Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/OauOlcSQNJTbyi5iFCOkgtLeH8I.roa
File: OauOlcSQNJTbyi5iFCOkgtLeH8I.roa (raw, json)
Hash identifier: Nuk+Dz6UgCCnac6fbERShpqp2YMu9d72NfTku9xTVvQ=
Subject key identifier: 39:AB:8E:95:C4:90:34:94:DB:CA:2E:62:14:23:A4:82:D2:DE:1F:C2
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 01920EEC6E6CA2C8B6F534693E6F26E0A688
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/OauOlcSQNJTbyi5iFCOkgtLeH8I.roa
Signing time: Fri 20 Sep 2024 10:13:48 +0000
ROA not before: Fri 20 Sep 2024 10:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
80.243.248.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
82.197.112.0/20 maxlen: 20
82.197.126.0/24 maxlen: 24
89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.0.0/21 maxlen: 21
89.16.8.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.24.0/21 maxlen: 21
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 21
92.49.96.0/20 maxlen: 21
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.107.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
92.49.120.0/21 maxlen: 21
92.49.125.0/24 maxlen: 24
93.176.0.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.16.0/20 maxlen: 20
93.176.32.0/20 maxlen: 20
93.176.48.0/20 maxlen: 20
109.62.0.0/17 maxlen: 24
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.4.0/22 maxlen: 22
109.62.8.0/24 maxlen: 24
109.62.9.0/24 maxlen: 24
109.62.10.0/23 maxlen: 23
109.62.12.0/23 maxlen: 23
109.62.14.0/24 maxlen: 24
109.62.15.0/24 maxlen: 24
109.62.16.0/21 maxlen: 21
109.62.24.0/23 maxlen: 23
109.62.26.0/24 maxlen: 24
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.60.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.76.0/22 maxlen: 22
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
188.115.64.0/18 maxlen: 18
188.115.64.0/19 maxlen: 19
188.115.64.0/20 maxlen: 20
188.115.80.0/20 maxlen: 20
188.115.96.0/19 maxlen: 19
188.115.96.0/21 maxlen: 21
188.115.104.0/21 maxlen: 21
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
217.175.160.0/19 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:ec:6e:6c:a2:c8:b6:f5:34:69:3e:6f:26:e0:a6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: Sep 20 10:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39ab8e95c4903494dbca2e621423a482d2de1fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8f:8a:de:b3:4b:e9:32:ba:d3:1b:2c:e8:0b:
c6:7d:db:b0:6d:75:5e:eb:ca:33:1f:45:31:34:36:
00:fe:90:ea:eb:bd:8e:8c:74:51:4f:c2:c7:2f:90:
97:11:86:c9:e1:cd:2e:76:c6:03:68:5d:ab:af:e0:
18:75:bc:90:7c:ea:9d:61:90:8b:54:31:91:03:e4:
86:c3:b1:a5:3a:cb:ab:ac:0d:34:22:12:55:75:9a:
78:2c:19:fb:b7:54:6c:11:79:21:2f:64:3e:46:8a:
59:2d:08:4e:d0:b2:c8:b2:ed:53:06:af:3c:ed:57:
40:7d:29:22:35:fb:c6:c2:99:35:eb:f8:40:8e:98:
f9:e3:bc:b6:38:11:1f:dd:80:91:b5:aa:56:a0:0b:
