Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/O_mkHY6N9fEuzI62C6fR_m3O_EU.roa
File: O_mkHY6N9fEuzI62C6fR_m3O_EU.roa (raw, json)
Hash identifier: uAdBAK5cN8RNx9BWuvP2zxZ3HS89pSt7uaImRTZGRdc=
Subject key identifier: 3B:F9:A4:1D:8E:8D:F5:F1:2E:CC:8E:B6:0B:A7:D1:FE:6D:CE:FC:45
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01856EA6BA061128FB3D59A86375F8478469
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/O_mkHY6N9fEuzI62C6fR_m3O_EU.roa
Signing time: Sun 01 Jan 2023 18:44:58 +0000
ROA not before: Sun 01 Jan 2023 18:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42739
IP address blocks: 188.112.57.0/24 maxlen: 24
92.55.220.0/24 maxlen: 24
92.55.226.0/24 maxlen: 24
77.242.224.0/20 maxlen: 20
77.242.233.0/24 maxlen: 24
77.242.234.0/24 maxlen: 24
77.242.235.0/24 maxlen: 24
188.112.0.0/18 maxlen: 18
185.46.92.0/22 maxlen: 22
78.159.64.0/20 maxlen: 20
78.159.83.0/24 maxlen: 24
92.55.192.0/18 maxlen: 18
37.139.147.0/24 maxlen: 24
37.139.148.0/24 maxlen: 24
37.139.149.0/24 maxlen: 24
37.139.150.0/24 maxlen: 24
37.139.151.0/24 maxlen: 24
37.139.146.0/24 maxlen: 24
37.139.144.0/24 maxlen: 24
37.139.145.0/24 maxlen: 24
2a02:7f0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:ba:06:11:28:fb:3d:59:a8:63:75:f8:47:84:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 1 18:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf9a41d8e8df5f12ecc8eb60ba7d1fe6dcefc45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:8c:21:b0:3d:18:4c:22:75:49:83:b9:13:
80:d0:ee:1e:2e:1d:31:5c:24:09:2a:c7:e6:94:e1:
14:fb:b8:4d:b7:ac:ed:4f:ae:52:c6:62:c7:52:47:
12:06:67:1a:fd:97:14:bb:dc:74:4b:df:85:06:c1:
73:60:46:6f:20:64:13:e9:fa:ca:05:24:33:9b:02:
e6:02:a1:3b:38:6d:80:99:9e:35:71:61:28:ad:57:
99:2a:6d:73:f7:5e:b2:b9:5e:3f:ff:72:20:5d:af:
aa:ff:8c:f6:6a:1c:3e:b0:cb:c3:c7:c2:d5:fc:81:
a8:5a:4e:67:4c:d9:0f:2a:fd:b6:96:bf:40:34:c2:
37:a8:80:b6:e3:75:50:9b:65:3b:c5:fa:c0:47:4a:
7d:d1:0c:ca:84:3e:df:ea:f2:be:2b:69:d4:b4:b3:
d6:e6:d2:71:27:70:8e:d0:9b:78:39:85:c5:1f:85:
bb:a1:06:f0:14:85:c9:cc:7a:8d:5a:b2:ea:8e:52:
26:d4:e0:41:61:e2:8c:33:14:90:d6:17:aa:39:b9:
1a:e5:4c:16:62:aa:34:53:f6:08:57:08:d3:50:12:
76:97:9d:21:de:e2:e6:be:a7:0e:1a:8c:15:64:16:
bc:71:87:f0:c1:49:d7:56:4e:31:14:38:4b:cd:af:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F9:A4:1D:8E:8D:F5:F1:2E:CC:8E:B6:0B:A7:D1:FE:6D:CE:FC:45
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/O_mkHY6N9fEuzI62C6fR_m3O_EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.144.0/21
