Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kO3pHcY1zXWL7GyGVnO4J8Jzhw0.roa
File: kO3pHcY1zXWL7GyGVnO4J8Jzhw0.roa (raw, json)
Hash identifier: QSLiZ0xxO7k+esKNxsXGareYKp+J4h8dTssAnpagR6M=
Subject key identifier: 90:ED:E9:1D:C6:35:CD:75:8B:EC:6C:86:56:73:B8:27:C2:73:87:0D
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018C81AECEE3E6932A41B7BB6E14AEECB4A9
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kO3pHcY1zXWL7GyGVnO4J8Jzhw0.roa
Signing time: Tue 19 Dec 2023 10:46:06 +0000
ROA not before: Tue 19 Dec 2023 10:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44679
IP address blocks: 185.193.55.0/24 maxlen: 24
185.193.52.0/24 maxlen: 24
185.193.54.0/24 maxlen: 24
185.193.53.0/24 maxlen: 24
84.239.4.0/24 maxlen: 24
84.239.11.0/24 maxlen: 24
84.239.8.0/24 maxlen: 24
84.239.9.0/24 maxlen: 24
84.239.13.0/24 maxlen: 24
84.239.15.0/24 maxlen: 24
84.239.14.0/24 maxlen: 24
84.239.32.0/24 maxlen: 24
84.239.34.0/24 maxlen: 24
84.239.36.0/24 maxlen: 24
84.239.35.0/24 maxlen: 24
84.239.38.0/24 maxlen: 24
84.239.39.0/24 maxlen: 24
84.239.40.0/24 maxlen: 24
84.239.44.0/24 maxlen: 24
84.239.49.0/24 maxlen: 24
84.239.51.0/24 maxlen: 24
84.239.46.0/24 maxlen: 24
84.239.55.0/24 maxlen: 24
84.239.57.0/24 maxlen: 24
84.239.56.0/24 maxlen: 24
84.239.58.0/24 maxlen: 24
84.239.59.0/24 maxlen: 24
84.239.62.0/24 maxlen: 24
84.239.63.0/24 maxlen: 24
2a02:2160:8000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:ae:ce:e3:e6:93:2a:41:b7:bb:6e:14:ae:ec:b4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Dec 19 10:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90ede91dc635cd758bec6c865673b827c273870d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:93:15:10:c4:b0:2d:55:9a:e8:e2:20:f1:
51:f6:f7:4d:bc:9b:c4:71:17:d7:45:83:b2:08:bc:
85:79:51:a2:c5:35:eb:0f:ea:10:3c:14:ce:34:b8:
93:e3:f4:e6:cd:ed:8c:5e:f0:1f:d2:cf:a7:ed:21:
12:97:a9:3c:b0:94:4f:e6:7d:23:65:b4:52:a6:70:
d5:a7:10:6b:e9:2b:e5:42:fe:5d:6b:08:d5:1c:f0:
ac:ce:0a:eb:ef:e2:88:34:9b:df:55:45:e3:2a:93:
76:29:bf:31:0d:d6:70:70:9a:b8:fc:fe:04:b4:ad:
2f:ff:73:03:03:2c:55:7b:5f:e9:89:c6:0d:6b:42:
c0:44:52:d0:fa:a2:de:85:bd:cc:bf:f4:e6:46:2e:
69:4d:f5:9a:7c:2e:23:98:6e:0c:fb:9b:b5:0e:d7:
f5:0e:7c:40:b9:6b:7b:60:82:95:55:ab:bd:e0:d8:
58:94:17:d3:a2:90:37:68:80:6f:51:ab:5f:62:95:
19:7a:08:48:a2:2e:b7:db:76:ec:db:d5:e1:51:1c:
29:3a:08:46:b9:35:76:c6:16:4e:33:b6:58:fd:19:
7d:c0:d3:09:eb:a7:ac:c8:4a:ca:dc:99:01:fe:6e:
f0:91:52:0f:49:e4:e9:76:4d:f3:88:ad:34:3c:ea:
79:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:ED:E9:1D:C6:35:CD:75:8B:EC:6C:86:56:73:B8:27:C2:73:87:0D
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kO3pHcY1zXWL7GyGVnO4J8Jzhw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.4.0/24
