Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/olTlMZ3dQQrZp_pooIl-ee9faG4.roa
File: olTlMZ3dQQrZp_pooIl-ee9faG4.roa (raw, json)
Hash identifier: 3F5guiSsuB6ia2huPjFG6591kzhm5uvqjfvk5RpbNtg=
Subject key identifier: A2:54:E5:31:9D:DD:41:0A:D9:A7:FA:68:A0:89:7E:79:EF:5F:68:6E
Certificate issuer: /CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Certificate serial: 01877AFC5290480627957EF6031C7C0855F7
Authority key identifier: 27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/olTlMZ3dQQrZp_pooIl-ee9faG4.roa
Signing time: Thu 13 Apr 2023 14:19:29 +0000
ROA not before: Thu 13 Apr 2023 14:19:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205741
IP address blocks: 185.141.67.0/24 maxlen: 24
185.141.66.0/24 maxlen: 24
185.141.65.0/24 maxlen: 24
185.207.209.0/24 maxlen: 24
185.207.211.0/24 maxlen: 24
185.207.208.0/24 maxlen: 24
185.207.210.0/24 maxlen: 24
185.207.208.0/22 maxlen: 22
185.141.64.0/24 maxlen: 24
185.141.64.0/22 maxlen: 22
2a0b:2c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 18 Dec 2023 10:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:fc:52:90:48:06:27:95:7e:f6:03:1c:7c:08:55:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Validity
Not Before: Apr 13 14:19:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a254e5319ddd410ad9a7fa68a0897e79ef5f686e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:69:20:5a:9a:f4:70:70:aa:8d:96:86:ec:
b0:3e:19:4e:dd:6a:ae:a0:9e:fa:2c:20:81:2c:da:
c9:36:b4:1b:8e:9d:74:80:83:e8:14:87:a1:ff:00:
ff:a4:76:91:6d:01:3e:00:d1:fc:b3:06:cf:db:c5:
fa:78:46:ca:31:3b:ba:b6:ac:dc:32:4c:de:ae:60:
21:0e:0d:2e:e2:83:31:3f:e7:9e:7d:f4:a3:62:af:
8a:58:8c:a1:66:1b:8a:29:fb:fb:9d:ad:56:87:a9:
99:52:55:1e:95:d1:f4:e1:47:cc:ed:88:4a:06:1a:
1b:28:e5:2c:78:6b:00:6a:08:df:94:b3:df:40:3a:
cf:a3:c2:1d:5d:ec:e9:10:97:1a:9c:f1:dd:e2:84:
39:14:5a:c0:9d:58:cd:05:15:b5:9e:65:d7:bd:3d:
12:24:77:79:28:fb:21:37:3f:5c:a3:31:a7:5e:6e:
92:af:31:63:40:74:56:a8:e9:87:b7:4c:ec:09:bc:
2d:33:03:1d:05:38:8e:f6:33:23:2b:a7:ad:f8:0c:
31:5b:10:0c:6c:d2:ed:8d:dc:e4:af:8b:3d:d8:ed:
52:b7:6b:17:92:ec:d2:40:4e:d5:f6:ef:d0:6c:a6:
f9:eb:2b:f4:05:86:df:28:27:a2:c8:4a:f1:0e:d0:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:54:E5:31:9D:DD:41:0A:D9:A7:FA:68:A0:89:7E:79:EF:5F:68:6E
X509v3 Authority Key Identifier:
keyid:27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/olTlMZ3dQQrZp_pooIl-ee9faG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/J49i86X4RyKFL8cPBSzxPeojdNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.64.0/22
