Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/OM05qugV7UJXOdbDd4zzSwgzm3E.roa
File: OM05qugV7UJXOdbDd4zzSwgzm3E.roa (raw, json)
Hash identifier: JzhuqLzawm2CiyFBEJ6L29meuAWwkeNseQOiaQfEESY=
Subject key identifier: 38:CD:39:AA:E8:15:ED:42:57:39:D6:C3:77:8C:F3:4B:08:33:9B:71
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 01856F1D9FD69714C29883C744858C30AF73
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/OM05qugV7UJXOdbDd4zzSwgzm3E.roa
Signing time: Sun 01 Jan 2023 20:54:50 +0000
ROA not before: Sun 01 Jan 2023 20:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197308
IP address blocks: 193.108.4.0/24 maxlen: 24
193.108.2.0/23 maxlen: 23
193.108.0.0/24 maxlen: 24
193.108.1.0/24 maxlen: 24
193.108.6.0/24 maxlen: 24
193.108.5.0/24 maxlen: 24
213.180.64.0/19 maxlen: 19
81.91.0.0/20 maxlen: 20
5.179.112.0/21 maxlen: 21
176.57.88.0/22 maxlen: 22
185.27.240.0/22 maxlen: 22
185.21.144.0/22 maxlen: 22
31.216.32.0/21 maxlen: 21
2a03:2f80::/32 maxlen: 32
2a00:5860::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9f:d6:97:14:c2:98:83:c7:44:85:8c:30:af:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Jan 1 20:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38cd39aae815ed425739d6c3778cf34b08339b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ef:a9:f9:dd:1b:b1:43:96:43:f3:3d:dd:dd:
3b:66:54:1a:86:b1:21:33:c7:01:e0:18:a0:33:5c:
49:bf:4d:47:81:b6:19:b8:9a:10:5f:70:6a:92:73:
01:8f:fe:85:6a:36:6d:98:39:c7:a6:75:7d:72:04:
2c:6a:af:49:0d:21:97:34:f5:8f:64:b5:b7:2c:5a:
43:51:c2:e9:82:ae:33:07:1f:ba:9a:14:15:a7:18:
ff:1d:b0:a3:a7:7a:f8:d7:61:fc:cb:d9:12:71:1a:
b1:28:c9:63:df:93:36:bc:9e:59:8a:f0:88:23:b3:
ee:3e:49:79:e0:05:0d:05:aa:25:b8:78:46:b6:b8:
bd:10:22:f4:24:62:e6:a1:42:f1:29:e8:68:20:fe:
7d:96:31:52:6b:bb:18:ad:00:c6:06:8f:2a:40:09:
3c:9d:7d:bb:2c:9b:f6:b7:a1:eb:77:23:0e:51:fa:
cd:2f:19:a3:74:9d:0e:9c:fa:6f:5d:fa:b1:29:27:
2f:6a:56:59:ee:cd:27:e9:b1:41:a4:b7:59:2c:19:
90:49:b5:d0:69:9f:b5:54:53:d9:8b:47:6c:bd:55:
50:96:2c:82:5b:94:cc:20:a1:21:e5:96:b1:c8:d2:
d6:f3:7f:fe:bd:e5:ab:01:67:18:fb:05:64:9d:97:
00:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CD:39:AA:E8:15:ED:42:57:39:D6:C3:77:8C:F3:4B:08:33:9B:71
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/OM05qugV7UJXOdbDd4zzSwgzm3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.112.0/21
31.216.32.0/21
81.91.0.0/20
176.57.88.0/22
185.21.144.0/22
185.27.240.0/22
193.108.0.0-193.108.6.255
213.180.64.0/19
IPv6:
2a00:5860::/32
