Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/OOjpqjMimLK1L5KI0-Uasz2KpU0.roa
File: OOjpqjMimLK1L5KI0-Uasz2KpU0.roa (raw, json)
Hash identifier: sKXIetibg45mBPVxWMRCA2cbU48FSOB0rFq/F8EAueI=
Subject key identifier: 38:E8:E9:AA:33:22:98:B2:B5:2F:92:88:D3:E5:1A:B3:3D:8A:A5:4D
Certificate issuer: /CN=cdf68ec127fb32c679218afc76e1b6eaa59521bb
Certificate serial: 01856C1CBAB08FE5AE54150EF356A13860E6
Authority key identifier: CD:F6:8E:C1:27:FB:32:C6:79:21:8A:FC:76:E1:B6:EA:A5:95:21:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfaOwSf7MsZ5IYr8duG26qWVIbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/OOjpqjMimLK1L5KI0-Uasz2KpU0.roa
Signing time: Sun 01 Jan 2023 06:55:00 +0000
ROA not before: Sun 01 Jan 2023 06:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8678
IP address blocks: 185.22.248.0/22 maxlen: 22
5.23.120.0/21 maxlen: 21
46.182.64.0/21 maxlen: 21
92.61.0.0/20 maxlen: 20
80.251.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:ba:b0:8f:e5:ae:54:15:0e:f3:56:a1:38:60:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf68ec127fb32c679218afc76e1b6eaa59521bb
Validity
Not Before: Jan 1 06:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38e8e9aa332298b2b52f9288d3e51ab33d8aa54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:5d:fe:98:dd:67:bf:16:39:db:49:a1:28:
12:13:b5:28:05:fb:a1:ab:ce:93:cd:bd:b2:c9:c7:
02:00:dc:b4:3e:63:06:16:95:c4:00:15:49:58:6e:
c9:11:dc:c8:2a:74:41:3d:81:d3:87:aa:82:70:94:
67:cf:c8:02:36:18:aa:94:cc:35:f0:ec:16:b9:be:
77:c5:2c:fb:53:28:00:5d:20:ef:48:63:f2:30:27:
eb:80:3f:a5:5c:60:c8:21:28:a0:5b:e2:f6:ab:64:
5d:4e:c3:c1:d1:4e:26:cc:6c:8f:5a:dd:01:73:96:
06:6e:29:93:43:4f:0e:50:8e:66:2d:e6:94:ec:b7:
7a:d4:cd:d3:a4:f5:48:5f:4c:36:36:79:7d:29:84:
c2:1a:d2:43:98:10:8b:d0:a4:07:81:2b:f6:41:5f:
26:ba:39:50:7e:0a:4e:a3:a7:04:5b:4e:f3:c1:4c:
bf:dd:b5:74:2c:70:2c:62:cd:cb:81:48:79:a8:67:
e1:10:c9:99:da:25:73:7e:f7:41:5d:10:ac:f1:23:
05:3e:83:fa:af:40:ea:1c:1b:97:2e:4e:e6:b8:91:
e7:65:3e:73:44:a7:be:9f:92:0d:7c:79:1a:62:25:
bc:a4:eb:8e:0c:45:b2:59:dc:35:6e:0a:3e:f8:36:
58:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E8:E9:AA:33:22:98:B2:B5:2F:92:88:D3:E5:1A:B3:3D:8A:A5:4D
X509v3 Authority Key Identifier:
keyid:CD:F6:8E:C1:27:FB:32:C6:79:21:8A:FC:76:E1:B6:EA:A5:95:21:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfaOwSf7MsZ5IYr8duG26qWVIbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/OOjpqjMimLK1L5KI0-Uasz2KpU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/zfaOwSf7MsZ5IYr8duG26qWVIbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.120.0/21
46.182.64.0/21
80.251.32.0/20