77.242.224.0/20
78.159.64.0/20
78.159.83.0/24
92.55.192.0/18
185.46.92.0/22
188.112.0.0/18
IPv6:
2a02:7f0::/32
Signature Algorithm: sha256WithRSAEncryption
55:7e:a7:79:74:e7:14:a6:75:c2:d7:96:15:00:7e:6a:99:b5:
e3:ed:f5:28:3e:39:f1:c2:4c:8c:c7:c6:01:ed:29:13:d0:f6:
c1:81:d1:9c:be:cd:aa:30:b4:fa:cd:b2:b0:ec:87:ed:57:ca:
c1:49:6b:46:ba:a4:bd:cd:97:a4:0d:2d:a2:4d:78:51:d6:45:
26:3a:25:2c:76:2d:38:2b:33:7f:ce:d2:1c:16:1e:34:b7:37:
20:4c:d9:a6:29:cf:a8:98:70:ce:d1:7a:8a:ca:df:4c:87:c5:
cb:b3:6f:0b:26:59:dd:79:c6:71:32:e0:a5:1a:f7:47:29:35:
7e:a9:d7:c3:cf:f4:82:f3:0a:5d:47:50:28:d9:a6:69:8c:37:
70:7e:c5:ea:74:02:e0:52:99:6e:d7:3c:a8:15:f9:49:4e:0f:
5a:79:a3:5d:6c:fe:5a:86:bc:96:d9:b4:6d:ef:04:62:0a:e3:
8c:4e:d7:6b:b8:f5:22:3d:80:de:95:05:b7:11:ec:70:9a:dc:
d5:88:a9:0f:f2:97:a5:7d:b6:56:c2:58:63:eb:8a:c5:31:c3:
e0:95:70:57:69:5f:04:f1:fd:8f:72:cd:2f:3d:ff:69:38:e5:
58:ff:45:60:db:dc:e3:de:b8:43:b8:12:99:8b:f6:dd:26:1f:
92:62:b9:22
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVuproGESj7PVmoY3X4R4RpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjMwMTAxMTg0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY5YTQxZDhlOGRmNWYxMmVjYzhlYjYwYmE3ZDFmZTZkY2VmYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEqMIbA9GEwidUmDuROA0O4eLh0x
XCQJKsfmlOEU+7hNt6ztT65SxmLHUkcSBmca/ZcUu9x0S9+FBsFzYEZvIGQT6frK
BSQzmwLmAqE7OG2AmZ41cWEorVeZKm1z916yuV4//3IgXa+q/4z2ahw+sMvDx8LV
/IGoWk5nTNkPKv22lr9ANMI3qIC243VQm2U7xfrAR0p90QzKhD7f6vK+K2nUtLPW
5tJxJ3CO0Jt4OYXFH4W7oQbwFIXJzHqNWrLqjlIm1OBBYeKMMxSQ1heqObka5UwW
Yqo0U/YIVwjTUBJ2l50h3uLmvqcOGowVZBa8cYfwwUnXVk4xFDhLza+TuQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDv5pB2OjfXxLsyOtgun0f5tzvxFMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvT19ta0hZNk45ZkV1ekk2MkM2ZlJfbTNPX0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDJYuQAwQE
TfLgAwQETp9AAwQATp9TAwQGXDfAAwQCuS5cAwQGvHAAMA0EAgACMAcDBQAqAgfw
MA0GCSqGSIb3DQEBCwUAA4IBAQBVfqd5dOcUpnXC15YVAH5qmbXj7fUoPjnxwkyM
x8YB7SkT0PbBgdGcvs2qMLT6zbKw7IftV8rBSWtGuqS9zZekDS2iTXhR1kUmOiUs
di04KzN/ztIcFh40tzcgTNmmKc+omHDO0XqKyt9Mh8XLs28LJlndecZxMuClGvdH
KTV+qdfDz/SC8wpdR1Ao2aZpjDdwfsXqdALgUplu1zyoFflJTg9aeaNdbP5ahryW
2bRt7wRiCuOMTtdruPUiPYDelQW3EexwmtzViKkP8pelfbZWwlhj64rFMcPglXBX
aV8E8f2Pcs0vPf9pOOVY/0Vg29zj3rhDuBKZi/bdJh+SYrki
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:38 2024 by rpki-client on console-fra.rpki-client.org