Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/OvLwgoj_TAnZHDpmkHyexgGEask.roa
File: OvLwgoj_TAnZHDpmkHyexgGEask.roa (raw, json)
Hash identifier: Qxe7ZOx382JXShQrTRdFMM0nR1CcLOaia+Isd8um6Z8=
Subject key identifier: 3A:F2:F0:82:88:FF:4C:09:D9:1C:3A:66:90:7C:9E:C6:01:84:6A:C9
Certificate issuer: /CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Certificate serial: 01856D663132C26BF142437CD744702ABBA3
Authority key identifier: 0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/OvLwgoj_TAnZHDpmkHyexgGEask.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198641
IP address blocks: 185.58.230.0/24 maxlen: 24
185.58.231.0/24 maxlen: 24
185.58.228.0/24 maxlen: 24
185.58.229.0/24 maxlen: 24
37.205.40.0/24 maxlen: 24
37.205.40.0/22 maxlen: 22
37.205.44.0/24 maxlen: 24
37.205.40.0/21 maxlen: 21
37.205.42.0/24 maxlen: 24
37.205.46.0/24 maxlen: 24
37.205.45.0/24 maxlen: 24
2a02:4220::/32 maxlen: 128
Validation: Failed, certificate revoked on Fri 01 Sep 2023 13:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:31:32:c2:6b:f1:42:43:7c:d7:44:70:2a:bb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3af2f08288ff4c09d91c3a66907c9ec601846ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:71:56:8e:65:9a:f7:a2:b7:d9:47:89:18:a0:
2e:21:c1:63:36:13:99:35:09:c8:4f:9b:06:39:c1:
76:c6:7b:70:e3:ee:ac:58:d5:df:01:c6:da:53:c5:
e9:3e:2b:da:57:74:94:9a:9e:ca:8b:9d:73:72:c0:
32:be:9f:5f:de:7f:34:f7:f3:9d:1d:40:a7:2e:84:
e2:7b:b2:55:f1:6f:08:e1:f9:8f:1b:8c:66:53:31:
7b:c7:c4:9e:34:dc:45:5e:d7:8e:45:fe:71:7a:46:
44:07:1d:54:f6:14:29:20:ec:b9:bb:cd:bd:c0:50:
ca:b4:34:5a:3f:ed:bb:4a:18:7a:94:bc:98:00:25:
30:bb:8d:f7:44:fa:82:47:51:a3:a5:99:4c:c4:b8:
87:5b:a2:f3:ca:32:04:9b:5b:0c:0d:77:62:99:87:
5c:37:32:b9:7c:1c:f5:ab:a4:2a:d0:49:4b:f1:cb:
73:6f:2f:66:06:e9:44:a9:09:39:9c:1b:be:79:ad:
92:1b:27:c1:9e:7b:8d:d0:a6:99:7c:a8:49:31:ce:
5c:c7:56:ae:f2:4a:3e:2c:b2:79:46:0c:af:b7:0a:
d5:a8:1d:de:8f:7c:e4:da:22:28:ce:4b:15:8b:e9:
b2:15:8c:cd:ba:1b:e5:96:93:e6:53:18:b4:42:9d:
b9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F2:F0:82:88:FF:4C:09:D9:1C:3A:66:90:7C:9E:C6:01:84:6A:C9
X509v3 Authority Key Identifier:
keyid:0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/OvLwgoj_TAnZHDpmkHyexgGEask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.40.0/21
185.58.228.0/22
IPv6:
2a02:4220::/32
Signature Algorithm: sha256WithRSAEncryption
