1C:52:D0:9B:BA:9D:AF:3E:5E:23:16:08:A5:B9:D5:36
Certificate issuer: /CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Certificate serial: 018571D79C33E4A79D5B178E20378608F24A
Authority key identifier: 90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/oEo8KRxS0Ju6na8-XiMWCKW51TY.roa
Signing time: Mon 02 Jan 2023 09:37:13 +0000
ROA not before: Mon 02 Jan 2023 09:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41820
IP address blocks: 194.39.224.0/22 maxlen: 22
194.39.224.0/24 maxlen: 24
194.39.225.0/24 maxlen: 24
194.39.226.0/24 maxlen: 24
194.39.227.0/24 maxlen: 24
31.41.88.0/24 maxlen: 24
31.41.90.0/24 maxlen: 24
31.41.91.0/24 maxlen: 24
31.41.88.0/21 maxlen: 21
31.41.89.0/24 maxlen: 24
31.41.94.0/24 maxlen: 24
31.41.95.0/24 maxlen: 24
31.41.92.0/24 maxlen: 24
31.41.93.0/24 maxlen: 24
193.34.172.0/23 maxlen: 23
193.34.172.0/24 maxlen: 24
193.34.173.0/24 maxlen: 24
176.118.41.0/24 maxlen: 24
176.118.42.0/24 maxlen: 24
176.118.40.0/21 maxlen: 21
176.118.40.0/24 maxlen: 24
176.118.43.0/24 maxlen: 24
176.118.44.0/24 maxlen: 24
176.118.45.0/24 maxlen: 24
176.118.46.0/24 maxlen: 24
176.118.47.0/24 maxlen: 24
91.195.172.0/23 maxlen: 23
91.195.172.0/24 maxlen: 24
91.195.173.0/24 maxlen: 24
2a0f:6680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:9c:33:e4:a7:9d:5b:17:8e:20:37:86:08:f2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908a7ea712801e4c8feb85b3f078d05ba101aae1
Validity
Not Before: Jan 2 09:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a04a3c291c52d09bba9daf3e5e231608a5b9d536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:08:77:c8:0d:43:65:c6:89:a1:0a:9a:05:22:
6c:ae:50:92:d9:bc:03:2c:56:4e:ec:4c:cf:c4:a8:
c1:72:f6:f4:dd:d1:c8:32:4c:ac:df:3d:65:fe:18:
6b:b2:fc:16:19:b2:76:42:9a:37:8c:1f:f7:f5:4c:
6c:6e:34:dc:af:3a:bb:c3:77:70:fd:83:b5:2d:35:
50:94:ea:0a:21:d5:da:2e:03:ce:44:62:e7:0a:4c:
21:19:8a:e6:62:ab:f4:ec:b3:da:ee:87:ae:ab:6f:
ce:9b:c2:9e:96:ff:3f:e9:44:4d:19:3a:d1:af:3d:
d4:41:f5:f3:3f:73:23:d7:e2:a3:b6:c3:5c:bc:88:
51:9c:fe:96:62:df:94:23:20:86:3c:9a:78:9e:2d:
6d:e7:33:6b:79:0e:b7:11:f0:96:aa:dc:33:fd:37:
c2:19:5f:5b:09:01:89:d8:f4:cc:fa:99:0f:83:6c:
c7:a3:8f:5e:d1:d3:c8:0a:dd:74:b0:1b:54:3b:bc:
89:8c:5f:3e:57:6c:e9:48:09:73:1d:ab:88:fc:5a:
c8:cb:68:a9:4b:ea:33:a1:aa:07:0a:18:ad:89:71:
8b:73:d1:94:17:a2:26:d7:12:62:34:e2:6b:bf:19:
a5:e2:71:2c:0e:94:ac:29:7f:24:6e:36:1e:46:df:
55:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4A:3C:29:1C:52:D0:9B:BA:9D:AF:3E:5E:23:16:08:A5:B9:D5:36
X509v3 Authority Key Identifier:
keyid:90:8A:7E:A7:12:80:1E:4C:8F:EB:85:B3:F0:78:D0:5B:A1:01:AA:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kIp-pxKAHkyP64Wz8HjQW6EBquE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/oEo8KRxS0Ju6na8-XiMWCKW51TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8605e6-d9f4-4c32-b4d1-1a12cc0b0406/1/kIp-pxKAHkyP64Wz8HjQW6EBquE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.88.0/21
