Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/o9X-LYLja6-Y8gSNSJY57VBfgM0.roa
File: o9X-LYLja6-Y8gSNSJY57VBfgM0.roa (raw, json)
Hash identifier: Zqo8C3uwdRauMNAV8CL3bidG2bGIOjRcIFf4E/TLzys=
Subject key identifier: A3:D5:FE:2D:82:E3:6B:AF:98:F2:04:8D:48:96:39:ED:50:5F:80:CD
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0187B94729F5BED124AE1AB354F111D03716
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/o9X-LYLja6-Y8gSNSJY57VBfgM0.roa
Signing time: Tue 25 Apr 2023 16:37:41 +0000
ROA not before: Tue 25 Apr 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 188.240.83.0/24 maxlen: 24
85.204.148.0/22 maxlen: 22
5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
62.112.0.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
194.88.112.0/20 maxlen: 24
91.232.136.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:47:29:f5:be:d1:24:ae:1a:b3:54:f1:11:d0:37:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 25 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3d5fe2d82e36baf98f2048d489639ed505f80cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2c:65:93:aa:22:de:4e:b8:dc:0d:f5:4e:95:
16:61:3e:4b:3c:17:d1:74:b7:71:b4:e1:8c:24:30:
2a:48:d9:ec:8d:93:67:d5:d2:75:c5:d0:87:85:b6:
78:c4:98:88:df:42:cd:04:d7:07:d3:7c:51:eb:e3:
ba:3a:28:03:5d:12:14:54:f0:45:d1:de:d4:47:d9:
b4:51:97:36:55:2e:14:00:93:26:55:a5:5f:59:62:
a8:39:1c:b4:83:ef:7f:5d:7e:6c:0e:ae:42:29:59:
17:91:9f:37:dd:f8:8e:c8:24:e3:28:45:b2:9b:4b:
fa:0d:a4:69:f3:e4:cc:05:3b:7b:e7:71:0e:62:f2:
7e:c5:22:4a:a4:f2:70:59:86:bc:99:ab:23:7f:ac:
99:fd:bc:64:1b:4e:f3:6a:f7:3a:47:df:af:51:e1:
0e:e4:10:9c:c0:36:ae:c0:d0:11:fd:c8:95:63:a5:
bd:5a:8d:57:c0:15:e2:42:53:d7:d8:57:6e:fd:59:
48:9e:86:7a:a2:0e:09:c6:4c:ba:82:dd:2a:57:d6:
69:b4:5b:7c:b9:12:e0:aa:e4:7e:cc:2a:c1:07:9c:
57:a7:96:f4:71:07:04:9b:97:40:b3:d9:1b:48:a9:
cb:85:51:09:4f:b8:0c:9e:70:7c:e1:c8:fc:46:37:
0e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D5:FE:2D:82:E3:6B:AF:98:F2:04:8D:48:96:39:ED:50:5F:80:CD
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/o9X-LYLja6-Y8gSNSJY57VBfgM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.234.16.0/20
85.204.148.0/22
85.204.160.0/22
91.232.136.0/22
93.113.184.0/21
188.240.83.0/24
194.88.96.0/21
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:ab:2c:69:e0:c6:5d:24:fe:b9:a2:b6:33:c5:83:e1:c3:52:
29:e7:88:43:b5:46:9f:d7:11:5f:44:e5:51:53:bf:ae:1e:c2:
18:9b:2d:bc:bc:a1:6a:1e:5a:e8:15:7c:f9:64:0b:8d:09:01:
93:fe:61:f1:2b:93:d2:b1:0e:fe:de:74:2d:42:0d:b5:48:3e:
d0:dd:49:11:e0:bb:c5:3d:82:64:13:77:58:6c:51:58:2b:ca:
80:23:59:f1:17:6e:23:6f:5d:d0:88:af:6d:a1:a5:59:03:c2:
9f:3f:ba:e6:98:7b:fd:51:e3:9b:3c:a7:cc:00:bb:d0:42:ce:
19:46:75:7b:84:02:89:26:23:9b:58:20:76:bd:5e:37:9c:99:
bf:3a:78:4d:f0:73:50:1f:d8:f2:a5:c9:9d:d1:45:b9:9e:09:
20:8f:41:41:88:a5:cc:6b:9c:c6:88:4b:f7:9a:5a:91:8c:a2:
88:10:a6:71:14:97:73:2a:44:75:68:f3:41:3b:b1:46:48:ad:
85:08:28:27:b0:df:2f:11:61:98:cb:07:39:b5:41:49:44:22:
65:d8:2d:6d:f7:7d:34:0f:a4:a6:5a:ec:c0:aa:c5:3a:cc:05:
9a:e6:c8:e2:16:06:12:45:c5:c4:33:3d:fc:65:58:54:d4:7e:
ff:aa:17:38
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYe5Ryn1vtEkrhqzVPER0DcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDI1MTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q1ZmUyZDgyZTM2YmFmOThmMjA0OGQ0ODk2MzllZDUwNWY4MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyxlk6oi3k643A31TpUWYT5LPBfR
dLdxtOGMJDAqSNnsjZNn1dJ1xdCHhbZ4xJiI30LNBNcH03xR6+O6OigDXRIUVPBF
0d7UR9m0UZc2VS4UAJMmVaVfWWKoORy0g+9/XX5sDq5CKVkXkZ833fiOyCTjKEWy
m0v6DaRp8+TMBTt753EOYvJ+xSJKpPJwWYa8masjf6yZ/bxkG07zavc6R9+vUeEO
5BCcwDauwNAR/ciVY6W9Wo1XwBXiQlPX2Fdu/VlInoZ6og4Jxky6gt0qV9ZptFt8
uRLgquR+zCrBB5xXp5b0cQcEm5dAs9kbSKnLhVEJT7gMnnB84cj8RjcOqwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKPV/i2C42uvmPIEjUiWOe1QX4DNMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbzlYLUxZTGphNi1ZOGdTTlNKWTU3VkJmZ00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDBSPAAwQD
PnAAAwQEVOoQAwQCVcyUAwQCVcygAwQCW+iIAwQDXXG4AwQAvPBTAwQDwlhgAwQE
wlhwMA0GCSqGSIb3DQEBCwUAA4IBAQBsqyxp4MZdJP65orYzxYPhw1Ip54hDtUaf
1xFfROVRU7+uHsIYmy28vKFqHlroFXz5ZAuNCQGT/mHxK5PSsQ7+3nQtQg21SD7Q
3UkR4LvFPYJkE3dYbFFYK8qAI1nxF24jb13QiK9toaVZA8KfP7rmmHv9UeObPKfM
ALvQQs4ZRnV7hAKJJiObWCB2vV43nJm/OnhN8HNQH9jypcmd0UW5ngkgj0FBiKXM
a5zGiEv3mlqRjKKIEKZxFJdzKkR1aPNBO7FGSK2FCCgnsN8vEWGYywc5tUFJRCJl
2C1t9300D6SmWuzAqsU6zAWa5sjiFgYSRcXEMz38ZVhU1H7/qhc4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:05 2023 by rpki-client on console-fra.rpki-client.org