Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/O2yHKO5zb75qZWWfTBYOfHBNryo.roa
File: O2yHKO5zb75qZWWfTBYOfHBNryo.roa (raw, json)
Hash identifier: oMkCXj2IpNaAuBsN9kzUYm23LGGCk2RY0sAlYwv2e0A=
Subject key identifier: 3B:6C:87:28:EE:73:6F:BE:6A:65:65:9F:4C:16:0E:7C:70:4D:AF:2A
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 01934384B214280EDD1064D4E4AB49DD4E7C
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/O2yHKO5zb75qZWWfTBYOfHBNryo.roa
Signing time: Tue 19 Nov 2024 08:23:09 +0000
ROA not before: Tue 19 Nov 2024 08:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.96.0/24 maxlen: 24
89.248.97.0/24 maxlen: 24
89.248.98.0/24 maxlen: 24
89.248.99.0/24 maxlen: 24
89.248.100.0/24 maxlen: 24
89.248.101.0/24 maxlen: 24
89.248.102.0/24 maxlen: 24
89.248.103.0/24 maxlen: 24
89.248.104.0/24 maxlen: 24
89.248.105.0/24 maxlen: 24
89.248.106.0/24 maxlen: 24
89.248.107.0/24 maxlen: 24
89.248.108.0/24 maxlen: 24
89.248.109.0/24 maxlen: 24
89.248.110.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 24
185.15.76.0/24 maxlen: 24
185.15.77.0/24 maxlen: 24
185.80.4.0/22 maxlen: 24
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 19 Nov 2024 18:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:84:b2:14:28:0e:dd:10:64:d4:e4:ab:49:dd:4e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Nov 19 08:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b6c8728ee736fbe6a65659f4c160e7c704daf2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:89:25:a0:b4:44:ac:d1:6a:17:db:4f:af:
d5:86:46:69:e3:c7:9f:fd:f4:90:83:ff:e9:4c:91:
7c:96:c9:06:0e:97:16:df:8d:4a:66:f6:82:da:07:
26:98:45:5e:07:e7:e5:51:d7:90:6d:ba:a7:99:99:
6b:8f:75:ec:7b:27:c1:d9:9d:cc:3e:0b:17:3b:29:
1e:ac:b9:82:62:47:81:71:e7:64:d5:e7:5a:c3:8d:
10:82:d1:25:7a:62:eb:5d:8e:b3:6a:3f:9f:9f:34:
d3:0d:12:79:2b:12:b0:5a:33:a1:fb:2f:d6:17:19:
1d:8b:b4:59:75:ee:dd:1c:b3:0f:41:df:d4:0d:f4:
09:e0:48:ea:07:0a:25:37:af:66:93:c1:5f:2c:a2:
f2:34:72:4c:b6:d0:79:da:3b:88:aa:5d:c5:ee:1c:
a6:86:88:da:17:79:0d:aa:ac:f4:6f:9a:41:b9:61:
7a:27:91:ff:91:b5:32:52:1e:3c:30:f5:60:ec:d0:
4b:62:3f:1b:50:12:42:55:f6:03:fb:11:22:e1:19:
7b:ec:61:de:1d:0e:b2:41:84:08:b8:ed:45:40:19:
f3:30:88:bd:7b:d2:05:1d:a2:b9:c7:4b:d0:23:a1:
0c:0f:cb:7e:6b:dc:f5:12:5c:7c:1a:39:45:c1:3a:
25:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6C:87:28:EE:73:6F:BE:6A:65:65:9F:4C:16:0E:7C:70:4D:AF:2A
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/O2yHKO5zb75qZWWfTBYOfHBNryo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b3:12:32:30:eb:57:82:f4:ca:64:89:38:cb:50:b0:a2:8e:
8a:95:28:d9:5d:f0:95:c8:00:34:d0:0e:1b:aa:3d:5c:f0:2b:
e6:b0:1a:04:6c:3f:51:bb:68:c2:aa:13:9d:6a:9a:91:75:7a:
49:b8:ab:31:31:9b:50:5f:5c:6b:e6:a5:2e:60:24:27:2a:cd:
99:f1:7d:1c:eb:e1:b2:b3:67:b4:c0:3c:b0:ac:d3:b8:2c:33:
26:d5:bd:af:64:7d:f4:d4:1a:fd:0c:33:51:4b:0d:9b:cf:98:
74:cf:fb:2a:9f:e5:e0:8e:22:77:43:4b:b4:53:07:19:b8:4f:
c7:7f:29:44:ff:45:0d:82:20:88:d3:e4:34:78:35:98:cd:94:
6d:49:c2:91:75:a0:cf:84:fd:ea:d1:05:b7:21:5c:3d:53:a2:
68:5e:07:9e:02:98:c5:03:8c:43:8f:f8:da:a3:70:92:e7:fa:
48:59:1c:eb:23:93:c3:78:6a:88:1f:e3:ac:a8:fd:34:07:99:
1d:87:6f:cf:c7:15:8e:2c:63:bf:35:b3:2c:0a:f8:79:65:97:
37:7a:91:99:3f:2e:58:93:aa:bf:15:8b:d4:dc:24:cc:e6:cf:
45:9c:16:5a:cd:9f:68:9b:de:e0:1f:63:d1:9e:0f:01:c0:25:
44:8b:2c:1f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNDhLIUKA7dEGTU5KtJ3U58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQxMTE5MDgyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZjODcyOGVlNzM2ZmJlNmE2NTY1OWY0YzE2MGU3YzcwNGRhZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwGJJaC0RKzRahfbT6/VhkZp48ef
/fSQg//pTJF8lskGDpcW341KZvaC2gcmmEVeB+flUdeQbbqnmZlrj3XseyfB2Z3M
PgsXOykerLmCYkeBcedk1edaw40QgtElemLrXY6zaj+fnzTTDRJ5KxKwWjOh+y/W
Fxkdi7RZde7dHLMPQd/UDfQJ4EjqBwolN69mk8FfLKLyNHJMttB52juIql3F7hym
hojaF3kNqqz0b5pBuWF6J5H/kbUyUh48MPVg7NBLYj8bUBJCVfYD+xEi4Rl77GHe
HQ6yQYQIuO1FQBnzMIi9e9IFHaK5x0vQI6EMD8t+a9z1Elx8GjlFwTol1QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDtshyjuc2++amVln0wWDnxwTa8qMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvTzJ5SEtPNXpiNzVxWldXZlRCWU9mSEJOcnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/sxIyMOtXgvTKZIk4y1Cwoo6KlSjZXfCVyAA00A4bqj1c8CvmsBoEbD9Ru2jC
qhOdapqRdXpJuKsxMZtQX1xr5qUuYCQnKs2Z8X0c6+Gys2e0wDywrNO4LDMm1b2v
ZH301Br9DDNRSw2bz5h0z/sqn+XgjiJ3Q0u0UwcZuE/HfylE/0UNgiCI0+Q0eDWY
zZRtScKRdaDPhP3q0QW3IVw9U6JoXgeeApjFA4xDj/jao3CS5/pIWRzrI5PDeGqI
H+OsqP00B5kdh2/PxxWOLGO/NbMsCvh5ZZc3epGZPy5Yk6q/FYvU3CTM5s9FnBZa
zZ9om97gH2PRng8BwCVEiywf
Generated at Tue Nov 19 21:22:07 2024 by rpki-client on console-fra.rpki-client.org