Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ocSqqJu2Md-43TpDPix33FYpDHU.roa
File: ocSqqJu2Md-43TpDPix33FYpDHU.roa (raw, json)
Hash identifier: FJY8Cm2Ut/ejYa5eXUNje9FTYk/d8MY3vsaHdnIluG8=
Subject key identifier: A1:C4:AA:A8:9B:B6:31:DF:B8:DD:3A:43:3E:2C:77:DC:56:29:0C:75
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018ADC21D7944A045092E3E1961F2578A291
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ocSqqJu2Md-43TpDPix33FYpDHU.roa
Signing time: Thu 28 Sep 2023 14:11:59 +0000
ROA not before: Thu 28 Sep 2023 14:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34927
IP address blocks: 45.134.88.0/24 maxlen: 24
45.134.91.0/24 maxlen: 24
45.134.89.0/24 maxlen: 24
193.148.251.0/24 maxlen: 24
193.148.250.0/24 maxlen: 24
193.148.249.0/24 maxlen: 24
193.148.248.0/24 maxlen: 24
193.37.139.0/24 maxlen: 24
2a0c:9a40:1024::/48 maxlen: 48
2a0c:9a40:1002::/48 maxlen: 48
2a0c:9a44::/48 maxlen: 48
2a0c:9a40:1000::/44 maxlen: 48
2a0c:9a40:1080::/44 maxlen: 48
2a0c:9a40:1058::/48 maxlen: 48
2a0c:9a40:1::/48 maxlen: 48
2a0c:9a40:1001::/48 maxlen: 48
2a0c:9a40:1055::/48 maxlen: 48
2a0c:9a40:1070::/48 maxlen: 48
2a0c:9a40:1050::/48 maxlen: 48
2a0c:9a40:1054::/48 maxlen: 48
2a0c:9a40:1057::/48 maxlen: 48
2a0c:9a40:1072::/48 maxlen: 48
2a0c:9a40:1070::/44 maxlen: 48
2a0c:9a40:1090::/44 maxlen: 48
2a0c:9a40:1030::/44 maxlen: 48
2a0c:9a40:1051::/48 maxlen: 48
2a0c:9a40:2d00::/40 maxlen: 48
2a0c:9a40:2200::/40 maxlen: 48
2a0c:9a40:2600::/40 maxlen: 48
2a0c:9a40:2c00::/40 maxlen: 48
2a0c:9a40:2500::/40 maxlen: 48
2a0c:9a40:2b00::/40 maxlen: 48
2a0c:9a40:2800::/40 maxlen: 40
2a0c:9a40:2700::/40 maxlen: 48
2a0c:9a40:2a00::/40 maxlen: 40
2a0c:9a40:2400::/40 maxlen: 40
2a0c:9a40:2100::/40 maxlen: 40
2a0c:9a40:1080::/48 maxlen: 48
2a0c:9a40:1060::/48 maxlen: 48
2a0c:9a40:2900::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:21:d7:94:4a:04:50:92:e3:e1:96:1f:25:78:a2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Sep 28 14:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c4aaa89bb631dfb8dd3a433e2c77dc56290c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:82:46:33:fd:8d:5c:3b:07:49:4f:52:72:
56:9a:c7:04:3b:22:da:48:9a:f3:8f:ae:ce:a8:23:
02:b4:78:2f:b9:6e:a6:e3:4f:08:24:52:f7:8c:85:
fa:a1:b0:07:4f:d3:ca:7b:ca:29:bb:f3:f5:4b:3a:
6e:fd:4e:99:78:2e:70:6b:27:50:5a:40:d6:3c:46:
87:99:da:c8:6a:e9:53:16:18:a6:4a:d2:40:30:87:
29:cb:73:c8:48:d0:ca:4c:1a:1a:2d:dd:ed:0d:97:
3b:17:4d:4c:a1:f4:33:f0:df:85:a4:44:60:7f:50:
0c:03:3c:44:c5:60:11:c8:83:17:af:69:13:88:75:
56:ea:cb:c8:b0:3f:1a:42:63:09:0f:0c:28:98:f1:
1a:36:c5:9b:ca:bf:39:87:c9:72:0e:87:e8:78:1c:
30:8b:4c:a8:58:38:78:7f:a4:ce:5e:56:53:d8:19:
1b:b6:d9:73:38:6e:bf:12:d2:4a:b4:0a:12:2e:71:
bf:bf:8c:45:18:14:ae:81:f5:65:74:ed:0c:3d:c2:
5b:a2:b9:5f:b9:1e:0a:34:fb:f5:e9:28:57:3a:34:
32:d3:9a:df:63:7c:63:e1:53:01:2e:b0:78:97:2d:
06:ec:04:80:82:78:b8:5b:34:fb:b9:53:b6:bb:73:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C4:AA:A8:9B:B6:31:DF:B8:DD:3A:43:3E:2C:77:DC:56:29:0C:75
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ocSqqJu2Md-43TpDPix33FYpDHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.88.0/23