92.61.0.0/20
185.22.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:6a:56:52:14:c8:3f:68:13:f4:13:7d:01:1b:53:f2:f5:7d:
bc:6c:6c:6b:85:41:61:6f:cd:2f:b0:a7:1d:9b:bb:b7:e6:4d:
8b:15:c1:93:32:53:13:5e:32:d3:c1:4f:7f:4e:a7:e3:c2:5a:
d5:c1:fa:ca:e4:52:76:5f:2d:c3:85:d1:0c:05:ad:db:fd:03:
c1:1b:1d:69:d7:51:7a:51:e0:cf:ef:7c:4b:60:e4:0a:ab:61:
18:e0:ff:dc:e1:bb:26:38:d3:1e:df:7c:40:74:36:88:39:54:
1e:4d:6d:0a:88:9f:42:09:71:0f:05:b2:c6:fa:22:ec:8c:1d:
8e:07:09:1e:56:95:8d:7e:46:10:ad:bf:c6:a8:e2:b9:35:fe:
1b:17:6b:ad:11:c7:93:4e:dd:fb:50:2f:8d:2b:25:35:d9:27:
45:bc:26:d1:1d:7a:8d:75:34:6f:12:1b:df:6d:e6:6f:3b:e9:
2f:45:55:b0:23:bb:06:b7:ff:a3:f8:ca:92:f3:67:06:70:b3:
24:95:c4:a2:9b:63:3d:eb:7b:e4:68:7c:d8:81:c9:2b:8a:95:
c0:b0:30:36:9a:f7:71:a8:83:2d:fc:80:7f:4a:f4:54:bb:0a:
70:ee:c1:2c:88:6e:c2:19:5c:56:2d:8f:06:dc:9c:87:0d:5e:
ca:ca:5d:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsHLqwj+WuVBUO81ahOGDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjY4ZWMxMjdmYjMyYzY3OTIxOGFmYzc2ZTFiNmVhYTU5
NTIxYmIwHhcNMjMwMTAxMDY1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU4ZTlhYTMzMjI5OGIyYjUyZjkyODhkM2U1MWFiMzNkOGFhNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaJd/pjdZ78WOdtJoSgSE7UoBfuh
q86Tzb2yyccCANy0PmMGFpXEABVJWG7JEdzIKnRBPYHTh6qCcJRnz8gCNhiqlMw1
8OwWub53xSz7UygAXSDvSGPyMCfrgD+lXGDIISigW+L2q2RdTsPB0U4mzGyPWt0B
c5YGbimTQ08OUI5mLeaU7Ld61M3TpPVIX0w2Nnl9KYTCGtJDmBCL0KQHgSv2QV8m
ujlQfgpOo6cEW07zwUy/3bV0LHAsYs3LgUh5qGfhEMmZ2iVzfvdBXRCs8SMFPoP6
r0DqHBuXLk7muJHnZT5zRKe+n5INfHkaYiW8pOuODEWyWdw1bgo++DZYlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDjo6aozIpiytS+SiNPlGrM9iqVNMB8GA1UdIwQY
MBaAFM32jsEn+zLGeSGK/HbhtuqllSG7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZhT3dTZjdNc1o1SVlyOGR1RzI2cVdWSWJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wODM3N2YtZjIzMi00NGIwLWEzYjUt
OTgyNDZhNGNiNmY4LzEvT09qcHFqTWltTEsxTDVLSTAtVWFzejJLcFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wODM3N2YtZjIzMi00NGIwLWEzYjUtOTgyNDZhNGNiNmY4
LzEvemZhT3dTZjdNc1o1SVlyOGR1RzI2cVdWSWJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBRd4AwQD
LrZAAwQEUPsgAwQEXD0AAwQCuRb4MA0GCSqGSIb3DQEBCwUAA4IBAQCMalZSFMg/
aBP0E30BG1Py9X28bGxrhUFhb80vsKcdm7u35k2LFcGTMlMTXjLTwU9/TqfjwlrV
wfrK5FJ2Xy3DhdEMBa3b/QPBGx1p11F6UeDP73xLYOQKq2EY4P/c4bsmONMe33xA
dDaIOVQeTW0KiJ9CCXEPBbLG+iLsjB2OBwkeVpWNfkYQrb/GqOK5Nf4bF2utEceT
Tt37UC+NKyU12SdFvCbRHXqNdTRvEhvfbeZvO+kvRVWwI7sGt/+j+MqS82cGcLMk
lcSim2M963vkaHzYgckripXAsDA2mvdxqIMt/IB/SvRUuwpw7sEsiG7CGVxWLY8G
3JyHDV7Kyl2P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:43 2024 by rpki-client on console-ams.rpki-client.org