Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/O0ZqFeQQQyxvVmlFiO4-vFbt8V8.roa
File: O0ZqFeQQQyxvVmlFiO4-vFbt8V8.roa (raw, json)
Hash identifier: 7VJXEXf3bICb/i5pKTynqLmT53b5HkfQA4RFqyvi1fU=
Subject key identifier: 3B:46:6A:15:E4:10:43:2C:6F:56:69:45:88:EE:3E:BC:56:ED:F1:5F
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFCCB6BF63117C0D7DA4DCB766EA2
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/O0ZqFeQQQyxvVmlFiO4-vFbt8V8.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.202.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.112.0/20 maxlen: 24
93.113.184.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fc:cb:6b:f6:31:17:c0:d7:da:4d:cb:76:6e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b466a15e410432c6f56694588ee3ebc56edf15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b3:dd:76:c5:fc:0f:64:4d:6f:b8:1d:11:9a:
73:5d:af:3f:5b:d5:0f:85:0e:cf:db:14:ed:fc:ac:
6b:c5:0e:59:54:ac:db:bd:12:e1:6b:33:97:54:c8:
9c:4a:66:de:ef:91:19:ad:d0:f5:07:ce:6d:e4:12:
d4:da:ff:f6:2b:db:15:7e:0a:0b:e8:45:d3:d8:87:
83:76:10:c0:d8:5b:3a:7a:97:49:b9:0d:24:2a:f3:
2b:31:3e:0c:70:a1:31:dc:9b:50:eb:d9:84:c3:7b:
a3:a6:34:d3:24:16:f8:c1:2d:cb:c5:5f:73:9a:2c:
9f:93:4d:12:23:3b:54:69:4c:cc:19:df:f5:1a:e3:
25:a8:61:12:f5:9c:dd:ec:60:74:b7:87:42:0e:71:
93:b0:6e:f0:74:90:55:af:74:c7:47:a7:dc:47:26:
f5:e6:54:6a:4b:06:0f:12:12:9b:2c:8d:25:08:d2:
29:6c:7d:0d:7b:6c:58:eb:2d:12:0d:8d:79:ef:03:
42:5d:0b:07:5c:f0:bc:f5:01:33:69:86:d9:71:e1:
90:26:b2:3d:c4:7f:f2:1f:00:d8:41:7b:5c:16:45:
ed:e2:31:55:6f:98:e3:6b:63:96:ca:82:43:03:91:
28:49:e5:3c:f6:84:29:82:7b:21:53:6c:57:7c:db:
8d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:46:6A:15:E4:10:43:2C:6F:56:69:45:88:EE:3E:BC:56:ED:F1:5F
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/O0ZqFeQQQyxvVmlFiO4-vFbt8V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.16.0/20
89.37.216.0/23
93.113.184.0/21
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:25:b8:ee:92:e4:cc:1f:47:03:25:bd:ad:61:81:54:9e:07:
ec:a7:c8:c7:70:0d:bc:5c:2f:70:29:db:f2:4f:4d:fb:f7:14:
4a:fd:bd:06:be:6a:57:61:2d:9e:c3:74:e5:d6:b9:78:21:06:
d7:6b:c6:72:bb:a5:d7:af:00:07:c0:fa:b8:67:40:09:dc:1f:
22:a7:f9:34:77:74:33:0b:b4:3a:bb:aa:45:5e:74:f0:ee:26:
38:6e:ff:d3:01:65:ee:88:41:2d:18:53:91:9e:a0:1e:17:48:
52:f7:a7:d4:89:7b:9d:c5:a9:09:71:d0:36:b3:6d:56:1c:2f:
fd:9f:32:35:e9:af:ae:8d:f0:c9:04:0d:ac:15:96:fc:80:b0:
2d:23:d2:b9:95:72:a4:64:22:c9:a9:c6:83:8f:d7:32:f1:7f:
25:a5:63:5c:d0:57:f7:75:11:33:37:d1:96:ca:e5:29:1f:af:
7d:5f:b1:bf:99:a3:6f:36:45:96:9d:f6:21:b5:3d:e0:54:1a:
05:ef:01:97:49:73:e4:83:58:ab:79:e0:a2:f5:da:06:bc:d2:
f7:43:71:3b:6b:f4:60:b8:dc:74:4b:a8:98:66:09:0a:73:a7:
68:e5:5f:6d:3b:cc:66:75:59:36:18:fa:37:c2:02:6a:6f:18:
4c:36:55:e3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzFbvzLa/YxF8DX2k3Ldm6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ2NmExNWU0MTA0MzJjNmY1NjY5NDU4OGVlM2ViYzU2ZWRmMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLPddsX8D2RNb7gdEZpzXa8/W9UP
hQ7P2xTt/KxrxQ5ZVKzbvRLhazOXVMicSmbe75EZrdD1B85t5BLU2v/2K9sVfgoL
6EXT2IeDdhDA2Fs6epdJuQ0kKvMrMT4McKEx3JtQ69mEw3ujpjTTJBb4wS3LxV9z
miyfk00SIztUaUzMGd/1GuMlqGES9Zzd7GB0t4dCDnGTsG7wdJBVr3THR6fcRyb1
5lRqSwYPEhKbLI0lCNIpbH0Ne2xY6y0SDY157wNCXQsHXPC89QEzaYbZceGQJrI9
xH/yHwDYQXtcFkXt4jFVb5jja2OWyoJDA5EoSeU89oQpgnshU2xXfNuNGwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDtGahXkEEMsb1ZpRYjuPrxW7fFfMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvTzBacUZlUVFReXh2Vm1sRmlPNC12RmJ0OFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPnAMAwQE
VOoQAwQBWSXYAwQDXXG4AwQBwjpAAwQDwlhgAwQEwlhwAwQBw4XKMA0GCSqGSIb3
DQEBCwUAA4IBAQBdJbjukuTMH0cDJb2tYYFUngfsp8jHcA28XC9wKdvyT0379xRK
/b0GvmpXYS2ew3Tl1rl4IQbXa8Zyu6XXrwAHwPq4Z0AJ3B8ip/k0d3QzC7Q6u6pF
XnTw7iY4bv/TAWXuiEEtGFORnqAeF0hS96fUiXudxakJcdA2s21WHC/9nzI16a+u
jfDJBA2sFZb8gLAtI9K5lXKkZCLJqcaDj9cy8X8lpWNc0Ff3dREzN9GWyuUpH699
X7G/maNvNkWWnfYhtT3gVBoF7wGXSXPkg1ireeCi9doGvNL3Q3E7a/RguNx0S6iY
ZgkKc6do5V9tO8xmdVk2GPo3wgJqbxhMNlXj
-----END CERTIFICATE-----
Generated at Fri Jan 5 03:10:52 2024 by rpki-client on console-ams.rpki-client.org