Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OjeIowrAwhQ72F6763gLh-B9fB0.roa
File: OjeIowrAwhQ72F6763gLh-B9fB0.roa (raw, json)
Hash identifier: 8AvkNCfG6fiCHOZpUaMkf0ItNOh/lHO+gcG/VTBXVQ8=
Subject key identifier: 3A:37:88:A3:0A:C0:C2:14:3B:D8:5E:BB:EB:78:0B:87:E0:7D:7C:1D
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0186EB88A98F8D8B3444CD105221AE137DBF
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OjeIowrAwhQ72F6763gLh-B9fB0.roa
Signing time: Thu 16 Mar 2023 17:47:27 +0000
ROA not before: Thu 16 Mar 2023 17:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
2.58.124.0/22 maxlen: 22
139.28.73.0/24 maxlen: 24
139.28.74.0/24 maxlen: 24
139.28.75.0/24 maxlen: 24
139.28.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 07:40:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:88:a9:8f:8d:8b:34:44:cd:10:52:21:ae:13:7d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Mar 16 17:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3788a30ac0c2143bd85ebbeb780b87e07d7c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:7a:03:b4:85:72:46:32:8e:25:13:c0:8e:
e8:47:f8:bd:ef:bd:27:bc:27:1d:5d:8e:0e:6d:ea:
57:6d:25:49:56:fe:2b:37:aa:80:18:53:b9:63:75:
47:b5:be:63:62:7c:96:4c:f5:80:f3:4c:03:a0:ee:
a8:7d:44:96:fb:8f:c9:76:4b:68:7e:3e:32:cb:86:
e7:17:cd:17:02:0f:54:44:8d:d9:4f:49:4a:d3:74:
92:7e:09:18:36:9f:5a:4c:ec:7b:b8:ec:a0:61:93:
b3:63:d1:cd:c1:3a:78:a0:94:76:11:33:b5:09:ea:
46:33:d3:9a:2d:ba:74:2d:52:da:77:bb:32:f7:4b:
0e:66:26:cb:d1:c5:a8:8e:84:16:85:32:01:05:f1:
2a:5c:e6:3e:d7:3d:4f:d2:8c:9a:16:e9:a0:3b:7c:
52:76:36:5b:31:95:2f:bc:27:40:fb:d9:07:59:35:
83:49:e5:73:5e:76:c9:d3:c4:fd:bd:bb:03:c3:17:
39:23:77:51:9c:8f:a8:2e:d4:5b:0d:9d:2c:22:19:
f4:c8:1c:58:11:b5:76:d6:57:65:76:cd:8f:a9:b2:
5b:98:8c:2a:9d:83:08:8c:88:43:40:23:d5:0b:77:
9c:f3:4c:4f:0c:d5:3e:80:4a:b8:35:bb:92:a5:4d:
10:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:37:88:A3:0A:C0:C2:14:3B:D8:5E:BB:EB:78:0B:87:E0:7D:7C:1D
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/OjeIowrAwhQ72F6763gLh-B9fB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.83.180.0/22
139.28.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:9f:ce:ea:39:15:16:31:63:fb:90:ff:02:c0:5e:7f:72:0f:
fa:bc:46:f0:df:da:40:17:93:4c:d1:60:74:6e:5b:bb:53:d3:
c6:a3:58:9c:54:b1:2e:2a:63:f9:ac:ef:c0:fe:53:f0:fb:e9:
26:5c:a0:02:bc:be:df:72:9a:5c:0a:51:ef:da:08:d3:73:0a:
0e:b2:aa:ca:5f:25:7a:11:1a:34:e1:c7:db:de:c4:ae:fd:98:
dc:11:33:60:e7:80:73:af:ac:31:b3:e7:0c:34:32:08:af:37:
7e:e8:2e:90:c1:01:dd:1b:35:2b:84:44:db:0c:b6:32:e5:2f:
72:88:ed:bd:73:f1:06:8b:f8:bf:ec:52:d9:3b:63:4d:0f:15:
9c:4c:9d:b8:ff:83:2a:1d:da:a4:88:09:d5:e2:29:e5:58:f0:
e8:e1:ec:ff:f1:b6:00:b5:8e:cd:c2:26:89:c3:aa:b8:83:34:
19:c3:f9:03:91:db:d9:25:bf:98:d2:f5:41:5f:f4:6b:e7:d3:
5e:71:5c:74:8b:87:5f:08:20:f5:69:89:f1:35:c4:42:2c:ba:
a2:7a:68:6b:43:6e:7d:79:1a:1b:30:8a:c3:93:08:82:99:46:
e4:00:94:18:fa:85:c5:f1:76:f6:0e:d8:b7:11:45:9e:ac:da:
cc:6f:c5:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbriKmPjYs0RM0QUiGuE32/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwMzE2MTc0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM3ODhhMzBhYzBjMjE0M2JkODVlYmJlYjc4MGI4N2UwN2Q3YzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcd6A7SFckYyjiUTwI7oR/i9770n
vCcdXY4ObepXbSVJVv4rN6qAGFO5Y3VHtb5jYnyWTPWA80wDoO6ofUSW+4/Jdkto
fj4yy4bnF80XAg9URI3ZT0lK03SSfgkYNp9aTOx7uOygYZOzY9HNwTp4oJR2ETO1
CepGM9OaLbp0LVLad7sy90sOZibL0cWojoQWhTIBBfEqXOY+1z1P0oyaFumgO3xS
djZbMZUvvCdA+9kHWTWDSeVzXnbJ08T9vbsDwxc5I3dRnI+oLtRbDZ0sIhn0yBxY
EbV21ldlds2PqbJbmIwqnYMIjIhDQCPVC3ec80xPDNU+gEq4NbuSpU0Q5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDo3iKMKwMIUO9heu+t4C4fgfXwdMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvT2plSW93ckF3aFE3MkY2NzYzZ0xoLUI5ZkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjp8AwQC
LVO0AwQCixxIMA0GCSqGSIb3DQEBCwUAA4IBAQBen87qORUWMWP7kP8CwF5/cg/6
vEbw39pAF5NM0WB0blu7U9PGo1icVLEuKmP5rO/A/lPw++kmXKACvL7fcppcClHv
2gjTcwoOsqrKXyV6ERo04cfb3sSu/ZjcETNg54Bzr6wxs+cMNDIIrzd+6C6QwQHd
GzUrhETbDLYy5S9yiO29c/EGi/i/7FLZO2NNDxWcTJ24/4MqHdqkiAnV4inlWPDo
4ez/8bYAtY7NwiaJw6q4gzQZw/kDkdvZJb+Y0vVBX/Rr59NecVx0i4dfCCD1aYnx
NcRCLLqiemhrQ259eRobMIrDkwiCmUbkAJQY+oXF8Xb2Dti3EUWerNrMb8WL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org