Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/vO8fuwp1lyYwa2LJgLwWhooKp1Q.roa
File: vO8fuwp1lyYwa2LJgLwWhooKp1Q.roa (raw, json)
Hash identifier: 6O3DZdPBtboSecO0IgqKoI3f3rvg6cUZBskGSZkjWVc=
Subject key identifier: BC:EF:1F:BB:0A:75:97:26:30:6B:62:C9:80:BC:16:86:8A:0A:A7:54
Certificate issuer: /CN=1902391799337601331f5a12af11e9f4f6421159
Certificate serial: 01856E5D555E61CBD1DD2832CA12C5F60EE4
Authority key identifier: 19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/vO8fuwp1lyYwa2LJgLwWhooKp1Q.roa
Signing time: Sun 01 Jan 2023 17:24:48 +0000
ROA not before: Sun 01 Jan 2023 17:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60427
IP address blocks: 185.87.236.0/24 maxlen: 24
194.5.183.0/24 maxlen: 24
80.240.107.0/24 maxlen: 24
185.64.131.0/24 maxlen: 24
185.64.129.0/24 maxlen: 24
185.64.130.0/24 maxlen: 24
185.64.128.0/24 maxlen: 24
185.64.128.0/22 maxlen: 22
2a03:14a0:2::/48 maxlen: 48
2a03:14a0:3::/48 maxlen: 48
2a03:14a0:1::/48 maxlen: 48
2a03:14a0:1301::/48 maxlen: 48
2a03:14a0:5::/48 maxlen: 48
2a03:14a0::/32 maxlen: 32
2a03:14a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:55:5e:61:cb:d1:dd:28:32:ca:12:c5:f6:0e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1902391799337601331f5a12af11e9f4f6421159
Validity
Not Before: Jan 1 17:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcef1fbb0a759726306b62c980bc16868a0aa754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:33:b8:06:b8:7f:2f:89:d9:67:84:77:0e:0a:
1f:27:4a:c3:d8:e8:da:ff:d8:d4:be:15:1c:02:e9:
ff:90:af:d7:7f:2d:cb:52:c5:fa:85:d4:2e:fa:39:
79:89:0a:e3:c9:97:a1:5f:9d:da:93:54:b5:1f:eb:
4a:75:db:02:44:b7:0f:b0:89:23:92:9c:ed:b9:9e:
cf:ee:62:85:49:d6:b2:bb:98:4c:5f:f1:8b:d3:0b:
11:1c:f2:a1:13:9f:b9:c9:6f:64:1c:55:1c:29:22:
d8:8c:81:0f:c3:86:67:ec:72:8c:04:27:cb:b6:0c:
ab:29:18:a8:38:1a:ff:d8:2f:e5:7a:d6:fc:5f:5b:
28:f4:aa:3f:c8:ac:c9:e5:de:dc:ac:c4:e2:da:8a:
84:20:9f:04:ac:a0:48:ff:33:71:17:d4:04:ba:67:
f1:76:4d:9a:1f:33:1b:a6:a6:62:fc:dc:76:44:59:
99:1a:59:89:0a:a4:c7:5d:cf:ef:ea:6d:85:23:c0:
96:4d:4d:4f:08:e3:a5:c9:0f:a9:60:c1:50:e1:be:
db:15:46:58:ef:12:14:15:ac:b2:16:36:d3:66:89:
ee:c6:7c:65:ed:c4:62:c0:bb:cb:81:c8:37:1f:28:
68:a7:af:e9:4e:bb:78:a2:4f:0a:61:5b:2f:ea:e0:
d4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EF:1F:BB:0A:75:97:26:30:6B:62:C9:80:BC:16:86:8A:0A:A7:54
X509v3 Authority Key Identifier:
keyid:19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/vO8fuwp1lyYwa2LJgLwWhooKp1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.107.0/24
