Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OFLOyMCFVpCx5HPvWzKGZaTNwLo.roa
File: OFLOyMCFVpCx5HPvWzKGZaTNwLo.roa (raw, json)
Hash identifier: 3pFLusI86eiRE6IGVJSHCtjbzqBhaoZF8DgGfHpCHB4=
Subject key identifier: 38:52:CE:C8:C0:85:56:90:B1:E4:73:EF:5B:32:86:65:A4:CD:C0:BA
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018D3AA078DC6405AD8ACD32F67AFBCDF48F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OFLOyMCFVpCx5HPvWzKGZaTNwLo.roa
Signing time: Wed 24 Jan 2024 08:40:11 +0000
ROA not before: Wed 24 Jan 2024 08:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 24
85.254.8.0/21 maxlen: 21
85.254.49.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.69.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.122.0/23 maxlen: 23
85.254.128.0/18 maxlen: 24
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
109.205.120.0/21 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 24
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 24
185.176.116.0/22 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Feb 2024 09:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:a0:78:dc:64:05:ad:8a:cd:32:f6:7a:fb:cd:f4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 24 08:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3852cec8c0855690b1e473ef5b328665a4cdc0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:45:bd:6a:2c:bc:04:08:18:cd:11:f6:0d:3e:
8d:57:1d:45:1b:c1:c0:af:ec:15:60:35:43:28:3e:
f1:25:ff:31:c3:77:9c:37:06:cc:f4:69:04:8e:44:
ce:9c:d7:37:f9:b5:ee:ed:0b:53:7e:34:36:be:f3:
5a:dc:0e:7d:f9:47:f5:5e:8d:1c:7e:11:bf:92:80:
7c:f1:db:c2:a5:86:0d:f0:c2:41:ea:ff:3e:70:ac:
a9:24:75:1d:f3:9a:8e:da:c6:ca:9c:b2:66:a8:74:
63:09:5b:f1:6c:35:0f:44:51:88:04:32:7d:b8:29:
75:2a:16:25:2b:a5:62:11:b0:9a:a9:6c:97:d8:aa:
00:7f:67:a9:98:d3:0e:ff:01:37:06:2d:b0:f1:a0:
f7:39:bd:6b:95:42:e8:c3:0e:1f:d7:29:82:93:5c:
a8:37:ff:f2:2b:a2:ae:f5:3e:d6:4d:06:d5:9f:80:
e7:d1:81:1e:e5:e9:dc:fc:6c:31:a8:18:f3:fb:06:
6c:b6:cc:76:b3:71:9a:0c:49:ab:e9:b4:18:7d:0f:
5d:ca:92:40:ab:b2:b8:5b:74:e5:2d:40:23:07:c0:
39:b0:81:33:13:d5:92:e2:d8:97:e8:fe:7b:c8:36:
0a:50:ef:d0:91:72:3a:38:51:0c:51:b9:85:76:94:
50:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:52:CE:C8:C0:85:56:90:B1:E4:73:EF:5B:32:86:65:A4:CD:C0:BA
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OFLOyMCFVpCx5HPvWzKGZaTNwLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
56:99:67:82:bc:7c:d5:33:58:a3:f0:71:17:6f:e7:e8:4b:29:
11:db:cc:e2:43:65:06:fd:bc:91:05:9d:81:57:42:2a:cc:97:
23:3d:f0:95:b4:e1:ad:4c:4b:5c:aa:be:ab:02:a3:72:98:7f:
38:3b:5c:2d:36:20:43:5e:ae:77:1b:66:74:42:6a:81:78:4e:
42:53:ec:9e:0f:9d:f8:b6:14:ef:d2:95:3f:f3:2e:a7:27:20:
16:e6:05:60:3a:94:1d:a7:dd:34:77:d8:7c:d4:8e:fd:24:ea:
09:d7:df:bf:46:77:b4:31:85:31:6e:d5:6b:96:74:24:95:da:
20:07:14:2f:32:d7:9e:da:c3:6b:65:2f:c0:35:0d:70:05:2a:
df:c1:6a:af:c2:8e:22:66:37:68:45:1b:9b:41:42:2f:5f:50:
ea:fe:9c:f0:65:4e:cf:0b:4c:f4:5b:ee:b8:cd:25:36:b4:47:
33:4e:b9:a5:6b:c5:1d:69:c0:da:5a:d2:59:e8:38:9d:53:56:
80:f3:27:46:11:63:da:d8:cd:84:6e:14:3b:f0:96:d3:1b:7b:
79:bf:13:60:a4:40:45:27:07:ff:6c:9a:cf:07:48:64:91:dc:
41:6e:f2:72:f5:9e:ef:d6:36:a6:43:bc:d4:e5:72:14:26:cf:
9f:c4:66:9b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY06oHjcZAWtis0y9nr7zfSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTI0MDg0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUyY2VjOGMwODU1NjkwYjFlNDczZWY1YjMyODY2NWE0Y2RjMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEW9aiy8BAgYzRH2DT6NVx1FG8HA
r+wVYDVDKD7xJf8xw3ecNwbM9GkEjkTOnNc3+bXu7QtTfjQ2vvNa3A59+Uf1Xo0c
fhG/koB88dvCpYYN8MJB6v8+cKypJHUd85qO2sbKnLJmqHRjCVvxbDUPRFGIBDJ9
uCl1KhYlK6ViEbCaqWyX2KoAf2epmNMO/wE3Bi2w8aD3Ob1rlULoww4f1ymCk1yo
N//yK6Ku9T7WTQbVn4Dn0YEe5enc/GwxqBjz+wZstsx2s3GaDEmr6bQYfQ9dypJA
q7K4W3TlLUAjB8A5sIEzE9WS4tiX6P57yDYKUO/QkXI6OFEMUbmFdpRQQQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDhSzsjAhVaQseRz71syhmWkzcC6MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvT0ZMT3lNQ0ZWcEN4NUhQdld6S0daYVROd0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQBWmWeCvHzVM1ij8HEXb+foSykR28ziQ2UG/byRBZ2BV0IqzJcjPfCVtOGtTEtc
qr6rAqNymH84O1wtNiBDXq53G2Z0QmqBeE5CU+yeD534thTv0pU/8y6nJyAW5gVg
OpQdp900d9h81I79JOoJ19+/Rne0MYUxbtVrlnQkldogBxQvMtee2sNrZS/ANQ1w
BSrfwWqvwo4iZjdoRRubQUIvX1Dq/pzwZU7PC0z0W+64zSU2tEczTrmla8UdacDa
WtJZ6DidU1aA8ydGEWPa2M2EbhQ78JbTG3t5vxNgpEBFJwf/bJrPB0hkkdxBbvJy
9Z7v1jamQ7zU5XIUJs+fxGab
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:22:06 2024 by rpki-client on console-ams.rpki-client.org