Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/OvkhkQ29ApgTKc8p7vKhZPHFkVM.roa
File: OvkhkQ29ApgTKc8p7vKhZPHFkVM.roa (raw, json)
Hash identifier: XNZ5nH+V94toBPSfkNjA8c5AKCtMQj0RQw3HVww+upo=
Subject key identifier: 3A:F9:21:91:0D:BD:02:98:13:29:CF:29:EE:F2:A1:64:F1:C5:91:53
Certificate issuer: /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial: 018C67C7A4DD2544CFA87668C929FF7FC828
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/OvkhkQ29ApgTKc8p7vKhZPHFkVM.roa
Signing time: Thu 14 Dec 2023 10:03:06 +0000
ROA not before: Thu 14 Dec 2023 10:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42313
IP address blocks: 79.106.242.0/23 maxlen: 23
79.106.244.0/23 maxlen: 23
79.106.240.0/21 maxlen: 21
79.106.246.0/23 maxlen: 23
79.106.255.0/24 maxlen: 24
79.106.254.0/24 maxlen: 24
185.171.146.0/23 maxlen: 23
185.171.147.0/24 maxlen: 24
185.171.146.0/24 maxlen: 24
185.171.144.0/23 maxlen: 23
79.106.84.0/24 maxlen: 24
79.106.90.0/24 maxlen: 24
79.106.95.0/24 maxlen: 24
79.106.96.0/19 maxlen: 19
79.106.94.0/23 maxlen: 23
79.106.104.0/24 maxlen: 24
79.106.102.0/24 maxlen: 24
79.106.103.0/24 maxlen: 24
79.106.101.0/24 maxlen: 24
79.106.107.0/24 maxlen: 24
79.106.118.0/23 maxlen: 23
79.106.117.0/24 maxlen: 24
79.106.125.0/24 maxlen: 24
79.106.123.0/24 maxlen: 24
79.106.124.0/24 maxlen: 24
79.106.122.0/24 maxlen: 24
79.106.120.0/24 maxlen: 24
79.106.127.0/24 maxlen: 24
79.106.128.0/19 maxlen: 19
79.106.126.0/24 maxlen: 24
79.106.32.0/19 maxlen: 19
79.106.37.0/24 maxlen: 24
79.106.42.0/24 maxlen: 24
79.106.48.0/24 maxlen: 24
79.106.50.0/24 maxlen: 24
79.106.56.0/22 maxlen: 22
79.106.64.0/19 maxlen: 19
79.106.64.0/24 maxlen: 24
79.106.77.0/24 maxlen: 24
79.106.192.0/19 maxlen: 19
79.106.195.0/24 maxlen: 24
79.106.194.0/23 maxlen: 23
79.106.196.0/24 maxlen: 24
79.106.205.0/24 maxlen: 24
79.106.204.0/24 maxlen: 24
79.106.209.0/24 maxlen: 24
79.106.207.0/24 maxlen: 24
79.106.210.0/24 maxlen: 24
79.106.211.0/24 maxlen: 24
79.106.215.0/24 maxlen: 24
79.106.214.0/24 maxlen: 24
79.106.218.0/23 maxlen: 23
79.106.220.0/24 maxlen: 24
79.106.224.0/19 maxlen: 19
79.106.230.0/24 maxlen: 24
79.106.229.0/24 maxlen: 24
79.106.232.0/22 maxlen: 22
79.106.228.0/24 maxlen: 24
79.106.240.0/23 maxlen: 23
79.106.160.0/19 maxlen: 19
79.106.162.0/24 maxlen: 24
79.106.176.0/21 maxlen: 21
79.106.0.0/24 maxlen: 24
79.106.0.0/19 maxlen: 19
79.106.0.0/17 maxlen: 17
79.106.0.0/16 maxlen: 16
217.24.240.0/21 maxlen: 21
217.24.240.0/20 maxlen: 20
217.24.248.0/21 maxlen: 21
217.24.248.0/24 maxlen: 24
217.24.254.0/24 maxlen: 24
2a05:fdc0::/32 maxlen: 32
2a05:fdc0:3200::/40 maxlen: 40
2a05:fdc0:3100::/40 maxlen: 40
2a05:fdc0:2300::/40 maxlen: 40
2a05:fdc0:2200::/40 maxlen: 40
2a05:fdc0:2100::/40 maxlen: 40
2a05:fdc2:1000::/36 maxlen: 36
2a05:fdc2:3000::/36 maxlen: 36
2a05:fdc2:4000::/36 maxlen: 36
2a05:fdc2:9000::/36 maxlen: 36
2a05:fdc2:6000::/36 maxlen: 36
2a05:fdc2:8000::/36 maxlen: 36
2a05:fdc2::/32 maxlen: 32
2a05:fdc2:2000::/36 maxlen: 36
2a05:fdc2:5000::/36 maxlen: 36
2a05:fdc2:7000::/36 maxlen: 36
2a05:fdc0::/29 maxlen: 29
2a05:fdc1::/32 maxlen: 32
2a05:fdc0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Dec 2023 12:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:c7:a4:dd:25:44:cf:a8:76:68:c9:29:ff:7f:c8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Validity