2a03:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
25:9e:90:22:93:d3:65:44:75:1b:6d:e3:f9:4a:e7:05:5f:c7:
78:fd:ce:8b:25:05:18:8e:fc:0c:5f:33:8f:5d:fc:cd:04:85:
8a:25:6a:f1:43:6d:aa:d0:0f:b5:b7:2a:fc:dc:1a:df:a1:da:
d5:81:f6:4f:2e:62:25:43:c2:06:12:55:be:2d:52:41:3b:a5:
40:88:31:62:19:85:6a:db:1b:50:5a:04:47:c5:8b:bf:cb:67:
e6:aa:f9:fc:fb:df:b9:1b:60:5d:e7:47:9e:e1:89:b9:16:f1:
29:7a:94:b4:7d:d7:11:b6:4e:db:fb:71:0e:bd:3f:34:75:48:
c6:f5:45:82:8c:5f:91:16:2d:d6:74:4b:f6:3b:8c:71:d2:9a:
e7:92:c5:13:b7:ac:c7:64:d6:99:04:8d:c3:ce:f3:fd:b6:85:
e0:25:8c:33:a1:79:0c:24:90:07:e3:9d:a9:fe:29:57:2a:bb:
87:81:a2:ad:11:6f:38:e4:58:3a:b0:19:39:35:3f:83:15:b5:
b8:d3:f1:79:90:f6:1f:16:c2:67:b5:f9:57:48:4a:89:85:0a:
e5:7f:6c:bd:79:e2:0a:08:b8:91:72:4b:86:af:00:9f:4d:31:
e9:29:77:97:ac:3d:42:5e:b7:7d:8c:4c:f9:c8:c1:25:e5:78:
91:12:01:cb
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVvHZ/WlxTCmIPHRIWMMK9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjM2OWUyNzA1Y2I0MzNkYjA2NThhYjY2NmQwOGI2N2Ix
NTUxZGMwHhcNMjMwMTAxMjA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNkMzlhYWU4MTVlZDQyNTczOWQ2YzM3NzhjZjM0YjA4MzM5YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne+p+d0bsUOWQ/M93d07ZlQahrEh
M8cB4BigM1xJv01HgbYZuJoQX3BqknMBj/6FajZtmDnHpnV9cgQsaq9JDSGXNPWP
ZLW3LFpDUcLpgq4zBx+6mhQVpxj/HbCjp3r412H8y9kScRqxKMlj35M2vJ5ZivCI
I7PuPkl54AUNBaoluHhGtri9ECL0JGLmoULxKehoIP59ljFSa7sYrQDGBo8qQAk8
nX27LJv2t6HrdyMOUfrNLxmjdJ0OnPpvXfqxKScvalZZ7s0n6bFBpLdZLBmQSbXQ
aZ+1VFPZi0dsvVVQliyCW5TMIKEh5ZaxyNLW83/+veWrAWcY+wVknZcAmQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDjNOaroFe1CVznWw3eM80sIM5txMB8GA1UdIwQY
MBaAFAZjaeJwXLQz2wZYq2ZtCLZ7FVHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAt
MzRhOWU5OGE1Zjg2LzEvT00wNXF1Z1Y3VUpYT2RiRGQ0enpTd2d6bTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAtMzRhOWU5OGE1Zjg2
LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA9BAIAATA3AwQDBbNwAwQD
H9ggAwQEUVsAAwQCsDlYAwQCuRWQAwQCuRvwMAsDAwLBbAMEAMFsBgMEBdW0QDAU
BAIAAjAOAwUAKgBYYAMFACoDL4AwDQYJKoZIhvcNAQELBQADggEBACWekCKT02VE
dRtt4/lK5wVfx3j9zoslBRiO/AxfM49d/M0EhYolavFDbarQD7W3KvzcGt+h2tWB
9k8uYiVDwgYSVb4tUkE7pUCIMWIZhWrbG1BaBEfFi7/LZ+aq+fz737kbYF3nR57h
ibkW8Sl6lLR91xG2Ttv7cQ69PzR1SMb1RYKMX5EWLdZ0S/Y7jHHSmueSxRO3rMdk
1pkEjcPO8/22heAljDOheQwkkAfjnan+KVcqu4eBoq0RbzjkWDqwGTk1P4MVtbjT
8XmQ9h8Wwme1+VdISomFCuV/bL154goIuJFyS4avAJ9NMekpd5esPUJet32MTPnI
wSXleJESAcs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:39:58 2024 by rpki-client on console-ams.rpki-client.org