Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/8_OsMqK9OD5fpoViTzXt9S5K9LA.roa
File: 8_OsMqK9OD5fpoViTzXt9S5K9LA.roa (raw, json)
Hash identifier: dPrStYpZS/p6qnkIP9RjaopxnVnKejeTU8zL8wiT4n4=
Subject key identifier: F3:F3:AC:32:A2:BD:38:3E:5F:A6:85:62:4F:35:ED:F5:2E:4A:F4:B0
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018F1B220CCBE1C69B12DF12C508DDB54773
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/8_OsMqK9OD5fpoViTzXt9S5K9LA.roa
Signing time: Fri 26 Apr 2024 15:59:27 +0000
ROA not before: Fri 26 Apr 2024 15:59:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 May 2024 08:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:22:0c:cb:e1:c6:9b:12:df:12:c5:08:dd:b5:47:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Apr 26 15:59:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3f3ac32a2bd383e5fa685624f35edf52e4af4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e4:4c:9a:9c:bb:76:61:f5:0f:be:5f:4b:5f:
73:de:18:5a:4e:2f:a8:d6:8b:85:d6:30:f6:98:14:
15:80:f4:26:05:a9:2e:08:e3:f3:7d:bf:ea:2f:be:
d9:1b:e1:67:59:7e:2a:fe:60:ba:85:72:77:94:51:
4a:18:01:19:82:80:ab:a7:3c:40:5b:25:d4:d9:5e:
48:9a:a4:d6:89:d6:d6:ca:07:3f:7f:a0:62:4b:3b:
2e:30:de:d6:40:7d:9e:5d:7b:47:59:12:45:65:76:
40:c2:88:b1:c0:20:72:71:4e:d1:a3:3e:ba:4a:09:
7e:a0:ec:54:26:34:d2:b8:0c:d0:ee:f1:b3:33:ac:
f0:b9:25:0d:28:54:11:90:a0:c6:87:4d:07:71:4b:
7d:dd:96:72:04:d7:fc:58:40:71:2e:7c:0f:e9:bf:
9b:f1:a3:ae:09:1b:96:63:da:38:77:db:55:be:ef:
13:7d:35:ec:47:f2:9b:2e:a5:d1:7d:bf:f0:e9:2b:
2f:cf:b9:b5:99:01:63:28:cd:4f:26:56:e6:df:a4:
5c:29:82:e3:bb:2e:31:cc:70:5d:60:ac:22:a1:21:
19:1e:59:35:eb:f8:d1:0e:cc:50:fa:13:cc:bf:89:
46:ec:e7:d8:77:ad:bd:bb:f1:74:1e:f2:f7:42:6a:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F3:AC:32:A2:BD:38:3E:5F:A6:85:62:4F:35:ED:F5:2E:4A:F4:B0
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/8_OsMqK9OD5fpoViTzXt9S5K9LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
93.186.192.0/20
146.0.32.0/20
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
4c:96:34:db:ea:f6:bd:7f:d5:86:51:46:8a:d3:cb:ed:7e:dd:
94:70:ba:f8:ef:ab:1e:a0:fc:00:ed:c8:d5:96:5a:b0:98:a9:
8f:7f:25:2f:05:69:fb:b7:8a:eb:2c:9d:12:b9:37:78:d4:29:
62:c2:45:54:c7:1d:26:fe:49:d4:03:64:e3:e9:29:cd:61:6f:
36:fa:1b:51:6c:d0:af:29:5f:0f:ba:57:09:3d:ae:eb:2a:1a:
97:33:68:93:98:80:29:e6:8d:55:73:10:e5:f1:59:7e:a1:ce:
40:7b:ab:aa:8c:4a:b8:15:7d:7a:70:57:df:a8:fd:ad:f9:d3:
44:f3:62:64:a7:ca:e9:2c:51:85:6a:e8:4b:2c:ec:c2:5e:2f:
5e:4a:57:9a:54:34:68:df:d6:1f:74:40:0a:20:88:07:90:87:
13:f6:7c:ee:51:cd:10:d2:26:45:e7:d3:48:94:4c:f1:1e:7d:
7e:5d:16:e3:be:7e:a3:06:1c:d4:8c:b5:c6:12:96:d6:07:78:
34:ca:72:ce:78:af:82:63:c0:40:b8:02:72:ca:31:4b:07:ae:
bd:c4:9a:54:72:12:c3:0a:d6:89:af:77:b0:b1:d1:79:a3:4e:
8f:b7:5e:90:67:c5:49:d6:40:d1:2e:32:96:30:c9:a8:f9:d0:
82:c0:b4:65
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAY8bIgzL4cabEt8SxQjdtUdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNDI2MTU1OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2YzYWMzMmEyYmQzODNlNWZhNjg1NjI0ZjM1ZWRmNTJlNGFmNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveRMmpy7dmH1D75fS19z3hhaTi+o
1ouF1jD2mBQVgPQmBakuCOPzfb/qL77ZG+FnWX4q/mC6hXJ3lFFKGAEZgoCrpzxA
WyXU2V5ImqTWidbWygc/f6BiSzsuMN7WQH2eXXtHWRJFZXZAwoixwCBycU7Roz66
Sgl+oOxUJjTSuAzQ7vGzM6zwuSUNKFQRkKDGh00HcUt93ZZyBNf8WEBxLnwP6b+b
8aOuCRuWY9o4d9tVvu8TfTXsR/KbLqXRfb/w6Ssvz7m1mQFjKM1PJlbm36RcKYLj
uy4xzHBdYKwioSEZHlk16/jRDsxQ+hPMv4lG7OfYd629u/F0HvL3QmqaUQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFPPzrDKivTg+X6aFYk817fUuSvSwMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvOF9Pc01xSzlPRDVmcG9WaVR6WHQ5UzVLOUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBrwQCAAEwgagDBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBARd
usADBASSACADBAKYWVwDBAK5D/QDBAK5LfgDBAK529ADBAHBb8YDBADCa4EDBADC
fsYDBAHDXfIDBAbVysADBATZT7AwKwQCAAIwJQMFASABS6AwDgMFACABS6MDBQAg
AUukAwUAKgEEgAMFACoMawAwDQYJKoZIhvcNAQELBQADggEBAEyWNNvq9r1/1YZR
RorTy+1+3ZRwuvjvqx6g/ADtyNWWWrCYqY9/JS8Fafu3iussnRK5N3jUKWLCRVTH
HSb+SdQDZOPpKc1hbzb6G1Fs0K8pXw+6Vwk9rusqGpczaJOYgCnmjVVzEOXxWX6h
zkB7q6qMSrgVfXpwV9+o/a3500TzYmSnyuksUYVq6Ess7MJeL15KV5pUNGjf1h90
QAogiAeQhxP2fO5RzRDSJkXn00iUTPEefX5dFuO+fqMGHNSMtcYSltYHeDTKcs54
r4JjwEC4AnLKMUsHrr3EmlRyEsMK1omvd7Cx0XmjTo+3XpBnxUnWQNEuMpYwyaj5
0ILAtGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org