185.64.128.0/22
185.87.236.0/24
194.5.183.0/24
IPv6:
2a03:14a0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:a3:f2:5a:91:60:dd:ec:5e:82:e8:6d:ba:a6:85:bf:2e:16:
03:22:7d:df:3e:d6:76:13:8d:05:29:f0:50:d2:09:ff:57:a5:
07:bc:51:c8:da:3a:f0:cc:8e:8a:a7:56:f4:7d:ae:d0:50:4a:
98:3b:a4:d5:3f:05:42:73:5b:26:3a:c1:4e:9a:e6:14:54:14:
6c:a0:b2:11:43:16:9f:5e:0e:94:ae:96:4b:a0:78:72:c0:d9:
8b:f8:1b:bc:e8:a7:17:e6:01:0a:b3:33:a7:06:a8:8e:6f:9b:
61:21:24:47:1a:bd:74:13:85:57:33:10:02:39:c4:95:a6:9e:
af:f4:77:0b:8d:7d:65:6f:02:b9:66:73:22:24:12:8a:5b:35:
b2:14:e1:6f:cd:7a:26:78:09:04:0b:88:47:a5:7c:79:83:6a:
94:18:0a:7e:2b:ef:ed:1f:6f:ef:6b:23:a5:56:4e:71:48:33:
2a:74:39:18:00:64:b4:cc:cb:a3:0e:a8:2c:94:7c:0b:2f:a7:
5c:dd:d3:b6:b2:8c:4e:35:0b:16:f1:58:54:71:74:25:ff:4b:
52:18:77:00:fd:8c:9e:31:dc:3b:85:20:ed:ce:e5:1e:7b:85:
27:f3:25:15:cc:fb:1d:68:29:de:fb:c8:6a:3e:67:3f:16:60:
3d:f6:b3:48
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuXVVeYcvR3SgyyhLF9g7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDIzOTE3OTkzMzc2MDEzMzFmNWExMmFmMTFlOWY0ZjY0
MjExNTkwHhcNMjMwMTAxMTcyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VmMWZiYjBhNzU5NzI2MzA2YjYyYzk4MGJjMTY4NjhhMGFhNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TO4Brh/L4nZZ4R3DgofJ0rD2Oja
/9jUvhUcAun/kK/Xfy3LUsX6hdQu+jl5iQrjyZehX53ak1S1H+tKddsCRLcPsIkj
kpztuZ7P7mKFSdayu5hMX/GL0wsRHPKhE5+5yW9kHFUcKSLYjIEPw4Zn7HKMBCfL
tgyrKRioOBr/2C/letb8X1so9Ko/yKzJ5d7crMTi2oqEIJ8ErKBI/zNxF9QEumfx
dk2aHzMbpqZi/Nx2RFmZGlmJCqTHXc/v6m2FI8CWTU1PCOOlyQ+pYMFQ4b7bFUZY
7xIUFayyFjbTZonuxnxl7cRiwLvLgcg3Hyhop6/pTrt4ok8KYVsv6uDUHQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLzvH7sKdZcmMGtiyYC8FoaKCqdUMB8GA1UdIwQY
MBaAFBkCOReZM3YBMx9aEq8R6fT2QhFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODct
NTU5NzI2MGY2NWVlLzEvdk84ZnV3cDFseVl3YTJMSmdMd1dob29LcDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODctNTU5NzI2MGY2NWVl
LzEvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAUPBrAwQC
uUCAAwQAuVfsAwQAwgW3MA0EAgACMAcDBQAqAxSgMA0GCSqGSIb3DQEBCwUAA4IB
AQCNo/JakWDd7F6C6G26poW/LhYDIn3fPtZ2E40FKfBQ0gn/V6UHvFHI2jrwzI6K
p1b0fa7QUEqYO6TVPwVCc1smOsFOmuYUVBRsoLIRQxafXg6UrpZLoHhywNmL+Bu8
6KcX5gEKszOnBqiOb5thISRHGr10E4VXMxACOcSVpp6v9HcLjX1lbwK5ZnMiJBKK
WzWyFOFvzXomeAkEC4hHpXx5g2qUGAp+K+/tH2/vayOlVk5xSDMqdDkYAGS0zMuj
DqgslHwLL6dc3dO2soxONQsW8VhUcXQl/0tSGHcA/YyeMdw7hSDtzuUee4Un8yUV
zPsdaCne+8hqPmc/FmA99rNI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:51 2024 by rpki-client on console-ams.rpki-client.org