Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kdt4jmd-fZ3B6BchEMc95V0h-OA.roa
File: kdt4jmd-fZ3B6BchEMc95V0h-OA.roa (raw, json)
Hash identifier: tOAOzPkUNFHcTfpm8im8c79WDSgY5pORA8om36mMCmA=
Subject key identifier: 91:DB:78:8E:67:7E:7D:9D:C1:E8:17:21:10:C7:3D:E5:5D:21:F8:E0
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 01856D786CCD9E30805436616E6823CB6006
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kdt4jmd-fZ3B6BchEMc95V0h-OA.roa
Signing time: Sun 01 Jan 2023 13:14:46 +0000
ROA not before: Sun 01 Jan 2023 13:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
185.182.192.0/24 maxlen: 24
62.112.8.0/22 maxlen: 24
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
185.21.63.0/24 maxlen: 24
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
80.79.4.0/22 maxlen: 22
185.100.232.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
185.185.51.0/24 maxlen: 24
185.185.50.0/24 maxlen: 24
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/21 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 03 Jan 2023 09:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:6c:cd:9e:30:80:54:36:61:6e:68:23:cb:60:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Jan 1 13:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91db788e677e7d9dc1e8172110c73de55d21f8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7f:9d:83:b8:00:28:14:7a:c2:10:e3:35:ec:
8f:7c:54:78:e5:e0:6b:cf:6b:d4:c7:38:8c:22:69:
aa:69:a4:a2:b0:49:13:6c:53:ff:67:26:1c:fc:d3:
ba:fe:9f:d9:36:fc:7f:1a:14:cf:e6:9a:15:96:38:
b5:98:25:f4:e0:2f:88:04:6d:20:85:e2:2c:43:5c:
d6:2d:7a:f2:62:71:17:e1:d0:9a:1f:a9:11:96:e3:
cf:4f:da:18:91:84:dc:88:16:f1:31:45:07:f2:a7:
b1:7c:a6:2d:57:02:4d:0a:6a:86:b1:90:7e:10:43:
91:f7:83:f9:29:62:f4:c4:3b:03:dc:4d:84:66:d0:
c2:26:2c:35:57:db:6a:2c:8f:b4:79:65:20:06:76:
ec:eb:69:d1:ad:d0:c3:05:12:a3:f0:2a:fb:1f:68:
88:1e:e7:3d:46:f6:9a:4b:44:4b:18:e4:83:91:d2:
c6:7a:f9:0d:06:cf:25:15:44:a7:7b:ba:f1:54:d6:
9b:1f:40:76:e8:9e:64:4b:70:3e:c3:ac:ae:74:cc:
b6:83:2d:ab:8e:fb:93:6f:18:e3:b2:e9:b4:bb:75:
08:ef:a8:43:ac:71:5d:f6:01:e7:d0:36:48:3a:0d:
b7:9f:20:3c:80:d1:f3:6c:da:64:6f:ff:fc:c8:a7:
98:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DB:78:8E:67:7E:7D:9D:C1:E8:17:21:10:C7:3D:E5:5D:21:F8:E0
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/kdt4jmd-fZ3B6BchEMc95V0h-OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
80.79.4.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.100.232.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
