Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/o8pXOBoLcwoItR20PLUuXckIPd0.roa
File: o8pXOBoLcwoItR20PLUuXckIPd0.roa (raw, json)
Hash identifier: 3uQUmRxcyFFEhqYRZveZDLVD9mLoXZOXGP1PrVrCv28=
Subject key identifier: A3:CA:57:38:1A:0B:73:0A:08:B5:1D:B4:3C:B5:2E:5D:C9:08:3D:DD
Certificate issuer: /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial: 018806023A0B2A5A4E40CBEBAC4EB4A55C67
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/o8pXOBoLcwoItR20PLUuXckIPd0.roa
Signing time: Wed 10 May 2023 14:13:09 +0000
ROA not before: Wed 10 May 2023 14:13:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 193.200.53.0/24 maxlen: 24
193.200.56.0/23 maxlen: 23
31.15.120.0/22 maxlen: 22
185.74.172.0/23 maxlen: 23
185.74.175.0/24 maxlen: 24
46.30.128.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:02:3a:0b:2a:5a:4e:40:cb:eb:ac:4e:b4:a5:5c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Validity
Not Before: May 10 14:13:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ca57381a0b730a08b51db43cb52e5dc9083ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:23:c3:8f:7e:36:f1:8b:36:2d:06:18:cb:55:
d3:a3:d0:8f:9d:2f:77:ed:6a:3f:e0:c0:dc:3c:35:
2e:38:a2:a1:38:2b:5f:7a:28:b9:b2:a5:3b:76:77:
1e:ce:50:16:84:37:d9:57:d7:89:f3:a8:0c:06:24:
f5:75:a4:5b:9b:97:c4:62:db:3a:ce:b3:c6:18:9e:
96:d0:2d:7b:46:3d:d2:59:21:df:f0:0b:f9:85:4a:
a8:1c:9a:a0:2c:33:5e:94:f4:96:4b:b7:51:78:99:
5f:c3:e3:0c:87:8e:28:93:eb:cc:f3:24:2e:04:35:
18:6f:5c:88:d0:4b:da:b0:28:f1:6b:4b:a0:f9:3f:
fc:5f:6b:28:eb:d8:ee:87:c7:34:54:d4:a0:4b:ea:
be:7b:eb:1e:9f:8b:f4:ff:a5:a4:0d:9a:3c:d4:19:
5f:02:5f:18:d2:49:6f:1c:93:b5:84:90:a8:41:7f:
c5:30:9e:71:b1:1b:5c:a2:bb:3e:df:54:fa:1a:9d:
ee:e0:f0:4e:ea:4c:dc:cc:a2:23:0a:82:d2:30:cc:
7b:90:44:f9:90:b5:7a:d2:41:ef:14:4e:14:61:bc:
43:e2:1f:be:3c:f1:6f:de:8e:b8:1a:9d:bc:8f:67:
ec:a1:2a:3e:90:22:8d:3e:cd:cc:f4:a1:99:1f:7b:
fa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:57:38:1A:0B:73:0A:08:B5:1D:B4:3C:B5:2E:5D:C9:08:3D:DD
X509v3 Authority Key Identifier:
keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/o8pXOBoLcwoItR20PLUuXckIPd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.120.0/22
46.30.128.0/23
185.74.172.0/23
185.74.175.0/24
193.200.53.0/24
193.200.56.0/23
Signature Algorithm: sha256WithRSAEncryption
53:a9:de:e4:6c:75:32:2c:fe:49:1f:0c:31:7c:56:49:77:0a:
c7:21:f6:11:39:0f:72:8d:8b:41:2b:82:7f:61:a1:6d:69:e5:
db:d7:98:ed:45:34:93:27:ae:4d:00:59:d0:86:55:49:03:3b:
e8:0f:4c:7b:46:0f:ca:20:21:79:fb:b5:3f:94:33:f6:11:42:
3c:70:78:68:84:dd:ba:78:e5:05:0e:ce:68:40:1a:06:a2:7c:
6b:b7:e1:bc:56:9a:6f:ab:be:5d:3b:80:4d:84:32:15:38:77:
14:ef:b8:ec:cb:9a:4e:b0:7a:16:6d:ad:68:4c:83:7b:a1:d1:
49:19:f0:aa:c1:09:ad:4b:bb:a8:60:2e:3f:1e:6b:7e:97:05:
5e:27:51:87:29:cd:b9:2b:7d:5c:2e:bd:4c:fe:d0:3d:e2:ad:
3c:07:f0:10:93:ea:9f:c1:c5:17:a5:98:fb:e8:ee:0b:90:3f:
68:d5:da:e7:d8:12:dc:bf:fb:2e:c9:49:80:3e:d2:52:69:ba:
d6:7f:3b:d6:27:7c:dd:2a:50:5e:fc:d8:25:87:3b:ef:4d:f8:
50:a4:2d:e1:62:5a:f8:0c:6a:c0:fa:f1:9c:ad:c5:1f:ff:32:
42:57:81:5f:95:2e:14:32:54:d1:11:c1:78:9c:47:6f:a1:78:
f4:9f:6e:9f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgGAjoLKlpOQMvrrE60pVxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjMwNTEwMTQxMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NhNTczODFhMGI3MzBhMDhiNTFkYjQzY2I1MmU1ZGM5MDgzZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiPDj3428Ys2LQYYy1XTo9CPnS93
7Wo/4MDcPDUuOKKhOCtfeii5sqU7dncezlAWhDfZV9eJ86gMBiT1daRbm5fEYts6
zrPGGJ6W0C17Rj3SWSHf8Av5hUqoHJqgLDNelPSWS7dReJlfw+MMh44ok+vM8yQu
BDUYb1yI0EvasCjxa0ug+T/8X2so69juh8c0VNSgS+q+e+sen4v0/6WkDZo81Blf
Al8Y0klvHJO1hJCoQX/FMJ5xsRtcors+31T6Gp3u4PBO6kzczKIjCoLSMMx7kET5
kLV60kHvFE4UYbxD4h++PPFv3o64Gp28j2fsoSo+kCKNPs3M9KGZH3v6vQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKPKVzgaC3MKCLUdtDy1Ll3JCD3dMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvbzhwWE9Cb0xjd29JdFIyMFBMVXVYY2tJUGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHw94AwQB
Lh6AAwQBuUqsAwQAuUqvAwQAwcg1AwQBwcg4MA0GCSqGSIb3DQEBCwUAA4IBAQBT
qd7kbHUyLP5JHwwxfFZJdwrHIfYROQ9yjYtBK4J/YaFtaeXb15jtRTSTJ65NAFnQ
hlVJAzvoD0x7Rg/KICF5+7U/lDP2EUI8cHhohN26eOUFDs5oQBoGonxrt+G8Vppv
q75dO4BNhDIVOHcU77jsy5pOsHoWba1oTIN7odFJGfCqwQmtS7uoYC4/Hmt+lwVe
J1GHKc25K31cLr1M/tA94q08B/AQk+qfwcUXpZj76O4LkD9o1drn2BLcv/suyUmA
PtJSabrWfzvWJ3zdKlBe/NglhzvvTfhQpC3hYlr4DGrA+vGcrcUf/zJCV4FflS4U
MlTREcF4nEdvoXj0n26f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:28 2024 by rpki-client on console-fra.rpki-client.org