Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OgwhUOcMGeTBv8ikECQASudOOfQ.roa
File: OgwhUOcMGeTBv8ikECQASudOOfQ.roa (raw, json)
Hash identifier: 3dkCZ4xwkwe+mHHLtPGFWh4t7NgbQN+aSbPmhW4ylao=
Subject key identifier: 3A:0C:21:50:E7:0C:19:E4:C1:BF:C8:A4:10:24:00:4A:E7:4E:39:F4
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E233799711204F1C7AED1F8C9E2ACFBDF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OgwhUOcMGeTBv8ikECQASudOOfQ.roa
Signing time: Sat 09 Mar 2024 12:37:10 +0000
ROA not before: Sat 09 Mar 2024 12:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
109.205.120.0/21 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 16
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 24
185.176.116.0/22 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 14:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:37:99:71:12:04:f1:c7:ae:d1:f8:c9:e2:ac:fb:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 9 12:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0c2150e70c19e4c1bfc8a41024004ae74e39f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:7f:ef:44:a9:ad:e0:49:56:2f:9d:29:e1:
76:c6:7d:72:f6:e6:63:05:f9:ff:f5:f3:fd:88:07:
cd:7b:6d:1e:7b:2e:77:48:5a:48:ea:13:c0:86:01:
5f:05:5f:52:a3:d6:19:f5:1c:96:a5:9d:8a:da:61:
db:72:55:49:aa:a8:4a:8b:f7:91:02:20:c5:4e:be:
f3:04:84:35:11:5a:0e:45:1a:d7:de:50:17:4f:f4:
6e:50:74:05:c5:17:ae:38:33:eb:99:5b:43:6b:a1:
f9:1e:b0:7d:f7:e9:e6:ca:40:51:e3:53:e9:58:47:
84:4e:ed:4c:92:cd:89:20:6f:ac:a7:a2:21:df:47:
02:cd:fd:22:94:de:a0:1f:30:77:6c:67:53:31:24:
8e:6c:47:71:f0:b2:e7:9a:3e:7c:3a:fc:6d:bb:20:
3b:c7:74:df:cc:ce:0e:07:57:0e:6d:e5:96:b3:e5:
65:1a:56:56:57:e8:39:ab:25:61:fb:c6:33:01:dd:
fd:93:1b:fd:ef:a3:fd:c4:84:7b:96:19:7c:7b:93:
cf:f9:a8:6e:c0:ff:67:dd:fb:cc:df:34:af:49:1a:
22:f5:cd:73:8d:85:26:13:d9:96:e2:a8:a1:e3:00:
0d:ea:05:01:48:e4:ce:de:13:52:f4:1f:2d:84:14:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0C:21:50:E7:0C:19:E4:C1:BF:C8:A4:10:24:00:4A:E7:4E:39:F4
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/OgwhUOcMGeTBv8ikECQASudOOfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
5d:c3:c3:04:48:65:0f:77:63:3a:bb:a3:53:ef:25:14:93:69:
b8:73:1f:f1:28:e3:34:af:91:43:ad:2c:ea:2a:21:14:75:c7:
cb:5c:98:fc:c3:cd:6b:9e:9b:17:f9:c7:5e:7c:e3:38:3c:9d:
31:61:c1:9a:6b:a5:35:84:fe:31:11:93:fc:4b:ed:6b:af:ad:
06:71:e0:67:a2:bb:40:1e:dd:5d:0d:54:e2:50:b8:8e:95:4a:
90:e6:e2:ea:55:f2:1b:43:a2:99:ca:fe:93:60:56:c6:c3:5c:
bc:78:e2:36:7d:bc:08:74:08:e0:e3:a6:5e:c1:79:4d:4d:98:
ab:c0:bd:34:06:39:fa:9f:5f:ea:f4:60:4f:d6:ef:9a:a5:53:
c2:ac:0d:b0:aa:69:67:cc:ff:6a:b0:c7:86:05:82:93:bc:d7:
e4:18:ab:72:71:f3:55:0d:e8:f2:96:b5:bb:7c:67:ef:26:a1:
dc:9d:6d:02:2d:de:23:de:31:bf:bd:d9:15:a0:f9:87:93:cb:
8a:a0:c4:f8:0b:53:3a:f4:e2:6a:5c:66:72:15:73:bb:0e:1d:
25:06:ef:0e:8a:2f:4d:64:52:36:c6:85:39:69:51:0f:8a:ee:
c8:2f:e1:a1:78:39:14:4a:72:4a:73:1c:d2:e4:12:35:56:fa:
48:1d:aa:a7
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY4jN5lxEgTxx67R+MnirPvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzA5MTIzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBjMjE1MGU3MGMxOWU0YzFiZmM4YTQxMDI0MDA0YWU3NGUzOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHh/70SpreBJVi+dKeF2xn1y9uZj
Bfn/9fP9iAfNe20eey53SFpI6hPAhgFfBV9So9YZ9RyWpZ2K2mHbclVJqqhKi/eR
AiDFTr7zBIQ1EVoORRrX3lAXT/RuUHQFxReuODPrmVtDa6H5HrB99+nmykBR41Pp
WEeETu1Mks2JIG+sp6Ih30cCzf0ilN6gHzB3bGdTMSSObEdx8LLnmj58OvxtuyA7
x3TfzM4OB1cObeWWs+VlGlZWV+g5qyVh+8YzAd39kxv976P9xIR7lhl8e5PP+ahu
wP9n3fvM3zSvSRoi9c1zjYUmE9mW4qih4wAN6gUBSOTO3hNS9B8thBQskQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDoMIVDnDBnkwb/IpBAkAErnTjn0MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvT2d3aFVPY01HZVRCdjhpa0VDUUFTdWRPT2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQBdw8MESGUPd2M6u6NT7yUUk2m4cx/xKOM0r5FDrSzqKiEUdcfLXJj8w81rnpsX
+cdefOM4PJ0xYcGaa6U1hP4xEZP8S+1rr60GceBnortAHt1dDVTiULiOlUqQ5uLq
VfIbQ6KZyv6TYFbGw1y8eOI2fbwIdAjg46ZewXlNTZirwL00Bjn6n1/q9GBP1u+a
pVPCrA2wqmlnzP9qsMeGBYKTvNfkGKtycfNVDejylrW7fGfvJqHcnW0CLd4j3jG/
vdkVoPmHk8uKoMT4C1M69OJqXGZyFXO7Dh0lBu8Oii9NZFI2xoU5aVEPiu7IL+Gh
eDkUSnJKcxzS5BI1VvpIHaqn
-----END CERTIFICATE-----
Generated at Wed Mar 13 19:59:47 2024 by rpki-client on console-ams.rpki-client.org