Not Before: Dec 14 10:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3af921910dbd02981329cf29eef2a164f1c59153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:6a:82:c2:bd:c0:38:5e:3b:f8:55:7c:da:
8a:d4:64:2e:71:4a:d5:e9:9c:34:28:65:06:aa:3d:
7b:a7:45:5c:3d:5d:00:6b:b8:93:9a:ef:72:6f:dd:
89:c7:c2:5c:aa:59:c2:72:70:b8:5b:22:dc:5f:c2:
2b:d9:cc:e2:0e:12:27:3e:87:a4:9d:9d:e5:b7:e5:
be:76:88:78:2f:48:10:7d:5f:cb:16:18:b3:09:2c:
99:5b:71:1e:6d:82:29:b6:f9:39:07:83:aa:16:70:
72:df:74:6a:2a:a0:7d:a8:f4:47:22:57:40:6f:28:
14:19:4f:8c:f2:34:cd:f9:8c:5e:4b:6c:a3:eb:97:
d8:ae:d2:f4:51:49:8d:36:10:a5:16:51:c2:ad:82:
78:c7:ac:16:28:99:f4:50:31:37:83:33:16:5e:c9:
87:c1:33:ab:c9:38:22:64:9f:dc:e8:8f:e3:f3:c3:
a6:f9:84:24:1e:b4:3c:3e:f1:48:a8:a0:fc:24:a6:
98:16:b3:13:4e:3f:38:0f:c4:93:f8:de:aa:f2:9f:
e4:04:5e:db:46:60:66:71:07:30:78:18:e5:ba:f7:
27:49:50:88:79:b6:22:87:c9:1a:b7:55:ba:24:9f:
dc:1a:f6:39:3c:a6:bc:04:10:3b:97:ec:90:a2:5a:
02:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F9:21:91:0D:BD:02:98:13:29:CF:29:EE:F2:A1:64:F1:C5:91:53
X509v3 Authority Key Identifier:
keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/OvkhkQ29ApgTKc8p7vKhZPHFkVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.106.0.0/16
185.171.144.0/22
217.24.240.0/20
IPv6:
2a05:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
40:f3:c6:54:6b:6a:5f:78:e8:c6:21:5b:bb:72:b0:4d:1d:a9:
69:9c:0a:e3:99:b0:ca:4f:f8:bd:01:d0:41:bb:c5:51:fd:a0:
90:9a:48:8f:3c:48:d3:7f:0c:ed:a3:8a:98:42:04:cf:9c:4c:
eb:04:c2:5b:b7:d3:b3:0b:4e:a5:e2:2c:d1:ac:92:99:a5:d8:
02:6e:44:98:27:67:b2:71:62:e1:7f:c0:f9:44:7a:9d:bf:ec:
0f:8a:12:b3:f6:73:3d:63:1c:27:25:4f:21:f9:9f:09:a5:f9:
52:33:84:57:7b:74:b8:b1:24:fd:29:9b:55:28:7a:6a:74:df:
5f:70:36:4e:a9:00:23:ac:fb:0c:50:89:6d:8e:e9:b9:85:57:
ca:11:63:7b:bb:8c:17:07:15:04:f6:b6:e5:7f:ee:b6:4e:eb:
8e:19:f3:be:be:29:be:6c:40:03:5c:5a:11:7e:dd:0d:bd:f4:
75:8c:d3:b8:83:c9:bc:b4:5b:1d:83:de:06:91:ee:14:8b:08:
b5:c3:d8:06:7b:94:ca:c2:a3:b1:71:fe:03:13:42:d0:d3:9d:
da:fb:ee:f1:03:e2:96:f4:2d:49:ac:b4:3b:e1:35:60:cb:4d:
e3:bd:9d:46:30:a9:82:cd:26:5e:bd:7e:ae:df:eb:9e:df:ec:
6f:c2:c6:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYxnx6TdJUTPqHZoySn/f8goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjMxMjE0MTAwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY5MjE5MTBkYmQwMjk4MTMyOWNmMjllZWYyYTE2NGYxYzU5MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHBqgsK9wDheO/hVfNqK1GQucUrV
6Zw0KGUGqj17p0VcPV0Aa7iTmu9yb92Jx8JcqlnCcnC4WyLcX8Ir2cziDhInPoek
nZ3lt+W+doh4L0gQfV/LFhizCSyZW3EebYIptvk5B4OqFnBy33RqKqB9qPRHIldA
bygUGU+M8jTN+YxeS2yj65fYrtL0UUmNNhClFlHCrYJ4x6wWKJn0UDE3gzMWXsmH
wTOryTgiZJ/c6I/j88Om+YQkHrQ8PvFIqKD8JKaYFrMTTj84D8ST+N6q8p/kBF7b
RmBmcQcweBjluvcnSVCIebYih8kat1W6JJ/cGvY5PKa8BBA7l+yQoloClwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDr5IZENvQKYEynPKe7yoWTxxZFTMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvT3ZraGtRMjlBcGdUS2M4cDd2S2haUEhGa1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAT2oDBAK5
q5ADBATZGPAwDQQCAAIwBwMFAyoF/cAwDQYJKoZIhvcNAQELBQADggEBAEDzxlRr
al946MYhW7tysE0dqWmcCuOZsMpP+L0B0EG7xVH9oJCaSI88SNN/DO2jiphCBM+c
TOsEwlu307MLTqXiLNGskpml2AJuRJgnZ7JxYuF/wPlEep2/7A+KErP2cz1jHCcl
TyH5nwml+VIzhFd7dLixJP0pm1Uoemp0319wNk6pACOs+wxQiW2O6bmFV8oRY3u7
jBcHFQT2tuV/7rZO644Z876+Kb5sQANcWhF+3Q299HWM07iDyby0Wx2D3gaR7hSL
CLXD2AZ7lMrCo7Fx/gMTQtDTndr77vED4pb0LUmstDvhNWDLTeO9nUYwqYLNJl69
fq7f657f7G/Cxq8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org