84.239.8.0/23
84.239.11.0/24
84.239.13.0-84.239.15.255
84.239.32.0/24
84.239.34.0-84.239.36.255
84.239.38.0-84.239.40.255
84.239.44.0/24
84.239.46.0/24
84.239.49.0/24
84.239.51.0/24
84.239.55.0-84.239.59.255
84.239.62.0/23
185.193.52.0/22
IPv6:
2a02:2160:8000::/36
Signature Algorithm: sha256WithRSAEncryption
75:96:cf:d2:a2:2d:52:96:57:6d:77:46:03:40:0b:b2:31:89:
ff:9b:fb:2c:60:90:59:ea:32:f5:14:e7:f6:cb:7a:32:15:08:
5e:1f:40:da:51:44:c9:ed:bf:72:a1:6b:54:95:d1:58:5e:87:
ed:0a:8b:7f:9a:90:ec:1f:e8:ec:70:1c:89:1a:97:2f:6c:0e:
b2:bc:e9:a2:e4:53:cb:72:20:40:61:54:6f:b7:ea:48:3b:47:
88:68:d1:8a:3a:ea:e3:d0:e5:52:c0:e1:88:c9:34:6b:b9:7a:
8f:ab:cf:a6:2d:64:2f:9e:68:c5:30:8c:ff:1c:1e:49:9f:18:
38:ee:b3:7d:fa:75:ac:b3:12:37:fd:07:54:8a:12:06:34:25:
8c:84:18:ed:55:79:52:fd:cd:ae:f2:6d:e7:c5:a4:39:cf:33:
a7:87:ba:35:0b:6e:43:43:d0:c2:62:ee:60:c1:71:39:a4:48:
00:21:fe:0e:6c:93:0b:53:ea:4a:28:f2:6f:a3:6a:f2:e0:da:
bd:88:3d:19:35:e1:f0:10:51:e6:5b:fe:38:cc:9f:90:3c:fb:
fe:77:b6:d3:61:7c:ca:56:6f:45:10:86:6f:98:ce:e8:18:81:
fa:e2:27:b3:f1:c4:1c:ff:10:70:46:df:bf:55:f7:33:d8:33:
25:a6:54:61
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYyBrs7j5pMqQbe7bhSu7LSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjMxMjE5MTA0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVkZTkxZGM2MzVjZDc1OGJlYzZjODY1NjczYjgyN2MyNzM4NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+OTFRDEsC1VmujiIPFR9vdNvJvE
cRfXRYOyCLyFeVGixTXrD+oQPBTONLiT4/Tmze2MXvAf0s+n7SESl6k8sJRP5n0j
ZbRSpnDVpxBr6SvlQv5dawjVHPCszgrr7+KINJvfVUXjKpN2Kb8xDdZwcJq4/P4E
tK0v/3MDAyxVe1/picYNa0LARFLQ+qLehb3Mv/TmRi5pTfWafC4jmG4M+5u1Dtf1
DnxAuWt7YIKVVau94NhYlBfTopA3aIBvUatfYpUZeghIoi6323bs29XhURwpOghG
uTV2xhZOM7ZY/Rl9wNMJ66esyErK3JkB/m7wkVIPSeTpdk3ziK00POp5UQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJDt6R3GNc11i+xshlZzuCfCc4cNMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEva08zcEhjWTF6WFdMN0d5R1ZuTzRKOEp6aHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQAVO8E
AwQBVO8IAwQAVO8LMAwDBABU7w0DBARU7wADBABU7yAwDAMEAVTvIgMEAFTvJDAM
AwQBVO8mAwQAVO8oAwQAVO8sAwQAVO8uAwQAVO8xAwQAVO8zMAwDBABU7zcDBAJU
7zgDBAFU7z4DBAK5wTQwDgQCAAIwCAMGBCoCIWCAMA0GCSqGSIb3DQEBCwUAA4IB
AQB1ls/Soi1Slldtd0YDQAuyMYn/m/ssYJBZ6jL1FOf2y3oyFQheH0DaUUTJ7b9y
oWtUldFYXoftCot/mpDsH+jscByJGpcvbA6yvOmi5FPLciBAYVRvt+pIO0eIaNGK
Ourj0OVSwOGIyTRruXqPq8+mLWQvnmjFMIz/HB5Jnxg47rN9+nWssxI3/QdUihIG
NCWMhBjtVXlS/c2u8m3nxaQ5zzOnh7o1C25DQ9DCYu5gwXE5pEgAIf4ObJMLU+pK
KPJvo2ry4Nq9iD0ZNeHwEFHmW/44zJ+QPPv+d7bTYXzKVm9FEIZvmM7oGIH64iez
8cQc/xBwRt+/Vfcz2DMlplRh
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:18 2024 by rpki-client on console-ams.rpki-client.org