Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o43sy-bgY7w9r_T--owTCZBDuWo.roa
File: o43sy-bgY7w9r_T--owTCZBDuWo.roa (raw, json)
Hash identifier: COX8BwIDCgxvOeA87AXfQ/p03Fij/y+08/FC6xslDxk=
Subject key identifier: A3:8D:EC:CB:E6:E0:63:BC:3D:AF:F4:FE:FA:8C:13:09:90:43:B9:6A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018894F964283A995E1FA009FECC8E473E24
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o43sy-bgY7w9r_T--owTCZBDuWo.roa
Signing time: Wed 07 Jun 2023 08:29:12 +0000
ROA not before: Wed 07 Jun 2023 08:29:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 11:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:f9:64:28:3a:99:5e:1f:a0:09:fe:cc:8e:47:3e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 7 08:29:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38deccbe6e063bc3daff4fefa8c13099043b96a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:16:6c:f0:f1:df:c3:d6:26:27:e6:5b:4b:
ba:b0:5b:50:82:96:d1:8a:35:8f:f7:e8:b1:12:db:
85:7a:e0:2e:70:60:fd:f5:c2:44:f2:54:00:ad:18:
86:22:a7:e3:84:1f:25:bb:4d:d9:67:30:47:d8:6c:
cf:ad:fb:bf:7d:5e:3c:eb:af:26:1a:6d:7e:5c:9d:
37:aa:08:e7:eb:2b:30:58:ef:5b:df:8b:27:74:91:
b3:d5:75:19:2e:eb:62:bc:84:c9:46:6f:5c:95:33:
0e:1d:f2:29:8c:ea:52:09:70:fa:fd:3e:27:9f:d4:
75:1a:db:43:78:9e:1a:29:f4:82:22:38:41:3e:50:
e6:da:c9:a1:c9:5a:cb:9b:0e:6f:ce:b6:3d:34:31:
f5:f2:90:59:1d:b8:3c:1e:8b:6e:50:a0:de:8a:71:
76:6b:62:e4:77:50:88:74:57:21:29:9c:72:19:65:
f8:7c:38:0b:60:8f:58:cd:23:ce:13:98:30:ca:cb:
b9:88:cb:47:90:3c:85:95:df:f1:59:b7:b2:75:1d:
3d:ad:86:bc:ae:a3:56:b4:94:b5:0a:2a:9b:2e:6b:
9c:e6:6c:a9:ce:d1:63:ca:d1:47:5c:3a:fa:d6:ed:
b8:d0:43:01:1d:9c:40:4e:80:e7:d3:22:c7:da:8e:
f8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8D:EC:CB:E6:E0:63:BC:3D:AF:F4:FE:FA:8C:13:09:90:43:B9:6A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o43sy-bgY7w9r_T--owTCZBDuWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.214.100.0/23
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:2d:12:be:d7:fd:8a:4c:2d:68:a1:2d:c7:89:10:09:91:e4:
cf:a8:03:0d:90:fc:7f:05:b3:15:d0:28:59:6e:9d:e0:01:b0:
08:16:9a:4b:58:1c:09:71:b4:47:e0:64:3f:35:38:db:2a:40:
bf:b2:4e:a8:e7:24:66:7d:5a:15:58:40:7c:ca:38:17:75:d4:
ce:8a:ea:94:05:34:45:d3:0c:b8:4b:58:3d:ef:19:70:b2:32:
93:49:62:cc:95:ea:3b:9c:46:b8:91:3c:ce:5d:0e:d7:c3:76:
bd:93:8b:6b:b7:70:d0:fc:fd:36:29:2a:e9:e9:8f:ce:22:00:
6b:67:5f:de:b0:40:90:0d:ae:77:f0:dc:4b:fd:f9:5a:ac:01:
20:37:f8:44:8a:85:53:1a:c2:6f:74:f4:52:45:43:29:e3:bd:
be:90:83:26:b8:1a:4d:6b:94:56:81:e7:1c:ed:59:16:25:65:
06:af:02:b6:14:a0:6a:96:16:ab:d7:cb:f0:e4:42:30:8d:69:
67:9f:3e:fc:19:0e:12:79:16:2e:c6:dd:3d:ad:c3:4f:e1:60:
2f:56:98:13:e5:1d:f1:ac:1b:c9:93:b5:f7:69:cb:61:d5:5f:
e1:d9:33:2c:a1:f5:64:3a:6e:b4:00:8c:2e:a8:62:9a:6b:ed:
51:a2:d5:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiU+WQoOpleH6AJ/syORz4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjA3MDgyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhkZWNjYmU2ZTA2M2JjM2RhZmY0ZmVmYThjMTMwOTkwNDNiOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx0WbPDx38PWJifmW0u6sFtQgpbR
ijWP9+ixEtuFeuAucGD99cJE8lQArRiGIqfjhB8lu03ZZzBH2GzPrfu/fV48668m
Gm1+XJ03qgjn6yswWO9b34sndJGz1XUZLutivITJRm9clTMOHfIpjOpSCXD6/T4n
n9R1GttDeJ4aKfSCIjhBPlDm2smhyVrLmw5vzrY9NDH18pBZHbg8HotuUKDeinF2
a2Lkd1CIdFchKZxyGWX4fDgLYI9YzSPOE5gwysu5iMtHkDyFld/xWbeydR09rYa8
rqNWtJS1CiqbLmuc5mypztFjytFHXDr61u240EMBHZxAToDn0yLH2o747QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKON7Mvm4GO8Pa/0/vqMEwmQQ7lqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzQzc3ktYmdZN3c5cl9ULS1vd1RDWkJEdVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBudEmAwQB
udZkAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQCwLRK+1/2KTC1ooS3H
iRAJkeTPqAMNkPx/BbMV0ChZbp3gAbAIFppLWBwJcbRH4GQ/NTjbKkC/sk6o5yRm
fVoVWEB8yjgXddTOiuqUBTRF0wy4S1g97xlwsjKTSWLMleo7nEa4kTzOXQ7Xw3a9
k4trt3DQ/P02KSrp6Y/OIgBrZ1/esECQDa538NxL/flarAEgN/hEioVTGsJvdPRS
RUMp472+kIMmuBpNa5RWgecc7VkWJWUGrwK2FKBqlhar18vw5EIwjWlnnz78GQ4S
eRYuxt09rcNP4WAvVpgT5R3xrBvJk7X3acth1V/h2TMsofVkOm60AIwuqGKaa+1R
otW0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org