f5:87:eb:ee:8c:8e:df:d3:c1:20:e0:77:d2:ea:42:
57:5b:72:4e:64:3c:ec:65:99:7c:de:00:a0:90:c4:
02:e2:3e:a7:32:2b:23:e8:86:24:22:a2:06:e6:00:
37:13:32:83:ff:95:3f:d6:9e:52:2b:fe:38:e3:8f:
fb:d1:2e:a5:a3:01:0d:2f:a7:54:65:e5:64:88:80:
8a:f1:41:17:e5:4c:50:eb:e3:03:f8:a4:d9:5b:ac:
9a:b3:c4:fa:c2:a4:ac:ca:c6:9e:af:46:27:b3:81:
80:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AB:8E:95:C4:90:34:94:DB:CA:2E:62:14:23:A4:82:D2:DE:1F:C2
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/OauOlcSQNJTbyi5iFCOkgtLeH8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/18
109.62.0.0/17
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:f6:3a:18:95:da:1a:d9:b8:56:89:27:59:82:5a:3a:d5:80:
04:1e:3e:53:4c:d9:b3:e2:e9:14:51:f8:8b:48:e8:03:58:1e:
23:b2:5c:40:23:54:68:47:5a:24:7a:5f:e7:8f:f4:64:57:bb:
b8:52:94:63:1c:2c:86:09:0c:88:eb:2e:f4:b7:a2:90:ef:0a:
65:9f:cc:d6:a7:23:6d:8a:d5:5c:c8:40:ae:80:90:93:11:ad:
bd:26:d6:af:a7:5e:d7:fb:fc:c4:56:66:91:51:91:33:26:7d:
db:c3:21:eb:a8:a9:19:b5:3c:04:07:77:b1:11:3a:10:4a:a2:
58:81:a0:81:e4:36:bf:22:0b:7d:56:98:e4:a3:44:c7:84:9a:
0a:9b:49:8f:9c:5a:7d:1e:53:9c:8a:73:c7:5d:08:c7:2b:77:
19:a7:0c:60:02:56:ff:bb:ae:43:b8:e8:d6:69:56:d7:40:08:
2d:64:b1:7c:22:32:52:d7:b1:a4:7f:7c:19:49:18:24:d5:92:
0e:05:54:dc:3e:ad:81:23:4c:29:40:f2:27:2c:e1:f6:ba:36:
ba:6f:83:b4:ff:60:a2:f9:fd:fd:7f:e5:d0:ff:7f:36:53:42:
0a:81:7b:f5:1c:8d:4e:6f:90:a5:04:f5:6c:1d:79:87:3a:6f:
88:c9:c9:56
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZIO7G5sosi29TRpPm8m4KaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjQwOTIwMTAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFiOGU5NWM0OTAzNDk0ZGJjYTJlNjIxNDIzYTQ4MmQyZGUxZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5I+K3rNL6TK60xss6AvGfduwbXVe
68ozH0UxNDYA/pDq672OjHRRT8LHL5CXEYbJ4c0udsYDaF2rr+AYdbyQfOqdYZCL
VDGRA+SGw7GlOsurrA00IhJVdZp4LBn7t1RsEXkhL2Q+RopZLQhO0LLIsu1TBq88
7VdAfSkiNfvGwpk16/hAjpj547y2OBEf3YCRtapWoAv1h+vujI7f08Eg4HfS6kJX
W3JOZDzsZZl83gCgkMQC4j6nMisj6IYkIqIG5gA3EzKD/5U/1p5SK/4444/70S6l
owENL6dUZeVkiICK8UEX5UxQ6+MD+KTZW6yas8T6wqSsysaer0Yns4GATQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDmrjpXEkDSU28ouYhQjpILS3h/CMB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvT2F1T2xjU1FOSlRieWk1aUZDT2tndExlSDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQGXbAAAwQHbT4AAwQGvHNAAwQF2a+gMA0GCSqGSIb3
DQEBCwUAA4IBAQBO9joYldoa2bhWiSdZglo61YAEHj5TTNmz4ukUUfiLSOgDWB4j
slxAI1RoR1okel/nj/RkV7u4UpRjHCyGCQyI6y70t6KQ7wpln8zWpyNtitVcyECu
gJCTEa29Jtavp17X+/zEVmaRUZEzJn3bwyHrqKkZtTwEB3exEToQSqJYgaCB5Da/
Igt9Vpjko0THhJoKm0mPnFp9HlOcinPHXQjHK3cZpwxgAlb/u65DuOjWaVbXQAgt
ZLF8IjJS17Gkf3wZSRgk1ZIOBVTcPq2BI0wpQPInLOH2uja6b4O0/2Ci+f39f+XQ
/382U0IKgXv1HI1Ob5ClBPVsHXmHOm+IyclW
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:20:00 2025 by rpki-client