Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OLLTb-ix4JdZdwYW2ypuSpKP-Q4.roa
File: OLLTb-ix4JdZdwYW2ypuSpKP-Q4.roa (raw, json)
Hash identifier: Bn14TtJNh5tr/uCLszDnDijt7wbeI9T2l4BciwgAs/U=
Subject key identifier: 38:B2:D3:6F:E8:B1:E0:97:59:77:06:16:DB:2A:6E:4A:92:8F:F9:0E
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 01896FFF41DA037655C5526C6BA9A40BFD6A
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OLLTb-ix4JdZdwYW2ypuSpKP-Q4.roa
Signing time: Wed 19 Jul 2023 21:12:26 +0000
ROA not before: Wed 19 Jul 2023 21:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 5.252.20.0/24 maxlen: 24
5.252.23.0/24 maxlen: 24
5.252.22.0/24 maxlen: 24
5.252.21.0/24 maxlen: 24
45.83.180.0/22 maxlen: 24
2.58.124.0/22 maxlen: 24
45.150.110.0/23 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Aug 2023 14:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6f:ff:41:da:03:76:55:c5:52:6c:6b:a9:a4:0b:fd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 19 21:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38b2d36fe8b1e09759770616db2a6e4a928ff90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:d0:1b:c9:f7:de:92:f0:fe:68:bc:23:de:
b3:44:12:ad:36:04:cc:a7:9a:f3:6f:27:52:ab:96:
6b:9e:90:ac:54:16:58:1c:18:ed:75:bc:fd:6a:54:
a5:78:3b:fc:b5:cb:48:bd:16:38:88:61:91:89:8c:
76:33:ff:7c:60:4a:11:47:a5:1d:54:05:32:98:39:
24:e1:c5:b0:b8:d3:28:29:2b:52:28:49:fe:81:7d:
b0:b0:05:8b:b1:04:2d:b6:ae:c7:be:f7:fe:13:c3:
d0:c7:29:d8:73:db:0e:33:22:6e:02:53:37:84:9c:
b8:98:de:5c:63:66:71:d2:07:1d:b6:7e:42:08:63:
e6:29:a8:78:16:17:9a:48:03:93:c2:fa:e2:28:fb:
e7:d3:e1:c8:ca:96:48:f6:83:2f:76:9f:29:4d:e6:
f4:86:e0:a1:1b:c9:53:80:22:77:65:0c:f8:40:98:
62:4c:90:c0:e3:dd:26:75:b2:71:73:26:66:5c:bf:
65:a9:31:1e:db:69:eb:a1:a7:9d:4f:44:57:71:74:
6f:ad:46:42:36:41:43:e2:cb:42:70:ae:a4:64:1d:
20:00:cd:29:7e:ba:7f:4c:8b:e7:98:22:13:d0:8f:
6b:75:63:e1:01:9b:f7:74:dd:ab:1d:b8:59:5f:b6:
3c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B2:D3:6F:E8:B1:E0:97:59:77:06:16:DB:2A:6E:4A:92:8F:F9:0E
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OLLTb-ix4JdZdwYW2ypuSpKP-Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.252.20.0/22
45.83.180.0/22
45.150.110.0/23
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
25:46:8b:a9:6b:71:31:9e:71:65:6f:59:ec:dc:12:ae:f1:a1:
76:c6:57:f2:d7:49:dd:ad:af:49:1d:2f:12:cb:65:f5:1b:d2:
fd:f3:df:49:86:38:38:08:fb:0e:27:38:8e:ec:49:e3:f9:c3:
f2:a3:19:cc:2b:e4:ba:ab:6e:0c:aa:5a:5d:59:31:f4:03:50:
a5:1f:8e:bb:fa:6f:98:36:5f:13:d2:2d:5a:fa:67:18:1e:00:
f5:3e:a3:61:be:b7:7a:9e:e5:c0:b9:19:24:cd:f6:0a:91:aa:
37:dc:6d:d1:39:44:a8:2b:a5:fe:f3:4e:15:54:e7:2e:eb:de:
b3:93:25:aa:1e:a1:0b:a6:11:ba:b0:02:c6:71:25:d1:95:ee:
52:e6:a3:4b:e3:43:98:ad:67:9d:e2:9b:1f:51:26:10:0e:aa:
de:f6:da:53:e7:51:06:f0:a8:f3:f8:87:1f:68:8d:e0:eb:db:
ec:c8:9a:8a:65:65:60:7f:64:78:85:c6:ae:a0:0e:d9:94:f8:
6b:9c:30:27:52:1c:7e:70:c1:20:8c:02:0c:7c:50:ab:02:29:
cf:cb:5e:ff:6f:e3:8f:1e:0a:c8:cd:24:f8:3d:59:62:fd:c7:
ac:3b:a0:58:e7:22:04:a1:a2:ba:43:b1:5d:1d:68:19:ac:bd:
63:d9:cb:c4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYlv/0HaA3ZVxVJsa6mkC/1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwNzE5MjExMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIyZDM2ZmU4YjFlMDk3NTk3NzA2MTZkYjJhNmU0YTkyOGZmOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc7QG8n33pLw/mi8I96zRBKtNgTM
p5rzbydSq5ZrnpCsVBZYHBjtdbz9alSleDv8tctIvRY4iGGRiYx2M/98YEoRR6Ud
VAUymDkk4cWwuNMoKStSKEn+gX2wsAWLsQQttq7Hvvf+E8PQxynYc9sOMyJuAlM3
hJy4mN5cY2Zx0gcdtn5CCGPmKah4FheaSAOTwvriKPvn0+HIypZI9oMvdp8pTeb0
huChG8lTgCJ3ZQz4QJhiTJDA490mdbJxcyZmXL9lqTEe22nroaedT0RXcXRvrUZC
NkFD4stCcK6kZB0gAM0pfrp/TIvnmCIT0I9rdWPhAZv3dN2rHbhZX7Y8AwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDiy02/oseCXWXcGFtsqbkqSj/kOMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvT0xMVGItaXg0SmRaZHdZVzJ5cHVTcEtQLVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjp8AwQC
BfwUAwQCLVO0AwQBLZZuMA0EAgACMAcDBQAqC+yCMA0GCSqGSIb3DQEBCwUAA4IB
AQAlRoupa3ExnnFlb1ns3BKu8aF2xlfy10ndra9JHS8Sy2X1G9L9899Jhjg4CPsO
JziO7Enj+cPyoxnMK+S6q24MqlpdWTH0A1ClH467+m+YNl8T0i1a+mcYHgD1PqNh
vrd6nuXAuRkkzfYKkao33G3ROUSoK6X+804VVOcu696zkyWqHqELphG6sALGcSXR
le5S5qNL40OYrWed4psfUSYQDqre9tpT51EG8Kjz+IcfaI3g69vsyJqKZWVgf2R4
hcauoA7ZlPhrnDAnUhx+cMEgjAIMfFCrAinPy17/b+OPHgrIzST4PVli/cesO6BY
5yIEoaK6Q7FdHWgZrL1j2cvE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org