Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/OfdaB714VrOA15Y9LL3qtaaF-8A.roa
File: OfdaB714VrOA15Y9LL3qtaaF-8A.roa (raw, json)
Hash identifier: iF7LkU2Xxl2bUPvxMBeSsGRDECB7jYeA6tlPGtgov/g=
Subject key identifier: 39:F7:5A:07:BD:78:56:B3:80:D7:96:3D:2C:BD:EA:B5:A6:85:FB:C0
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018E18AD676EEA49CAD40159514231E64D16
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/OfdaB714VrOA15Y9LL3qtaaF-8A.roa
Signing time: Thu 07 Mar 2024 11:30:01 +0000
ROA not before: Thu 07 Mar 2024 11:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 46.18.72.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 07 Mar 2024 16:21:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:ad:67:6e:ea:49:ca:d4:01:59:51:42:31:e6:4d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 7 11:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39f75a07bd7856b380d7963d2cbdeab5a685fbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:ff:e8:80:00:cd:83:66:e1:9c:5f:ca:bc:
91:98:31:84:6d:f8:85:e8:8f:5f:63:66:0f:d4:24:
cd:5a:89:05:e3:a8:ea:bf:c8:6a:b8:99:d4:b8:58:
0c:50:d1:77:10:6c:13:7d:cc:ad:a5:8f:8b:6b:c8:
51:9a:57:30:40:61:39:b5:a7:55:f5:46:8f:c7:17:
bb:8b:29:b7:9a:a9:41:af:ee:ec:7f:e0:65:b8:9c:
0f:8d:61:6f:10:91:e7:67:0a:d4:e9:0c:b8:3a:93:
83:e4:a8:59:24:7e:c8:77:73:d6:72:65:c6:e2:0d:
d1:3a:a1:f6:7c:8e:2b:15:08:20:0e:03:1f:45:4c:
db:dd:aa:7f:dd:38:f2:4b:a7:e1:5c:9c:9f:0f:9f:
71:ae:88:15:b3:a8:63:ca:6b:8a:e8:bd:51:7a:7b:
8f:f9:24:ed:c7:71:1b:1a:ae:bf:e5:16:57:de:c4:
11:23:c4:d1:d8:78:48:9d:48:4d:72:d0:54:51:15:
6a:6f:f3:f7:8e:15:21:e3:5b:02:7e:bd:1d:4c:55:
1e:b2:3b:75:91:d0:c2:90:05:ad:58:a0:66:9c:81:
a9:45:98:e0:6e:4e:c3:dd:1e:d4:d6:76:e5:3e:7e:
ce:87:58:9c:2d:93:08:12:8d:e8:47:7e:fe:da:f5:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F7:5A:07:BD:78:56:B3:80:D7:96:3D:2C:BD:EA:B5:A6:85:FB:C0
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/OfdaB714VrOA15Y9LL3qtaaF-8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.72.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
72:36:84:25:40:73:08:4e:c8:4e:b7:f5:bb:2a:17:2f:e7:aa:
8d:b1:9f:e6:52:58:2a:48:9c:7b:a2:52:2c:26:ea:20:71:22:
cc:02:f0:05:c2:05:f8:bc:c0:8b:39:13:d4:5a:52:25:f0:ac:
42:10:ec:2e:f2:f6:44:64:cc:94:95:d3:c9:a7:8b:42:96:49:
e3:a2:52:b2:dd:7d:d0:74:4f:5e:0a:d7:b7:70:7d:c8:d8:db:
9d:68:90:c7:6d:7b:6f:14:05:63:54:6d:68:dc:61:03:d6:2e:
17:d2:e0:a6:f9:01:cf:4c:b9:2c:19:7b:21:88:e9:9a:3a:86:
21:37:14:49:d3:e0:62:1f:2d:13:f9:b7:66:39:87:84:94:4a:
ba:d5:ec:2c:cd:ff:a5:36:12:9a:cd:cd:ab:dd:74:4f:7f:bc:
3c:5a:d0:bc:2b:53:b1:64:31:7c:73:87:80:c1:4a:9f:b7:f3:
7c:26:60:d3:a8:ff:3b:25:b4:e9:43:5e:df:c1:c9:6c:98:07:
4a:f3:8b:67:ba:3e:eb:e5:e8:bf:77:ec:01:c6:af:66:39:00:
b5:4c:75:4b:8a:d5:09:fc:92:1d:56:5b:8c:85:86:b5:58:a3:
3d:8e:37:89:d7:6c:9e:cc:56:ff:6b:dd:5f:4e:3e:a5:e9:ae:
3f:7b:07:ce
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY4YrWdu6knK1AFZUUIx5k0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzA3MTEzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY3NWEwN2JkNzg1NmIzODBkNzk2M2QyY2JkZWFiNWE2ODVmYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq3/6IAAzYNm4ZxfyryRmDGEbfiF
6I9fY2YP1CTNWokF46jqv8hquJnUuFgMUNF3EGwTfcytpY+La8hRmlcwQGE5tadV
9UaPxxe7iym3mqlBr+7sf+BluJwPjWFvEJHnZwrU6Qy4OpOD5KhZJH7Id3PWcmXG
4g3ROqH2fI4rFQggDgMfRUzb3ap/3TjyS6fhXJyfD59xrogVs6hjymuK6L1RenuP
+STtx3EbGq6/5RZX3sQRI8TR2HhInUhNctBUURVqb/P3jhUh41sCfr0dTFUesjt1
kdDCkAWtWKBmnIGpRZjgbk7D3R7U1nblPn7Oh1icLZMIEo3oR37+2vXfIQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDn3Wge9eFazgNeWPSy96rWmhfvAMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvT2ZkYUI3MTRWck9BMTVZOUxMM3F0YWFGLThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQDLhJIAwQC
uQvsAwQCuaEMAwQCueLsAwQCwjjsAwQBwn+eAwQBwn+iMBsEAgACMBUDBQAqALXA
AwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEBAHI2hCVAcwhOyE639bsq
Fy/nqo2xn+ZSWCpInHuiUiwm6iBxIswC8AXCBfi8wIs5E9RaUiXwrEIQ7C7y9kRk
zJSV08mni0KWSeOiUrLdfdB0T14K17dwfcjY251okMdte28UBWNUbWjcYQPWLhfS
4Kb5Ac9MuSwZeyGI6Zo6hiE3FEnT4GIfLRP5t2Y5h4SUSrrV7CzN/6U2EprNzavd
dE9/vDxa0LwrU7FkMXxzh4DBSp+383wmYNOo/zsltOlDXt/ByWyYB0rzi2e6Puvl
6L937AHGr2Y5ALVMdUuK1Qn8kh1WW4yFhrVYoz2ON4nXbJ7MVv9r3V9OPqXprj97
B84=
-----END CERTIFICATE-----
Generated at Thu Mar 7 19:38:39 2024 by rpki-client on console-ams.rpki-client.org