Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/OJJqk6DNeGdvDgLX9sRVRhkxUNc.roa
File: OJJqk6DNeGdvDgLX9sRVRhkxUNc.roa (raw, json)
Hash identifier: ha70cBX2sDN5h6bS8oLLuR1MvPe8tPeBS8Eo7BJZytI=
Subject key identifier: 38:92:6A:93:A0:CD:78:67:6F:0E:02:D7:F6:C4:55:46:19:31:50:D7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185FDDB082229AFC7D1C3A8A2A1F9037510
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/OJJqk6DNeGdvDgLX9sRVRhkxUNc.roa
Signing time: Sun 29 Jan 2023 14:07:48 +0000
ROA not before: Sun 29 Jan 2023 14:07:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Feb 2023 23:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fd:db:08:22:29:af:c7:d1:c3:a8:a2:a1:f9:03:75:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 29 14:07:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38926a93a0cd78676f0e02d7f6c45546193150d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:0f:c1:ca:b7:85:64:69:f8:46:3e:e3:33:
31:8e:ce:4c:d0:a2:1e:61:4d:30:9b:aa:ff:8f:33:
c1:92:3e:de:85:33:da:44:72:24:f0:d2:ce:a8:13:
ee:ca:cb:25:7d:99:92:fa:5f:6d:33:d7:71:d3:f8:
33:c6:37:c7:5f:ff:db:8d:54:5d:2a:cc:07:63:6b:
60:8d:19:09:da:2f:e8:1b:61:d8:64:be:6a:b5:97:
6a:7f:71:42:0a:59:a9:c7:b7:2b:b3:01:8d:a2:f2:
1a:99:ca:18:2d:99:e9:51:89:41:2f:e6:17:48:ef:
61:4f:49:2f:ae:76:21:a9:cf:90:8f:5b:92:ab:e1:
25:d3:28:99:da:20:86:a8:c5:62:e2:27:bb:56:f9:
8f:1c:02:1c:11:48:a3:ec:63:68:fc:de:e7:8b:30:
78:1d:3e:e9:40:81:3d:fe:4c:4e:47:ad:c2:c5:80:
6b:07:d1:53:02:13:e0:96:07:5d:0c:eb:59:4a:99:
8e:05:4b:18:cc:e9:2e:38:c6:67:78:d8:e7:16:0a:
e7:0a:f3:9a:f8:96:1d:a8:db:6c:d1:73:1e:f4:b4:
e5:a2:61:16:7d:57:cc:a4:a4:fc:57:bc:2e:15:50:
4f:8d:41:9d:9e:24:51:73:a9:42:d3:4e:49:33:0c:
c5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:92:6A:93:A0:CD:78:67:6F:0E:02:D7:F6:C4:55:46:19:31:50:D7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/OJJqk6DNeGdvDgLX9sRVRhkxUNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
62:dc:c4:37:d7:66:72:89:6f:6d:48:16:f1:7e:81:a3:58:75:
9c:7c:ed:45:ca:7f:94:35:ac:9a:ce:f8:43:bf:fd:af:42:04:
67:95:8d:cf:b7:39:4b:fd:e4:ce:e6:ba:23:e8:6e:3a:d3:4f:
c0:bb:1b:5b:65:86:2b:b9:06:a4:dd:d3:24:34:a6:c6:03:6c:
59:13:4a:fc:b2:fa:57:58:6f:a8:6f:be:48:69:8a:a7:d9:29:
e7:e1:b3:b0:92:7f:11:34:fa:97:a5:6e:31:5a:39:43:db:5f:
7f:31:c3:fb:47:ec:66:6c:4f:c9:c4:43:74:db:5d:d8:36:5d:
7d:7a:5e:1e:a5:38:87:e4:eb:c6:fb:a5:00:dc:f9:ff:e6:c8:
05:09:8e:d2:1b:92:10:69:a2:d6:0e:99:32:ac:d1:9e:f8:37:
86:ac:d1:32:45:5d:93:42:6a:fd:a9:64:12:b4:77:43:05:9f:
98:d9:e6:d9:fe:e2:5a:b6:52:c7:51:78:a8:de:aa:fc:9f:27:
25:c2:9a:69:c4:fc:a7:6e:ff:24:24:17:81:7c:b9:70:33:66:
6a:c8:53:13:bb:d7:db:82:7b:14:45:99:af:bd:19:69:66:5a:
2d:cc:cf:0b:fa:63:dc:38:4c:bc:a7:e0:42:ed:24:e9:1a:b7:
2c:88:2e:9b
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYX92wgiKa/H0cOooqH5A3UQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTI5MTQwNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODkyNmE5M2EwY2Q3ODY3NmYwZTAyZDdmNmM0NTU0NjE5MzE1MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluAPwcq3hWRp+EY+4zMxjs5M0KIe
YU0wm6r/jzPBkj7ehTPaRHIk8NLOqBPuysslfZmS+l9tM9dx0/gzxjfHX//bjVRd
KswHY2tgjRkJ2i/oG2HYZL5qtZdqf3FCClmpx7crswGNovIamcoYLZnpUYlBL+YX
SO9hT0kvrnYhqc+Qj1uSq+El0yiZ2iCGqMVi4ie7VvmPHAIcEUij7GNo/N7nizB4
HT7pQIE9/kxOR63CxYBrB9FTAhPglgddDOtZSpmOBUsYzOkuOMZneNjnFgrnCvOa
+JYdqNts0XMe9LTlomEWfVfMpKT8V7wuFVBPjUGdniRRc6lC005JMwzFcwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFDiSapOgzXhnbw4C1/bEVUYZMVDXMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvT0pKcWs2RE5lR2R2RGdMWDlzUlZSaGt4VU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMFUE
AgACME8DBwQqCwuCAAADBQEqCwuEAwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//s
AwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0GCSqGSIb3DQEB
CwUAA4IBAQBi3MQ312ZyiW9tSBbxfoGjWHWcfO1Fyn+UNayazvhDv/2vQgRnlY3P
tzlL/eTO5roj6G4600/AuxtbZYYruQak3dMkNKbGA2xZE0r8svpXWG+ob75IaYqn
2Snn4bOwkn8RNPqXpW4xWjlD219/McP7R+xmbE/JxEN0213YNl19el4epTiH5OvG
+6UA3Pn/5sgFCY7SG5IQaaLWDpkyrNGe+DeGrNEyRV2TQmr9qWQStHdDBZ+Y2ebZ
/uJatlLHUXio3qr8nyclwpppxPynbv8kJBeBfLlwM2ZqyFMTu9fbgnsURZmvvRlp
ZlotzM8L+mPcOEy8p+BC7STpGrcsiC6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org