Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7_OKFGurnOGMF_2dj0KEYKdawSY.roa
File: 7_OKFGurnOGMF_2dj0KEYKdawSY.roa (raw, json)
Hash identifier: GSNfoVrAu79UlubkPaV8shbviM82a0i4R1ogchoe7Bs=
Subject key identifier: EF:F3:8A:14:6B:AB:9C:E1:8C:17:FD:9D:8F:42:84:60:A7:5A:C1:26
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0192AECC990990D541EC11F642CB0A6500A6
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7_OKFGurnOGMF_2dj0KEYKdawSY.roa
Signing time: Mon 21 Oct 2024 11:18:16 +0000
ROA not before: Mon 21 Oct 2024 11:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.152.36.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:cc:99:09:90:d5:41:ec:11:f6:42:cb:0a:65:00:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 21 11:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eff38a146bab9ce18c17fd9d8f428460a75ac126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:66:eb:bd:3e:ac:76:b7:7a:36:75:dd:c4:2a:
67:40:22:f8:95:c7:26:56:33:16:25:85:7c:5d:fb:
65:ff:d8:cd:18:74:9a:fa:a2:21:ec:ab:51:50:b8:
e9:8e:c4:c5:4e:c2:1b:64:9f:31:27:ac:da:c8:bf:
15:f8:76:40:54:5f:52:20:7a:45:87:50:5f:11:48:
10:bc:4a:00:95:de:80:26:3f:1b:39:68:34:c0:94:
49:13:54:ef:48:76:88:d8:06:99:7a:97:03:d1:0b:
54:d0:21:c2:62:e6:d6:6b:be:be:d1:85:7a:ff:0d:
5e:ac:18:68:9b:52:04:64:a6:f4:07:61:d6:3d:d0:
d2:4d:7e:dc:35:a3:6e:fd:f9:28:71:40:91:af:ee:
1a:fe:49:95:bb:64:12:de:ea:fe:55:d0:ae:48:4d:
13:34:06:7e:f0:ff:5b:fa:df:1c:2f:62:5c:60:18:
d7:87:b3:95:ba:f0:66:ee:d1:2a:d0:c3:69:ba:19:
e6:f6:91:d7:2e:a7:52:63:bc:c0:76:ef:6d:da:d9:
d8:97:54:71:be:0e:c3:b1:0c:e5:a2:80:68:78:b4:
46:9c:a4:d2:60:73:1e:35:60:cd:2e:06:7a:68:e9:
8d:c1:b9:84:dd:4c:85:2f:7b:98:bc:3c:53:0b:16:
89:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F3:8A:14:6B:AB:9C:E1:8C:17:FD:9D:8F:42:84:60:A7:5A:C1:26
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7_OKFGurnOGMF_2dj0KEYKdawSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.152.36.0/24
45.154.238.0/24
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
a5:50:57:a7:9c:7f:db:7a:82:7d:58:4d:67:73:d8:a2:8a:1e:
ac:62:78:03:df:43:cc:54:b3:4d:c3:68:9f:b3:3f:9a:93:cb:
1a:ce:7f:b8:8f:ed:77:01:b1:ec:86:9c:b5:cf:59:6f:d5:f2:
3b:b0:32:10:e6:16:89:8f:ae:87:86:56:25:36:17:b8:7b:23:
e9:81:1b:a8:0c:98:be:5c:7a:8a:a8:91:06:12:25:4e:d7:e4:
c7:72:9b:85:53:60:5d:61:49:66:5f:8e:37:50:63:98:3c:f9:
3c:65:47:5f:e8:ba:5f:22:97:0a:d0:e9:03:eb:99:c1:a2:d9:
94:2e:a0:1c:94:1b:19:d0:b2:d1:5f:13:11:2d:00:8a:ad:56:
dd:49:98:de:7a:56:91:3e:53:23:71:6e:7a:2e:eb:ba:cf:3c:
f8:27:42:b9:1d:77:a6:27:3e:ac:48:f0:6f:8c:9d:be:6c:cf:
bd:66:47:33:b7:5b:f1:89:ad:38:87:35:89:d3:59:5f:ff:46:
a2:f4:11:49:7a:92:39:a3:06:ef:dd:1e:c5:55:80:4a:50:47:
2b:1a:bd:c6:ef:af:5d:db:98:f6:00:9d:de:64:f6:ab:78:20:
81:ce:83:af:3c:5b:58:aa:aa:cf:f0:91:08:db:af:fb:66:f7:
69:49:db:d8
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZKuzJkJkNVB7BH2QssKZQCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMDIxMTExODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmYzOGExNDZiYWI5Y2UxOGMxN2ZkOWQ4ZjQyODQ2MGE3NWFjMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmbrvT6sdrd6NnXdxCpnQCL4lccm
VjMWJYV8Xftl/9jNGHSa+qIh7KtRULjpjsTFTsIbZJ8xJ6zayL8V+HZAVF9SIHpF
h1BfEUgQvEoAld6AJj8bOWg0wJRJE1TvSHaI2AaZepcD0QtU0CHCYubWa76+0YV6
/w1erBhom1IEZKb0B2HWPdDSTX7cNaNu/fkocUCRr+4a/kmVu2QS3ur+VdCuSE0T
NAZ+8P9b+t8cL2JcYBjXh7OVuvBm7tEq0MNpuhnm9pHXLqdSY7zAdu9t2tnYl1Rx
vg7DsQzlooBoeLRGnKTSYHMeNWDNLgZ6aOmNwbmE3UyFL3uYvDxTCxaJAwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFO/zihRrq5zhjBf9nY9ChGCnWsEmMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvN19PS0ZHdXJuT0dNRl8yZGowS0VZS2Rhd1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAC2YJAMEAC2a7gMEArnQ0AMEALnjUgME
ALnkUwMEAbnzcAMEAMKSMAMEAcMaBjCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEApVBXp5x/23qCfVhNZ3PYoooe
rGJ4A99DzFSzTcNon7M/mpPLGs5/uI/tdwGx7Iactc9Zb9XyO7AyEOYWiY+uh4ZW
JTYXuHsj6YEbqAyYvlx6iqiRBhIlTtfkx3KbhVNgXWFJZl+ON1BjmDz5PGVHX+i6
XyKXCtDpA+uZwaLZlC6gHJQbGdCy0V8TES0Aiq1W3UmY3npWkT5TI3Fuei7rus88
+CdCuR13pic+rEjwb4ydvmzPvWZHM7db8YmtOIc1idNZX/9GovQRSXqSOaMG790e
xVWASlBHKxq9xu+vXduY9gCd3mT2q3gggc6DrzxbWKqqz/CRCNuv+2b3aUnb2A==
-----END CERTIFICATE-----
Generated at Tue Oct 22 16:12:49 2024 by rpki-client on console-fra.rpki-client.org