45.134.91.0/24
193.37.139.0/24
193.148.248.0/22
IPv6:
2a0c:9a40:1::/48
2a0c:9a40:1000::/44
2a0c:9a40:1024::/48
2a0c:9a40:1030::/44
2a0c:9a40:1050::/47
2a0c:9a40:1054::/47
2a0c:9a40:1057::-2a0c:9a40:1058:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:1060::/48
2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2100::-2a0c:9a40:22ff:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2400::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2a00::-2a0c:9a40:2dff:ffff:ffff:ffff:ffff:ffff
2a0c:9a44::/48
Signature Algorithm: sha256WithRSAEncryption
1a:59:8c:93:19:58:52:20:e2:ae:6b:37:c2:65:94:9f:5b:2c:
0d:ca:f7:79:04:6e:05:5a:d5:e7:99:81:a4:09:6c:7c:47:16:
96:26:55:25:f1:32:8b:f1:28:b2:42:f0:d6:e6:cc:93:d7:19:
b1:d4:70:37:70:13:ed:c0:6f:c9:e9:27:d5:9c:b0:58:1a:44:
c5:79:99:c0:6e:88:06:7c:55:9f:cb:5f:6e:71:62:f2:80:4a:
37:a9:04:9d:40:e3:27:73:61:aa:1e:77:bc:a4:0e:dd:52:51:
fe:bf:d8:67:5e:f1:b5:46:94:4f:41:20:a0:b9:10:3d:c8:8e:
3a:2b:47:90:e9:f3:04:e1:59:60:e4:3d:52:02:e4:8b:a9:fe:
6f:4d:84:17:2c:f4:be:04:20:7f:31:fb:e8:58:40:06:da:20:
1d:b6:51:0a:a8:ff:d3:60:65:e2:f5:5c:54:50:3c:94:c2:e9:
5d:b2:8a:43:cd:da:a4:c2:6a:44:82:65:90:73:2a:d7:15:ca:
28:53:65:eb:d7:9e:d7:ab:96:1b:d6:0a:96:dd:92:89:35:2b:
4e:f5:54:a6:58:42:2b:8a:8c:5c:4e:dd:cc:cf:28:c7:d9:a9:
7d:8b:53:28:37:4d:ee:08:0a:47:a5:93:88:02:3d:87:72:db:
bd:df:fd:46
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYrcIdeUSgRQkuPhlh8leKKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwOTI4MTQxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM0YWFhODliYjYzMWRmYjhkZDNhNDMzZTJjNzdkYzU2MjkwYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJaCRjP9jVw7B0lPUnJWmscEOyLa
SJrzj67OqCMCtHgvuW6m408IJFL3jIX6obAHT9PKe8opu/P1Szpu/U6ZeC5waydQ
WkDWPEaHmdrIaulTFhimStJAMIcpy3PISNDKTBoaLd3tDZc7F01MofQz8N+FpERg
f1AMAzxExWARyIMXr2kTiHVW6svIsD8aQmMJDwwomPEaNsWbyr85h8lyDofoeBww
i0yoWDh4f6TOXlZT2BkbttlzOG6/EtJKtAoSLnG/v4xFGBSugfVldO0MPcJborlf
uR4KNPv16ShXOjQy05rfY3xj4VMBLrB4ly0G7ASAgni4WzT7uVO2u3MTxQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFKHEqqibtjHfuN06Qz4sd9xWKQx1MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvb2NTcXFKdTJNZC00M1RwRFBpeDMzRllwREhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TAeBAIAATAYAwQBLYZY
AwQALYZbAwQAwSWLAwQCwZT4MIGuBAIAAjCBpwMHACoMmkAAAQMHBCoMmkAQAAMH
ACoMmkAQJAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcA
KgyaQBBYAwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEAMGACoMmkAhAwYA
KgyaQCIwEQMGAioMmkAkAwcAKgyaQCkAMBADBgEqDJpAKgMGASoMmkAsAwcAKgya
RAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAaWYyTGVhSIOKuazfCZZSfWywNyvd5BG4F
WtXnmYGkCWx8RxaWJlUl8TKL8SiyQvDW5syT1xmx1HA3cBPtwG/J6SfVnLBYGkTF
eZnAbogGfFWfy19ucWLygEo3qQSdQOMnc2GqHne8pA7dUlH+v9hnXvG1RpRPQSCg
uRA9yI46K0eQ6fME4Vlg5D1SAuSLqf5vTYQXLPS+BCB/MfvoWEAG2iAdtlEKqP/T
YGXi9VxUUDyUwuldsopDzdqkwmpEgmWQcyrXFcooU2Xr157Xq5Yb1gqW3ZKJNStO
9VSmWEIrioxcTt3MzyjH2al9i1MoN03uCApHpZOIAj2Hctu93/1G
-----END CERTIFICATE-----
Generated at Mon Oct 2 10:44:53 2023 by rpki-client on console-ams.rpki-client.org