185.207.208.0/22
IPv6:
2a0b:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
7c:b0:b2:f1:30:ce:d8:dd:00:77:cb:ba:bb:f2:43:a5:3e:0a:
b0:f5:52:25:78:17:98:53:a6:ac:0a:f2:9e:e9:25:3a:68:68:
98:73:ea:22:c5:a7:b6:7c:42:fa:50:d8:d3:79:8c:9e:79:3b:
50:6d:fd:b4:f8:5d:d9:20:f2:de:9c:80:19:86:e7:62:60:74:
6e:97:b5:40:c9:de:ac:79:43:1f:b4:cb:e7:ed:37:1a:c2:de:
d5:ce:6d:a1:e9:1a:a9:00:4e:63:ac:96:79:ee:df:31:3d:dc:
ba:0b:27:eb:aa:da:21:0c:47:68:9c:4b:3d:19:bf:e4:fd:72:
18:45:ee:68:31:0c:35:5b:16:05:e9:b4:d2:2b:65:66:d6:ff:
1c:e6:00:40:62:fb:2d:a9:f8:eb:b2:87:b4:16:fd:23:d6:80:
7d:01:ec:af:86:9e:60:b5:f7:43:6a:72:6a:51:76:d2:f2:22:
d9:12:cb:f4:de:3e:58:0a:bd:fc:86:3e:f1:5d:91:b1:e2:9c:
8c:f0:a1:38:0b:f1:44:08:93:43:e7:4a:28:49:07:a5:65:36:
be:6f:1c:93:69:b9:9c:6c:1b:66:e1:03:81:51:d2:43:5f:da:
f1:c4:59:a5:df:21:80:67:6c:0e:6d:8b:9d:5f:12:35:12:25:
03:55:27:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYd6/FKQSAYnlX72Axx8CFX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OGY2MmYzYTVmODQ3MjI4NTJmYzcwZjA1MmNmMTNkZWEy
Mzc0ZDAwHhcNMjMwNDEzMTQxOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjU0ZTUzMTlkZGQ0MTBhZDlhN2ZhNjhhMDg5N2U3OWVmNWY2ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu1pIFqa9HBwqo2WhuywPhlO3Wqu
oJ76LCCBLNrJNrQbjp10gIPoFIeh/wD/pHaRbQE+ANH8swbP28X6eEbKMTu6tqzc
MkzermAhDg0u4oMxP+eeffSjYq+KWIyhZhuKKfv7na1Wh6mZUlUeldH04UfM7YhK
BhobKOUseGsAagjflLPfQDrPo8IdXezpEJcanPHd4oQ5FFrAnVjNBRW1nmXXvT0S
JHd5KPshNz9cozGnXm6SrzFjQHRWqOmHt0zsCbwtMwMdBTiO9jMjK6et+AwxWxAM
bNLtjdzkr4s92O1St2sXkuzSQE7V9u/QbKb56yv0BYbfKCeiyErxDtBNDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKJU5TGd3UEK2af6aKCJfnnvX2huMB8GA1UdIwQY
MBaAFCePYvOl+EcihS/HDwUs8T3qI3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3Njgt
NTM1YmY5YjFlOGI3LzEvb2xUbE1aM2RRUXJacF9wb29JbC1lZTlmYUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3NjgtNTM1YmY5YjFlOGI3
LzEvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuY1AAwQC
uc/QMA0EAgACMAcDBQMqCyxAMA0GCSqGSIb3DQEBCwUAA4IBAQB8sLLxMM7Y3QB3
y7q78kOlPgqw9VIleBeYU6asCvKe6SU6aGiYc+oixae2fEL6UNjTeYyeeTtQbf20
+F3ZIPLenIAZhudiYHRul7VAyd6seUMftMvn7Tcawt7Vzm2h6RqpAE5jrJZ57t8x
Pdy6CyfrqtohDEdonEs9Gb/k/XIYRe5oMQw1WxYF6bTSK2Vm1v8c5gBAYvstqfjr
soe0Fv0j1oB9Aeyvhp5gtfdDanJqUXbS8iLZEsv03j5YCr38hj7xXZGx4pyM8KE4
C/FECJND50ooSQelZTa+bxyTabmcbBtm4QOBUdJDX9rxxFml3yGAZ2wObYudXxI1
EiUDVSdf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org