Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_ogu96FIiqFWfoWzUQE743KSiaY.roa
File: _ogu96FIiqFWfoWzUQE743KSiaY.roa (raw, json)
Hash identifier: D78HcOlR1HCPNAgv8P28VQE/PotWISHJJDjUgf89RgU=
Subject key identifier: FE:88:2E:F7:A1:48:8A:A1:56:7E:85:B3:51:01:3B:E3:72:92:89:A6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80130D0FD2D22F6361F9F5ED5A3D34E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_ogu96FIiqFWfoWzUQE743KSiaY.roa
Signing time: Tue 02 Jan 2024 02:29:30 +0000
ROA not before: Tue 02 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199558
IP address blocks: 159.148.218.0/24 maxlen: 24
85.254.144.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
85.254.45.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
159.148.27.0/24 maxlen: 24
85.254.52.0/22 maxlen: 22
85.254.70.0/24 maxlen: 24
159.148.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 14:57:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:30:d0:fd:2d:22:f6:36:1f:9f:5e:d5:a3:d3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe882ef7a1488aa1567e85b351013be3729289a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:97:2b:c0:cb:59:7f:95:c5:99:42:0c:13:ed:
a6:7b:11:ff:a6:04:2d:b7:83:fc:7a:c6:b4:cb:4d:
e8:ed:8d:fc:e7:ca:70:b2:c4:57:1d:66:1b:01:18:
18:5a:f8:3f:60:59:c9:f6:d8:c0:af:62:35:6e:7f:
0f:bc:7d:ee:02:92:99:01:dc:3d:41:09:1c:12:5e:
4c:88:de:21:4b:a2:1d:2a:d5:75:12:0e:38:97:0e:
91:07:e0:c2:1a:fd:54:ba:8a:1d:a7:61:6d:49:06:
58:88:a1:32:a2:53:60:de:f4:87:3f:ee:46:5d:63:
f8:4b:83:49:ae:0b:79:fd:93:56:90:3f:03:3c:3b:
f2:14:35:90:b7:ab:6b:d6:f4:ef:7c:44:64:7b:0c:
87:71:a1:a9:ae:2e:2f:3a:ab:37:06:25:64:fd:6e:
95:78:2b:77:b6:bb:7b:bd:fc:e3:e4:6f:b4:79:41:
e3:36:c8:39:ad:de:87:8c:11:93:cc:13:61:f8:7e:
7b:24:f2:1b:e0:92:c2:67:7c:36:c5:f2:64:44:ad:
b8:ed:12:c4:ec:7a:6d:63:61:83:9d:90:09:3f:5f:
3a:6f:da:61:fa:2f:30:ab:b2:15:3b:73:38:22:7c:
24:c2:77:3a:f9:18:49:96:5f:3d:0b:fe:39:47:7e:
63:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:88:2E:F7:A1:48:8A:A1:56:7E:85:B3:51:01:3B:E3:72:92:89:A6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_ogu96FIiqFWfoWzUQE743KSiaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.41.0/24
85.254.45.0-85.254.46.255
85.254.52.0/22
85.254.70.0/24
85.254.144.0/24
159.148.27.0/24
159.148.89.0/24
159.148.218.0/24
159.148.233.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:9e:a1:99:7b:77:d5:5c:53:77:d4:b3:3f:bb:60:e5:d8:ca:
ba:28:17:9e:f5:55:db:64:85:cd:8f:6a:ac:01:f9:1b:dc:84:
aa:23:95:96:a6:42:a7:f2:df:a8:69:55:42:4a:93:aa:ba:70:
24:d1:35:29:49:0f:48:86:8c:ab:9c:d9:17:a4:c9:ba:5b:fe:
b3:0a:1b:a1:9c:c0:cb:c7:98:29:14:b6:1b:31:56:d0:3e:98:
3a:f3:f5:02:eb:b6:e7:f0:2b:e0:4c:1b:6c:15:8d:9e:0b:b1:
c9:a7:6c:70:54:a5:fe:39:3f:98:6a:3f:2c:75:3a:dc:ec:ef:
a8:a7:13:34:80:2a:38:79:34:3e:77:a2:72:8a:47:43:82:03:
af:cd:47:51:d3:6d:f3:dc:3b:b2:a8:ea:c8:f1:1b:d7:6f:ef:
26:fa:54:3c:07:8e:05:00:99:c4:46:09:6b:64:c4:fe:c4:79:
90:46:00:3e:2a:e3:e0:f8:d1:d5:18:25:65:c0:e4:cc:5d:aa:
11:d7:de:f3:0a:72:94:52:4f:49:d0:e3:58:44:a7:17:e1:6f:
16:7b:5d:ed:31:a4:ac:fe:7f:14:45:25:1b:42:e6:eb:56:69:
61:7f:55:4b:ff:86:94:b1:05:e6:ff:5a:a9:da:77:d7:42:81:
89:52:af:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzIATDQ/S0i9jYfn17Vo9NOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg4MmVmN2ExNDg4YWExNTY3ZTg1YjM1MTAxM2JlMzcyOTI4OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJcrwMtZf5XFmUIME+2mexH/pgQt
t4P8esa0y03o7Y3858pwssRXHWYbARgYWvg/YFnJ9tjAr2I1bn8PvH3uApKZAdw9
QQkcEl5MiN4hS6IdKtV1Eg44lw6RB+DCGv1Uuoodp2FtSQZYiKEyolNg3vSHP+5G
XWP4S4NJrgt5/ZNWkD8DPDvyFDWQt6tr1vTvfERkewyHcaGpri4vOqs3BiVk/W6V
eCt3trt7vfzj5G+0eUHjNsg5rd6HjBGTzBNh+H57JPIb4JLCZ3w2xfJkRK247RLE
7HptY2GDnZAJP186b9ph+i8wq7IVO3M4Inwkwnc6+RhJll89C/45R35j/wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFP6ILvehSIqhVn6Fs1EBO+NykommMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvX29ndTk2RklpcUZXZm9XelVRRTc0M0tTaWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVf4pMAwD
BABV/i0DBABV/i4DBAJV/jQDBABV/kYDBABV/pADBACflBsDBACflFkDBACflNoD
BACflOkwDQYJKoZIhvcNAQELBQADggEBAMOeoZl7d9VcU3fUsz+7YOXYyrooF571
Vdtkhc2PaqwB+RvchKojlZamQqfy36hpVUJKk6q6cCTRNSlJD0iGjKuc2Rekybpb
/rMKG6GcwMvHmCkUthsxVtA+mDrz9QLrtufwK+BMG2wVjZ4LscmnbHBUpf45P5hq
Pyx1Otzs76inEzSAKjh5ND53onKKR0OCA6/NR1HTbfPcO7Ko6sjxG9dv7yb6VDwH
jgUAmcRGCWtkxP7EeZBGAD4q4+D40dUYJWXA5MxdqhHX3vMKcpRST0nQ41hEpxfh
bxZ7Xe0xpKz+fxRFJRtC5utWaWF/VUv/hpSxBeb/Wqnad9dCgYlSr4w=
-----END CERTIFICATE-----
Generated at Mon Jan 29 19:47:40 2024 by rpki-client on console-fra.rpki-client.org