77:ca:fa:c6:cc:e2:fc:a7:31:6a:9e:28:d4:9d:7f:55:dc:16:
4a:d4:18:3d:51:18:75:c5:d1:09:be:03:fd:84:0e:58:36:28:
97:1c:a6:ea:de:e3:83:1d:3c:01:af:db:88:da:b4:ce:56:70:
87:ca:3f:6d:28:9b:1f:4c:f7:ec:92:bf:21:ea:8f:ff:53:ec:
86:81:c8:20:6d:3c:d1:37:10:02:c4:fd:6f:e7:58:ec:f0:5d:
a7:9a:a8:bf:8d:1f:d4:58:7a:98:60:b6:16:44:fb:e8:b2:bb:
7e:79:25:d0:40:97:12:09:89:ea:91:e3:76:29:83:e5:5b:41:
ae:bb:ec:31:56:a0:67:3e:26:1d:eb:fa:f0:4d:6a:51:a7:17:
2e:ca:57:42:c9:e3:06:1f:d1:2c:07:d9:9f:1f:50:ad:0c:0b:
02:9c:32:a8:f9:1c:b6:11:10:69:5f:e5:fa:40:90:a5:09:d1:
88:77:e2:60:20:56:ce:9b:c7:44:82:ec:3c:1f:ea:ce:d6:70:
91:d5:d4:b8:f2:39:80:d6:f4:18:0a:d6:70:f2:07:0b:b2:e7:
f0:0c:95:31:ab:14:fc:7f:9a:52:ed:d1:87:96:a3:83:61:81:
5f:b6:ce:31:ed:fb:0c:10:0a:f0:82:71:4d:59:ef:d2:52:a2:
b9:fd:bc:73
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYVteGzNnjCAVDZhbmgjy2AGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjMwMTAxMTMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRiNzg4ZTY3N2U3ZDlkYzFlODE3MjExMGM3M2RlNTVkMjFmOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH+dg7gAKBR6whDjNeyPfFR45eBr
z2vUxziMImmqaaSisEkTbFP/ZyYc/NO6/p/ZNvx/GhTP5poVlji1mCX04C+IBG0g
heIsQ1zWLXryYnEX4dCaH6kRluPPT9oYkYTciBbxMUUH8qexfKYtVwJNCmqGsZB+
EEOR94P5KWL0xDsD3E2EZtDCJiw1V9tqLI+0eWUgBnbs62nRrdDDBRKj8Cr7H2iI
Huc9RvaaS0RLGOSDkdLGevkNBs8lFUSne7rxVNabH0B26J5kS3A+w6yudMy2gy2r
jvuTbxjjsum0u3UI76hDrHFd9gHn0DZIOg23nyA8gNHzbNpkb//8yKeYWQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFJHbeI5nfn2dwegXIRDHPeVdIfjgMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEva2R0NGptZC1mWjNCNkJjaEVNYzk1VjBoLU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQC
AjuoAwQCLQ6EAwQCLVJAAwQCPnAIAwQCUE8EAwQCWSZgAwQCWSdoAwQAW+UXAwQA
W+hpAwQDXb6IAwQEbexQAwQDsoQAAwQCstrEAwQCuQJQAwQCuRU8AwQCuWToAwQC
uYSEAwQCuYSwAwQCuaXwAwQCuaxYAwQCua2gAwQCubF8AwQCubTcAwQCubbAAwQC
ubcgAwQCubjAAwQCubkwAwQCub8AAwQAwcikAwQCwlhoAwQA1AjwAwQB1AjyMAwD
BAPUCPgDBADUCPoDBAHUCPwDBATZFwAwDQQCAAIwBwMFAyoAfIAwDQYJKoZIhvcN
AQELBQADggEBAHfK+sbM4vynMWqeKNSdf1XcFkrUGD1RGHXF0Qm+A/2EDlg2KJcc
pure44MdPAGv24jatM5WcIfKP20omx9M9+ySvyHqj/9T7IaByCBtPNE3EALE/W/n
WOzwXaeaqL+NH9RYephgthZE++iyu355JdBAlxIJieqR43Ypg+VbQa677DFWoGc+
Jh3r+vBNalGnFy7KV0LJ4wYf0SwH2Z8fUK0MCwKcMqj5HLYREGlf5fpAkKUJ0Yh3
4mAgVs6bx0SC7Dwf6s7WcJHV1LjyOYDW9BgK1nDyBwuy5/AMlTGrFPx/mlLt0YeW
o4NhgV+2zjHt+wwQCvCCcU1Z79JSorn9vHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:26 2024 by rpki-client on console-ams.rpki-client.org