Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa
File: OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa (raw, json)
Hash identifier: MXyfJqPgFul/ylCg/GS4ULeON6jDSxpatwpxZHtQTFg=
Subject key identifier: 38:9D:99:67:E0:3B:1F:33:0C:C2:0B:7C:74:B0:CE:B5:00:8C:57:DE
Certificate issuer: /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial: 01856C4137FFC2CE0F4C1C4A894B67585F15
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa
Signing time: Sun 01 Jan 2023 07:34:51 +0000
ROA not before: Sun 01 Jan 2023 07:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8301
IP address blocks: 217.65.48.0/20 maxlen: 24
185.74.74.0/24 maxlen: 24
185.74.72.0/22 maxlen: 24
185.74.72.0/24 maxlen: 24
185.74.75.0/24 maxlen: 24
178.208.192.0/19 maxlen: 24
212.120.224.0/19 maxlen: 24
212.120.236.0/24 maxlen: 24
212.120.244.0/24 maxlen: 24
195.244.192.0/19 maxlen: 24
212.120.250.0/24 maxlen: 24
195.244.204.0/24 maxlen: 24
2a01:8c40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:37:ff:c2:ce:0f:4c:1c:4a:89:4b:67:58:5f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Validity
Not Before: Jan 1 07:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=389d9967e03b1f330cc20b7c74b0ceb5008c57de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:58:c2:51:dc:21:3c:02:3f:9e:a3:79:49:63:
14:18:91:89:80:f9:5f:1b:bf:e9:c9:6f:1f:61:28:
10:92:44:db:ac:ad:3b:93:c0:bd:5b:23:a7:41:23:
bf:9a:f2:61:15:df:29:0b:59:e1:2d:4c:2f:ac:81:
02:01:c6:1e:09:21:28:b2:d7:56:51:a8:4c:bb:9d:
63:0b:fa:65:47:75:27:9c:8d:99:31:18:17:5e:5c:
ce:d1:a3:1b:7d:c2:7d:d8:af:7a:3a:76:7c:08:3e:
27:1a:b3:24:2f:5e:c2:13:bf:3f:4e:64:0b:b8:99:
85:85:dc:57:37:7d:a6:1c:0a:a3:ba:bb:1e:56:bd:
fa:e5:d1:ba:78:87:2e:79:cc:77:3d:fd:c3:29:39:
e1:50:23:41:de:fb:1f:f3:4c:ff:f4:06:ac:1e:74:
dd:66:91:d7:7f:06:97:8d:14:19:34:45:a3:c0:51:
f4:0c:6d:01:16:1e:9c:be:c4:7f:5e:72:57:5d:2a:
e9:5c:c5:45:0b:be:b3:d7:a7:f2:5e:55:d8:8f:f9:
8c:af:6a:95:fc:f5:2a:04:75:85:0c:13:45:cc:f4:
93:7e:0e:89:5e:e4:69:82:46:c5:db:69:37:18:45:
17:7f:3e:72:51:ec:34:cc:21:18:4f:8d:07:d8:77:
5a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9D:99:67:E0:3B:1F:33:0C:C2:0B:7C:74:B0:CE:B5:00:8C:57:DE
X509v3 Authority Key Identifier:
keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.192.0/19
185.74.72.0/22
195.244.192.0/19
212.120.224.0/19
217.65.48.0/20
IPv6:
2a01:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
08:2c:18:18:dd:28:db:6d:c1:e3:e1:b8:3b:6b:03:8d:c3:b8:
ae:ae:73:be:c4:c7:2e:1f:99:7c:81:4a:a0:70:5c:7e:09:f2:
61:2d:fe:e1:a8:ae:c2:76:dd:5a:14:ca:b2:3d:76:3b:ea:9a:
9e:61:c7:7d:63:ad:53:5f:bb:02:b8:89:74:32:94:e3:39:75:
93:31:18:d2:d6:3d:c5:76:6e:eb:61:5f:9c:05:11:a3:31:d5:
db:3b:2a:ca:4f:02:fc:12:af:6a:3f:07:58:65:73:90:aa:9d:
20:8f:f7:0a:11:28:ad:3c:d7:f7:16:9a:e5:53:f8:61:87:9e:
71:54:59:3f:49:03:99:09:c3:32:2c:17:6f:26:b2:b9:9f:2c:
a8:0f:d3:10:21:67:7d:b8:61:03:16:75:79:e4:40:3b:60:9a:
2a:e6:fc:00:87:69:42:4a:50:c4:ee:16:20:d3:73:7a:28:9f:
bd:85:35:08:97:35:0b:82:eb:d9:6d:9d:89:f9:f8:08:db:a7:
97:6f:0b:2f:23:16:d9:9a:a1:aa:c0:13:af:a3:6d:40:22:43:
80:60:f0:cf:65:38:21:59:46:26:8c:75:5e:47:ed:43:c7:25:
c5:88:51:60:18:fc:58:a2:4b:ef:86:ec:09:23:e9:6e:e7:df:
6e:17:f7:f5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsQTf/ws4PTBxKiUtnWF8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmI3MjI3MTVmOTFiZTc5MmExZWMzYzMxZTc3ZWQ5ZGEw
NWNiZTEwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODlkOTk2N2UwM2IxZjMzMGNjMjBiN2M3NGIwY2ViNTAwOGM1N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgljCUdwhPAI/nqN5SWMUGJGJgPlf
G7/pyW8fYSgQkkTbrK07k8C9WyOnQSO/mvJhFd8pC1nhLUwvrIECAcYeCSEostdW
UahMu51jC/plR3UnnI2ZMRgXXlzO0aMbfcJ92K96OnZ8CD4nGrMkL17CE78/TmQL
uJmFhdxXN32mHAqjurseVr365dG6eIcuecx3Pf3DKTnhUCNB3vsf80z/9AasHnTd
ZpHXfwaXjRQZNEWjwFH0DG0BFh6cvsR/XnJXXSrpXMVFC76z16fyXlXYj/mMr2qV
/PUqBHWFDBNFzPSTfg6JXuRpgkbF22k3GEUXfz5yUew0zCEYT40H2Hda6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDidmWfgOx8zDMILfHSwzrUAjFfeMB8GA1UdIwQY
MBaAFLgrcicV+RvnkqHsPDHnftnaBcvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMt
YTE1YTE4NjEzZGE2LzEvT0oyWlotQTdIek1Nd2d0OGRMRE90UUNNVjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMtYTE1YTE4NjEzZGE2
LzEvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFstDAAwQC
uUpIAwQFw/TAAwQF1HjgAwQE2UEwMA0EAgACMAcDBQAqAYxAMA0GCSqGSIb3DQEB
CwUAA4IBAQAILBgY3SjbbcHj4bg7awONw7iurnO+xMcuH5l8gUqgcFx+CfJhLf7h
qK7Cdt1aFMqyPXY76pqeYcd9Y61TX7sCuIl0MpTjOXWTMRjS1j3Fdm7rYV+cBRGj
MdXbOyrKTwL8Eq9qPwdYZXOQqp0gj/cKESitPNf3FprlU/hhh55xVFk/SQOZCcMy
LBdvJrK5nyyoD9MQIWd9uGEDFnV55EA7YJoq5vwAh2lCSlDE7hYg03N6KJ+9hTUI
lzULguvZbZ2J+fgI26eXbwsvIxbZmqGqwBOvo21AIkOAYPDPZTghWUYmjHVeR+1D
xyXFiFFgGPxYokvvhuwJI+lu599uF/f1
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:02 2024 by rpki-client on console-fra.rpki-client.org