Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/O_KuEdnZH-pqvByVef9se_pDxkk.roa
File: O_KuEdnZH-pqvByVef9se_pDxkk.roa (raw, json)
Hash identifier: mowODrZZwgDNHWGhSXikn5453ZQXkMdAeg50xNrNm7w=
Subject key identifier: 3B:F2:AE:11:D9:D9:1F:EA:6A:BC:1C:95:79:FF:6C:7B:FA:43:C6:49
Certificate issuer: /CN=e3de21b0636c614ebf43664798012afd56c5ee86
Certificate serial: 018572311F53F536BF1246591705B2B9E3DD
Authority key identifier: E3:DE:21:B0:63:6C:61:4E:BF:43:66:47:98:01:2A:FD:56:C5:EE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/494hsGNsYU6_Q2ZHmAEq_VbF7oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/O_KuEdnZH-pqvByVef9se_pDxkk.roa
Signing time: Mon 02 Jan 2023 11:14:59 +0000
ROA not before: Mon 02 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200052
IP address blocks: 193.28.252.0/23 maxlen: 23
185.21.216.0/22 maxlen: 22
193.29.6.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:1f:53:f5:36:bf:12:46:59:17:05:b2:b9:e3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3de21b0636c614ebf43664798012afd56c5ee86
Validity
Not Before: Jan 2 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf2ae11d9d91fea6abc1c9579ff6c7bfa43c649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:c3:0d:63:ef:be:8b:fe:5c:91:7a:67:ee:
9e:35:64:cb:59:7d:55:b3:6c:0b:b0:67:d0:42:8d:
1c:56:d4:3f:5a:cd:d2:1f:00:10:96:ad:18:e5:eb:
e7:9f:e3:17:7c:2f:17:6e:46:88:17:42:81:a0:4a:
a3:f3:f8:4e:cf:a2:9b:84:61:4a:65:f3:cc:14:7b:
b1:c1:28:78:5a:88:a2:32:ef:ba:63:ef:3d:b8:a6:
2a:c2:12:86:5e:76:90:8d:9b:8c:e9:f8:71:d3:2f:
ac:65:18:fe:6f:0d:bb:36:81:08:17:dd:13:30:ac:
6a:2e:3e:d9:77:79:0b:dd:1c:37:db:07:0f:8d:6f:
d1:a2:5a:60:4e:4e:39:75:09:fe:3a:7e:d5:98:aa:
48:8d:da:f7:c8:31:a1:87:72:3f:f6:8e:ea:68:10:
ef:06:73:62:d4:4b:dd:f8:3b:2b:67:7a:f2:c9:e9:
1d:2f:b7:7d:0c:95:d0:5a:30:a2:16:2c:4c:31:ae:
94:e1:cc:1d:53:0b:38:c1:23:02:b0:3d:4c:f3:1e:
4b:06:5e:54:fe:6b:87:34:78:c9:83:a2:3c:98:7a:
11:41:22:4b:82:7c:c9:47:56:1d:72:26:29:44:92:
9f:6d:df:d8:c6:eb:0d:86:0b:61:0f:63:cd:4c:cc:
9e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F2:AE:11:D9:D9:1F:EA:6A:BC:1C:95:79:FF:6C:7B:FA:43:C6:49
X509v3 Authority Key Identifier:
keyid:E3:DE:21:B0:63:6C:61:4E:BF:43:66:47:98:01:2A:FD:56:C5:EE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/494hsGNsYU6_Q2ZHmAEq_VbF7oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/O_KuEdnZH-pqvByVef9se_pDxkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/494hsGNsYU6_Q2ZHmAEq_VbF7oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.216.0/22
193.28.252.0/23
