Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/OB1BgBIH5xczjosQLZwN4Tr1S6Y.roa
File: OB1BgBIH5xczjosQLZwN4Tr1S6Y.roa (raw, json)
Hash identifier: EN3gxt058uVkVGHJBmpmHCGlNXx4FjtVCmiHMUrWV0I=
Subject key identifier: 38:1D:41:80:12:07:E7:17:33:8E:8B:10:2D:9C:0D:E1:3A:F5:4B:A6
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018E3C9D4B4938D8E1243265E26FD1768BAD
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/OB1BgBIH5xczjosQLZwN4Tr1S6Y.roa
Signing time: Thu 14 Mar 2024 10:58:45 +0000
ROA not before: Thu 14 Mar 2024 10:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.118.79.0/24 maxlen: 24
193.68.89.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 11:13:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:9d:4b:49:38:d8:e1:24:32:65:e2:6f:d1:76:8b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Mar 14 10:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=381d41801207e717338e8b102d9c0de13af54ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:04:07:e6:79:39:e3:76:9f:8b:ec:38:d7:
5f:d7:d1:9f:90:da:a6:87:fb:c3:b3:21:d0:93:71:
4a:f5:6f:d1:7f:9d:01:12:bf:94:6a:da:ba:35:dc:
a2:af:07:5f:f8:20:54:cc:4b:60:46:d5:40:18:a1:
74:fb:be:47:af:47:02:51:8c:d2:f2:cf:c0:9c:40:
32:95:8b:f5:7e:e2:df:af:d7:ba:17:ad:57:4e:4d:
7d:10:ec:6d:48:1c:52:2a:b3:f2:dc:3b:6e:ca:e1:
ee:40:4b:4b:67:db:ef:d5:e0:93:0a:9c:0c:82:17:
e0:6d:29:d8:4f:0f:61:d6:8d:fc:3b:83:1a:7d:bc:
75:f8:63:d0:bd:63:25:c8:59:ab:3e:49:dc:98:a0:
34:4d:99:97:fd:e9:c2:47:1d:80:c0:c5:44:69:01:
76:a3:5d:a4:f6:08:d9:e3:a7:01:4a:97:33:03:be:
50:98:8d:04:3a:94:9d:e6:ba:6b:3c:6b:02:73:7e:
21:8e:8c:5f:de:25:d9:28:07:86:0d:ae:c9:39:d2:
77:8b:64:60:70:55:58:3c:a3:90:76:12:9f:43:26:
43:13:fb:b9:c4:f7:bd:58:d9:b9:13:1f:da:4d:f9:
14:5c:d7:3e:7e:63:28:5d:4c:40:a9:c3:97:06:cf:
e4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1D:41:80:12:07:E7:17:33:8E:8B:10:2D:9C:0D:E1:3A:F5:4B:A6
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/OB1BgBIH5xczjosQLZwN4Tr1S6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.79.0/24
193.68.89.0/24
213.21.232.0/24
213.21.236.0/23
Signature Algorithm: sha256WithRSAEncryption
37:14:81:e3:ca:3a:27:a1:5e:9e:dc:21:47:76:1e:42:81:a3:
a8:1d:49:3f:e1:a7:86:61:b3:ac:fa:ca:1d:d6:ba:dd:e9:9c:
ab:0e:d6:19:97:cf:86:a1:cf:83:40:ea:0b:5a:23:3d:22:c9:
c9:06:e6:a0:f1:94:32:44:b5:cf:77:06:03:5d:e0:45:e0:8f:
e1:98:d2:74:ab:25:2f:04:e0:90:6d:9d:89:a8:6d:b2:f6:5d:
bf:88:14:29:53:22:3f:9e:3a:3f:d1:a5:6c:6b:d7:9a:ec:f4:
6c:7d:88:a6:5e:65:7e:94:fb:5e:4a:50:b4:fd:a7:1d:18:a9:
86:89:33:1c:e1:29:ca:1f:84:ba:dd:76:20:4a:50:eb:b9:32:
e7:84:a7:75:02:e9:68:f7:f4:ff:cd:c7:4a:3f:d5:c9:c7:4a:
6e:ee:fd:56:8e:9b:46:c3:16:57:58:c5:e5:21:2c:5f:b1:ec:
93:1d:7d:97:35:1e:80:fb:67:6e:66:10:44:a5:93:49:52:7c:
28:86:0f:2a:ba:01:13:1c:69:01:65:4a:d6:c3:22:72:cb:a0:
68:fd:3e:42:f4:bf:c9:d2:b0:c1:27:b1:b3:15:d6:0b:98:ba:
68:af:3d:f6:b1:5b:25:99:da:26:46:b5:c7:fc:80:cd:ec:c4:
bd:c5:de:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY48nUtJONjhJDJl4m/RdoutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwMzE0MTA1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFkNDE4MDEyMDdlNzE3MzM4ZThiMTAyZDljMGRlMTNhZjU0YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB8EB+Z5OeN2n4vsONdf19GfkNqm
h/vDsyHQk3FK9W/Rf50BEr+Uatq6Ndyirwdf+CBUzEtgRtVAGKF0+75Hr0cCUYzS
8s/AnEAylYv1fuLfr9e6F61XTk19EOxtSBxSKrPy3DtuyuHuQEtLZ9vv1eCTCpwM
ghfgbSnYTw9h1o38O4Mafbx1+GPQvWMlyFmrPkncmKA0TZmX/enCRx2AwMVEaQF2
o12k9gjZ46cBSpczA75QmI0EOpSd5rprPGsCc34hjoxf3iXZKAeGDa7JOdJ3i2Rg
cFVYPKOQdhKfQyZDE/u5xPe9WNm5Ex/aTfkUXNc+fmMoXUxAqcOXBs/kOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDgdQYASB+cXM46LEC2cDeE69UumMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvT0IxQmdCSUg1eGN6am9zUUxad040VHIxUzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXZPAwQA
wURZAwQA1RXoAwQB1RXsMA0GCSqGSIb3DQEBCwUAA4IBAQA3FIHjyjonoV6e3CFH
dh5CgaOoHUk/4aeGYbOs+sod1rrd6ZyrDtYZl8+Goc+DQOoLWiM9IsnJBuag8ZQy
RLXPdwYDXeBF4I/hmNJ0qyUvBOCQbZ2JqG2y9l2/iBQpUyI/njo/0aVsa9ea7PRs
fYimXmV+lPteSlC0/acdGKmGiTMc4SnKH4S63XYgSlDruTLnhKd1Aulo9/T/zcdK
P9XJx0pu7v1WjptGwxZXWMXlISxfseyTHX2XNR6A+2duZhBEpZNJUnwohg8qugET
HGkBZUrWwyJyy6Bo/T5C9L/J0rDBJ7GzFdYLmLporz32sVslmdomRrXH/IDN7MS9
xd69
-----END CERTIFICATE-----
Generated at Thu Apr 25 15:37:22 2024 by rpki-client on console-ams.rpki-client.org