63:c9:2a:5a:b8:c8:13:0e:42:3b:1c:3c:79:32:bf:45:e9:11:
dc:c1:40:95:8d:ac:06:fe:c5:c7:be:5d:54:26:2f:6d:61:9a:
8c:5d:e3:02:57:4d:48:3b:89:9f:da:f1:71:25:f2:73:19:4e:
5f:bb:c6:c8:c0:03:c2:40:ef:ff:8a:33:46:e6:fb:15:68:3b:
2b:cd:25:52:0d:79:84:6b:5a:ab:5d:d7:b7:f8:e9:50:50:66:
33:aa:b6:cc:f4:df:db:4d:f1:3c:e5:97:ec:22:cd:0a:09:7f:
12:a5:fe:a2:b9:45:45:6d:62:63:77:9c:4f:88:7c:d2:d8:3b:
97:54:5b:d5:d2:c3:80:d5:c3:83:7f:db:ab:8d:c5:97:8e:22:
24:d0:45:13:99:6a:a7:73:4b:d7:12:30:48:bd:d1:10:b0:00:
ae:4b:f6:b4:be:a4:12:3a:bc:88:d4:00:ec:e7:f3:c0:38:70:
0e:b7:60:08:79:93:33:ee:77:81:e9:4b:e5:4d:d9:52:66:c2:
47:c6:d3:31:2e:7b:f8:f4:70:8e:e8:18:c2:ba:aa:3f:88:6a:
fc:66:9d:01:ba:3d:b9:50:a1:16:b6:fe:32:aa:53:b3:36:ee:
ba:c2:12:d6:c5:30:c1:92:eb:1e:af:52:d8:23:28:22:4f:8c:
4b:ff:5e:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtZjEywmvxQkN810RwKrujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjY2U4ODMyZDAyOTQ5ODAxZjExOThlOWQxM2JiMThlZDU4
MzJkMGMwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWYyZjA4Mjg4ZmY0YzA5ZDkxYzNhNjY5MDdjOWVjNjAxODQ2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHFWjmWa96K32UeJGKAuIcFjNhOZ
NQnIT5sGOcF2xntw4+6sWNXfAcbaU8XpPivaV3SUmp7Ki51zcsAyvp9f3n809/Od
HUCnLoTie7JV8W8I4fmPG4xmUzF7x8SeNNxFXteORf5xekZEBx1U9hQpIOy5u829
wFDKtDRaP+27Shh6lLyYACUwu433RPqCR1GjpZlMxLiHW6LzyjIEm1sMDXdimYdc
NzK5fBz1q6Qq0ElL8ctzby9mBulEqQk5nBu+ea2SGyfBnnuN0KaZfKhJMc5cx1au
8ko+LLJ5RgyvtwrVqB3ej3zk2iIozksVi+myFYzNuhvllpPmUxi0Qp25/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDry8IKI/0wJ2Rw6ZpB8nsYBhGrJMB8GA1UdIwQY
MBaAFAzOiDLQKUmAHxGY6dE7sY7Vgy0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzkt
NWUwYWZlYzEzNmIxLzEvT3ZMd2dval9UQW5aSERwbWtIeWV4Z0dFYXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzktNWUwYWZlYzEzNmIx
LzEvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJc0oAwQC
uTrkMA0EAgACMAcDBQAqAkIgMA0GCSqGSIb3DQEBCwUAA4IBAQBjySpauMgTDkI7
HDx5Mr9F6RHcwUCVjawG/sXHvl1UJi9tYZqMXeMCV01IO4mf2vFxJfJzGU5fu8bI
wAPCQO//ijNG5vsVaDsrzSVSDXmEa1qrXde3+OlQUGYzqrbM9N/bTfE85ZfsIs0K
CX8Spf6iuUVFbWJjd5xPiHzS2DuXVFvV0sOA1cODf9urjcWXjiIk0EUTmWqnc0vX
EjBIvdEQsACuS/a0vqQSOryI1ADs5/PAOHAOt2AIeZMz7neB6UvlTdlSZsJHxtMx
Lnv49HCO6BjCuqo/iGr8Zp0Buj25UKEWtv4yqlOzNu66whLWxTDBkuser1LYIygi
T4xL/15T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:55 2024 by rpki-client on console-ams.rpki-client.org