91.195.172.0/23
176.118.40.0/21
193.34.172.0/23
194.39.224.0/22
IPv6:
2a0f:6680::/29
Signature Algorithm: sha256WithRSAEncryption
68:47:19:14:8a:24:b8:ff:d5:2b:15:e0:2e:45:ab:58:0d:3d:
9c:3a:f6:e7:ff:e0:3d:ba:28:26:d0:e3:13:5a:a8:d9:63:1a:
4a:c3:16:81:97:b8:d7:ec:c5:38:27:f6:aa:12:93:97:34:0b:
c0:f2:63:4a:af:62:be:3d:58:d7:a3:73:0b:3f:b1:2a:1d:62:
fb:36:67:3d:c5:4e:e9:b2:b8:6a:69:cc:8a:57:ed:99:3a:bb:
e9:e6:29:42:4f:5e:16:e9:90:e9:2b:19:7b:aa:7f:69:4b:db:
7e:26:88:8f:64:ff:0e:43:cf:c5:f5:58:cd:ed:8a:38:66:37:
bc:a3:94:70:71:bd:57:1f:cb:3d:77:19:f1:3b:05:96:ba:f4:
c9:0d:75:ca:dd:6a:28:16:06:9e:b7:c2:35:41:b8:79:f6:37:
20:66:98:b7:5a:f2:d0:7b:25:15:02:09:b2:75:da:16:10:4f:
de:fe:58:4a:50:b8:5a:96:0c:6d:59:f8:8b:c1:a5:88:ad:0f:
4a:94:f8:62:55:56:96:53:0b:4e:ca:d4:64:d0:dd:ab:b9:da:
d9:d5:e4:d9:f8:cf:12:0f:23:dc:e4:34:b7:a6:24:40:16:6f:
41:9c:7f:d9:99:0d:20:3f:cf:af:d7:7e:02:21:a5:50:b1:fa:
41:ff:79:7b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVx15wz5KedWxeOIDeGCPJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOGE3ZWE3MTI4MDFlNGM4ZmViODViM2YwNzhkMDViYTEw
MWFhZTEwHhcNMjMwMTAyMDkzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRhM2MyOTFjNTJkMDliYmE5ZGFmM2U1ZTIzMTYwOGE1YjlkNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgh3yA1DZcaJoQqaBSJsrlCS2bwD
LFZO7EzPxKjBcvb03dHIMkys3z1l/hhrsvwWGbJ2Qpo3jB/39UxsbjTcrzq7w3dw
/YO1LTVQlOoKIdXaLgPORGLnCkwhGYrmYqv07LPa7oeuq2/Om8Kelv8/6URNGTrR
rz3UQfXzP3Mj1+KjtsNcvIhRnP6WYt+UIyCGPJp4ni1t5zNreQ63EfCWqtwz/TfC
GV9bCQGJ2PTM+pkPg2zHo49e0dPICt10sBtUO7yJjF8+V2zpSAlzHauI/FrIy2ip
S+ozoaoHChitiXGLc9GUF6Im1xJiNOJrvxml4nEsDpSsKX8kbjYeRt9VbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKBKPCkcUtCbup2vPl4jFgiludU2MB8GA1UdIwQY
MBaAFJCKfqcSgB5Mj+uFs/B40FuhAarhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0lwLXB4S0FIa3lQNjRXejhIalFXNkVCcXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NjA1ZTYtZDlmNC00YzMyLWI0ZDEt
MWExMmNjMGIwNDA2LzEvb0VvOEtSeFMwSnU2bmE4LVhpTVdDS1c1MVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NjA1ZTYtZDlmNC00YzMyLWI0ZDEtMWExMmNjMGIwNDA2
LzEva0lwLXB4S0FIa3lQNjRXejhIalFXNkVCcXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHylYAwQB
W8OsAwQDsHYoAwQBwSKsAwQCwifgMA0EAgACMAcDBQMqD2aAMA0GCSqGSIb3DQEB
CwUAA4IBAQBoRxkUiiS4/9UrFeAuRatYDT2cOvbn/+A9uigm0OMTWqjZYxpKwxaB
l7jX7MU4J/aqEpOXNAvA8mNKr2K+PVjXo3MLP7EqHWL7Nmc9xU7psrhqacyKV+2Z
Orvp5ilCT14W6ZDpKxl7qn9pS9t+JoiPZP8OQ8/F9VjN7Yo4Zje8o5Rwcb1XH8s9
dxnxOwWWuvTJDXXK3WooFgaet8I1Qbh59jcgZpi3WvLQeyUVAgmyddoWEE/e/lhK
ULhalgxtWfiLwaWIrQ9KlPhiVVaWUwtOytRk0N2rudrZ1eTZ+M8SDyPc5DS3piRA
Fm9BnH/ZmQ0gP8+v134CIaVQsfpB/3l7
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:50 2024 by rpki-client on console-ams.rpki-client.org