193.29.6.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:e7:7e:5c:e5:ec:69:2e:46:93:d6:02:db:4f:2c:38:3a:42:
3c:ff:93:8f:b8:6d:f1:11:de:41:dd:cd:98:53:42:06:f8:93:
9d:2a:ad:48:ff:00:1b:16:5d:95:2d:f5:bd:e7:c0:48:a9:a8:
65:58:f8:5d:00:83:74:9a:5b:91:c9:fc:e7:64:49:99:7d:df:
3c:87:87:40:a6:d4:44:db:95:4d:a3:ab:74:f9:05:dc:21:b5:
78:0b:91:28:c1:83:31:19:91:e1:fe:63:d6:d9:16:fe:16:12:
10:79:89:80:e5:89:7b:51:9d:59:89:cf:d9:b7:d5:1d:6a:ad:
b8:0a:a3:ac:c1:64:fc:da:19:5f:3d:e3:a5:44:b0:2a:05:60:
99:0b:47:63:6c:10:b6:a7:14:ec:4d:51:45:d2:14:d1:7a:5b:
4c:89:85:6c:aa:91:a7:c0:49:72:f7:2d:b5:4c:09:92:c4:76:
45:98:65:a2:82:24:83:af:27:dc:02:80:0f:51:55:f5:67:2a:
53:42:45:2d:23:b6:75:48:77:dc:d7:f2:2c:f6:d2:40:82:f3:
db:31:7c:1a:06:e1:48:26:94:98:70:f0:ae:b0:9a:8c:50:04:
77:65:9b:35:20:a1:4d:72:df:cc:26:42:8e:d7:f1:c8:5c:3d:
1f:d9:1d:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyMR9T9Ta/EkZZFwWyuePdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZGUyMWIwNjM2YzYxNGViZjQzNjY0Nzk4MDEyYWZkNTZj
NWVlODYwHhcNMjMwMTAyMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYyYWUxMWQ5ZDkxZmVhNmFiYzFjOTU3OWZmNmM3YmZhNDNjNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdbDDWPvvov+XJF6Z+6eNWTLWX1V
s2wLsGfQQo0cVtQ/Ws3SHwAQlq0Y5evnn+MXfC8XbkaIF0KBoEqj8/hOz6KbhGFK
ZfPMFHuxwSh4WoiiMu+6Y+89uKYqwhKGXnaQjZuM6fhx0y+sZRj+bw27NoEIF90T
MKxqLj7Zd3kL3Rw32wcPjW/RolpgTk45dQn+On7VmKpIjdr3yDGhh3I/9o7qaBDv
BnNi1Evd+DsrZ3ryyekdL7d9DJXQWjCiFixMMa6U4cwdUws4wSMCsD1M8x5LBl5U
/muHNHjJg6I8mHoRQSJLgnzJR1YdciYpRJKfbd/YxusNhgthD2PNTMyePQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDvyrhHZ2R/qarwclXn/bHv6Q8ZJMB8GA1UdIwQY
MBaAFOPeIbBjbGFOv0NmR5gBKv1Wxe6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDk0aHNHTnNZVTZfUTJaSG1BRXFfVmJGN29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zOWM5ZTMtZjdjMi00Mjk4LTk2NjYt
YjgyNTk2N2E3NTdhLzEvT19LdUVkblpILXBxdkJ5VmVmOXNlX3BEeGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zOWM5ZTMtZjdjMi00Mjk4LTk2NjYtYjgyNTk2N2E3NTdh
LzEvNDk0aHNHTnNZVTZfUTJaSG1BRXFfVmJGN29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRXYAwQB
wRz8AwQBwR0GMA0GCSqGSIb3DQEBCwUAA4IBAQAt535c5expLkaT1gLbTyw4OkI8
/5OPuG3xEd5B3c2YU0IG+JOdKq1I/wAbFl2VLfW958BIqahlWPhdAIN0mluRyfzn
ZEmZfd88h4dAptRE25VNo6t0+QXcIbV4C5EowYMxGZHh/mPW2Rb+FhIQeYmA5Yl7
UZ1Zic/Zt9Udaq24CqOswWT82hlfPeOlRLAqBWCZC0djbBC2pxTsTVFF0hTReltM
iYVsqpGnwEly9y21TAmSxHZFmGWigiSDryfcAoAPUVX1ZypTQkUtI7Z1SHfc1/Is
9tJAgvPbMXwaBuFIJpSYcPCusJqMUAR3ZZs1IKFNct/MJkKO1/HIXD0f2R34
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:47 2024 by rpki-client on console-fra.rpki-client.org