Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3OcuqBTIquRuSkwiieVT1eaYxdE.roa
File: 3OcuqBTIquRuSkwiieVT1eaYxdE.roa (raw, json)
Hash identifier: cbXxctU0rKlO7QYQZRP8flZqySsz8Fo5IlSVobGKIBs=
Subject key identifier: DC:E7:2E:A8:14:C8:AA:E4:6E:4A:4C:22:89:E5:53:D5:E6:98:C5:D1
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 018A4FA62A6E25E5A87BF11B3FBC1EC697B9
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3OcuqBTIquRuSkwiieVT1eaYxdE.roa
Signing time: Fri 01 Sep 2023 07:30:04 +0000
ROA not before: Fri 01 Sep 2023 07:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 92.249.38.0/24 maxlen: 24
92.249.37.0/24 maxlen: 24
92.249.36.0/24 maxlen: 24
92.249.39.0/24 maxlen: 24
2a09:a700::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:a6:2a:6e:25:e5:a8:7b:f1:1b:3f:bc:1e:c6:97:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Sep 1 07:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce72ea814c8aae46e4a4c2289e553d5e698c5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c3:da:64:61:87:4a:7e:12:03:f0:e2:de:35:
4f:10:05:35:92:42:ff:3d:51:44:e3:2c:45:8c:93:
b1:a6:3b:71:28:ba:cd:5e:5b:1e:10:c4:ee:bd:a1:
72:56:9a:6a:fb:d1:24:fe:98:1d:20:4a:00:88:91:
97:cd:f4:60:80:f4:17:94:b4:9a:73:db:2b:df:14:
95:3f:00:0e:1e:5e:27:fb:ac:d6:cd:23:8c:2d:48:
5e:33:75:1d:f2:92:fe:ba:c0:75:28:7e:ca:08:48:
fb:00:0c:3f:c8:37:94:9c:9f:31:4d:f5:25:2d:30:
21:da:6d:93:3c:1a:92:33:b9:32:f6:b1:c1:76:c8:
53:04:84:26:03:69:e0:6b:90:10:7a:a5:80:0d:7f:
60:75:c2:bc:92:aa:76:18:29:d3:91:a2:96:bc:ec:
a4:85:8b:56:e7:64:b8:a4:ee:ac:73:e0:6f:32:ce:
db:70:00:da:88:37:f8:cb:2b:d3:00:e6:71:65:16:
bc:4a:6a:c5:f1:a6:f9:72:da:c5:91:d1:79:81:40:
4e:6b:58:69:75:33:78:be:b1:33:b3:4b:31:a1:b7:
84:bc:d5:5c:6b:c6:c8:0e:ad:40:a6:51:b7:95:84:
51:3d:06:47:ea:07:96:4d:7c:1d:d5:2e:e8:a3:38:
0a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E7:2E:A8:14:C8:AA:E4:6E:4A:4C:22:89:E5:53:D5:E6:98:C5:D1
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/3OcuqBTIquRuSkwiieVT1eaYxdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.36.0/22
IPv6:
2a09:a700::/29
Signature Algorithm: sha256WithRSAEncryption
6e:5e:ee:2e:d6:b7:f6:16:d1:1e:b8:dd:6b:9d:1d:9a:de:53:
17:c5:69:4f:65:6f:61:df:ba:06:00:a9:1a:ee:3b:ec:62:d9:
d5:42:84:e5:b1:58:73:f7:bd:4a:6a:e3:b7:2a:07:1c:5a:7f:
ff:fe:79:9c:a3:e6:f4:52:dd:45:4e:a6:fe:e2:62:f8:f0:22:
bc:84:0b:57:8e:ec:01:74:1b:3e:30:d0:de:57:4b:c9:00:b4:
21:03:dc:04:b6:9b:be:15:28:ea:7e:84:13:37:54:87:48:01:
0d:23:6b:d3:40:35:21:fb:14:ce:a4:05:4c:ff:b6:a9:68:21:
7b:5d:2f:6c:0e:cf:f1:74:e7:95:de:22:2b:08:be:9d:39:75:
7f:59:5c:da:b7:97:ff:23:d9:ba:51:4c:b0:1d:b3:69:a0:38:
fb:17:57:99:9f:80:ed:70:8c:c5:e2:65:77:bf:0a:cf:cc:b2:
fc:f0:a1:cd:ec:ac:75:50:5f:ed:56:81:fe:5a:90:2f:fc:db:
4d:5a:2c:29:95:6e:93:3e:f2:50:3f:ca:41:c2:9a:72:93:15:
1f:c7:80:d1:39:b2:90:9f:7f:f8:24:f8:45:4a:4d:34:6e:f5:
8c:ec:49:64:21:86:78:fe:74:4d:41:1c:7f:bb:ab:a9:f3:7b:
47:1b:3b:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpPpipuJeWoe/EbP7wexpe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjMwOTAxMDczMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U3MmVhODE0YzhhYWU0NmU0YTRjMjI4OWU1NTNkNWU2OThjNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsPaZGGHSn4SA/Di3jVPEAU1kkL/
PVFE4yxFjJOxpjtxKLrNXlseEMTuvaFyVppq+9Ek/pgdIEoAiJGXzfRggPQXlLSa
c9sr3xSVPwAOHl4n+6zWzSOMLUheM3Ud8pL+usB1KH7KCEj7AAw/yDeUnJ8xTfUl
LTAh2m2TPBqSM7ky9rHBdshTBIQmA2nga5AQeqWADX9gdcK8kqp2GCnTkaKWvOyk
hYtW52S4pO6sc+BvMs7bcADaiDf4yyvTAOZxZRa8SmrF8ab5ctrFkdF5gUBOa1hp
dTN4vrEzs0sxobeEvNVca8bIDq1AplG3lYRRPQZH6geWTXwd1S7oozgK1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNznLqgUyKrkbkpMIonlU9XmmMXRMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvM09jdXFCVElxdVJ1U2t3aWllVlQxZWFZeGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXPkkMA0E
AgACMAcDBQMqCacAMA0GCSqGSIb3DQEBCwUAA4IBAQBuXu4u1rf2FtEeuN1rnR2a
3lMXxWlPZW9h37oGAKka7jvsYtnVQoTlsVhz971KauO3KgccWn///nmco+b0Ut1F
Tqb+4mL48CK8hAtXjuwBdBs+MNDeV0vJALQhA9wEtpu+FSjqfoQTN1SHSAENI2vT
QDUh+xTOpAVM/7apaCF7XS9sDs/xdOeV3iIrCL6dOXV/WVzat5f/I9m6UUywHbNp
oDj7F1eZn4DtcIzF4mV3vwrPzLL88KHN7Kx1UF/tVoH+WpAv/NtNWiwplW6TPvJQ
P8pBwppykxUfx4DRObKQn3/4JPhFSk00bvWM7ElkIYZ4/nRNQRx/u6up83tHGzvW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:02 2024 by rpki-client on console-fra.rpki-client.org