Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/o0hcFGCsqiFme9b6wZl0VnupPLU.roa
File: o0hcFGCsqiFme9b6wZl0VnupPLU.roa (raw, json)
Hash identifier: 29w3jtQogfAZN2WCntkhVZS0v7VNRmdoP9bdslpoyj0=
Subject key identifier: A3:48:5C:14:60:AC:AA:21:66:7B:D6:FA:C1:99:74:56:7B:A9:3C:B5
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ABED82F04518002293ED0C7AA372B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/o0hcFGCsqiFme9b6wZl0VnupPLU.roa
Signing time: Mon 02 Jan 2023 17:15:02 +0000
ROA not before: Mon 02 Jan 2023 17:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43402
IP address blocks: 83.142.240.0/21 maxlen: 24
95.131.160.0/21 maxlen: 24
185.127.144.0/22 maxlen: 24
2a03:62c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:be:d8:2f:04:51:80:02:29:3e:d0:c7:aa:37:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3485c1460acaa21667bd6fac19974567ba93cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9c:1f:90:ac:57:c9:61:c9:33:68:2e:86:c3:
1d:35:db:bd:c8:19:7c:ba:00:de:c2:e8:aa:99:80:
cf:a8:2a:c0:37:93:d7:e1:99:12:3f:20:07:1c:90:
ea:ea:e1:7b:f8:3d:73:0c:db:46:d9:01:28:4f:9c:
26:e9:6c:d6:bc:f4:5c:d0:70:ff:1f:77:08:3d:9c:
b4:ca:41:28:d9:93:6c:23:f4:00:6f:fb:6a:2e:39:
e0:09:5b:6c:d1:01:df:0a:c2:f7:df:d7:10:36:5b:
4e:fb:fd:f0:e3:a7:9f:9c:68:2a:07:e9:07:f0:72:
a5:61:3c:ba:2b:30:31:fb:85:f2:7a:d8:18:3d:09:
02:03:3c:31:1b:c0:a8:26:34:32:cc:68:b3:9d:e1:
f8:81:f4:74:5f:d2:ab:7d:2b:5c:08:2e:2c:9c:2d:
17:12:eb:8d:6b:66:8d:f8:72:29:b7:ec:fa:bd:00:
f6:04:2d:56:57:17:5f:05:83:d0:a3:03:b9:aa:9b:
a8:a4:9c:a1:3c:de:99:e3:22:b6:a3:2d:2b:d6:20:
0c:e0:03:3d:dc:65:3f:06:79:6f:31:ea:03:79:9b:
a7:d5:10:e2:55:27:2f:77:6c:da:0d:dd:26:53:e9:
4b:33:c2:50:0b:25:fb:67:3c:ca:ff:0b:22:ec:b0:
53:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:48:5C:14:60:AC:AA:21:66:7B:D6:FA:C1:99:74:56:7B:A9:3C:B5
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/o0hcFGCsqiFme9b6wZl0VnupPLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
IPv6:
2a03:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:3b:ca:f0:7b:65:00:7d:a5:c6:24:05:5b:84:5f:21:68:12:
29:6e:ac:db:de:29:5c:f8:bf:06:78:4c:95:2a:31:1d:f0:3f:
06:0b:68:66:93:c2:d3:f4:1b:5b:c2:15:eb:d6:13:aa:fa:c3:
e0:2a:01:1f:cd:68:ad:dd:10:9a:1c:f4:d9:88:f5:e9:be:a8:
3e:7e:71:4b:e9:d0:d9:13:6a:4c:83:22:65:32:4a:eb:25:1b:
b5:f5:45:8b:d5:cf:a8:41:22:b6:6a:df:b9:c1:d0:18:71:a6:
54:45:77:67:de:bf:33:50:c1:dc:99:6c:85:3e:f4:35:59:78:
09:55:4c:62:49:06:15:97:1b:7f:de:0d:5f:7e:c5:b5:5e:d1:
be:c3:7c:3c:35:ad:f9:29:d5:bf:a2:fb:f0:ce:08:ed:c6:c7:
d9:2e:14:d6:d5:db:80:53:77:02:6a:0b:15:fb:2a:73:84:ae:
42:2f:14:69:ab:45:4d:57:cf:d3:7f:2a:3d:a3:c6:a8:e0:e1:
e3:9c:ad:8a:99:93:77:de:81:e2:8a:2f:00:02:ea:d5:7a:4f:
c2:e1:80:3e:af:08:c8:6a:a9:4f:ee:53:11:0d:8d:aa:a6:d5:
6c:6d:b2:95:8d:e1:ed:ae:dc:48:18:38:8c:e6:e2:17:34:a2:
94:2c:ac:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzer7YLwRRgAIpPtDHqjcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ4NWMxNDYwYWNhYTIxNjY3YmQ2ZmFjMTk5NzQ1NjdiYTkzY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJwfkKxXyWHJM2guhsMdNdu9yBl8
ugDewuiqmYDPqCrAN5PX4ZkSPyAHHJDq6uF7+D1zDNtG2QEoT5wm6WzWvPRc0HD/
H3cIPZy0ykEo2ZNsI/QAb/tqLjngCVts0QHfCsL339cQNltO+/3w46efnGgqB+kH
8HKlYTy6KzAx+4XyetgYPQkCAzwxG8CoJjQyzGizneH4gfR0X9KrfStcCC4snC0X
EuuNa2aN+HIpt+z6vQD2BC1WVxdfBYPQowO5qpuopJyhPN6Z4yK2oy0r1iAM4AM9
3GU/BnlvMeoDeZun1RDiVScvd2zaDd0mU+lLM8JQCyX7ZzzK/wsi7LBTOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKNIXBRgrKohZnvW+sGZdFZ7qTy1MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbzBoY0ZHQ3NxaUZtZTliNndabDBWbnVwUExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU47wAwQD
X4OgAwQCuX+QMA0EAgACMAcDBQAqA2LAMA0GCSqGSIb3DQEBCwUAA4IBAQBqO8rw
e2UAfaXGJAVbhF8haBIpbqzb3ilc+L8GeEyVKjEd8D8GC2hmk8LT9BtbwhXr1hOq
+sPgKgEfzWit3RCaHPTZiPXpvqg+fnFL6dDZE2pMgyJlMkrrJRu19UWL1c+oQSK2
at+5wdAYcaZURXdn3r8zUMHcmWyFPvQ1WXgJVUxiSQYVlxt/3g1ffsW1XtG+w3w8
Na35KdW/ovvwzgjtxsfZLhTW1duAU3cCagsV+ypzhK5CLxRpq0VNV8/Tfyo9o8ao
4OHjnK2KmZN33oHiii8AAurVek/C4YA+rwjIaqlP7lMRDY2qptVsbbKVjeHtrtxI
GDiM5uIXNKKULKzg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org