Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/oQU7WT5ltPzx-2QuPGLsPbMT6mI.roa
File: oQU7WT5ltPzx-2QuPGLsPbMT6mI.roa (raw, json)
Hash identifier: ir5bJHZYnMDU8r9ZO0bCkCMPdB6evBZD8Ycn1dA6Fxc=
Subject key identifier: A1:05:3B:59:3E:65:B4:FC:F1:FB:64:2E:3C:62:EC:3D:B3:13:EA:62
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 01906FE6DAD4CD2730836AD628ECEF9A818A
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/oQU7WT5ltPzx-2QuPGLsPbMT6mI.roa
Signing time: Mon 01 Jul 2024 20:05:18 +0000
ROA not before: Mon 01 Jul 2024 20:05:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56884
IP address blocks: 84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
176.97.213.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
194.26.223.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
2a11:a100::/29 maxlen: 29
2a13:8e00::/29 maxlen: 29
2a13:da00::/29 maxlen: 29
2a13:fe00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Aug 2024 18:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:e6:da:d4:cd:27:30:83:6a:d6:28:ec:ef:9a:81:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jul 1 20:05:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1053b593e65b4fcf1fb642e3c62ec3db313ea62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:19:da:5d:a9:e2:a7:fc:52:b0:d2:38:cd:70:
82:49:61:3a:a3:48:e7:e2:ce:e0:b6:84:7f:0e:02:
dc:f9:58:ea:86:b9:60:6a:a3:16:41:fb:21:c9:98:
17:8a:3c:e4:95:da:70:f9:47:10:01:99:89:aa:cd:
23:74:f0:e2:fe:86:5a:b3:3d:2d:ea:cc:af:f2:e6:
5b:09:d7:54:20:3d:a3:4b:1a:fb:5e:84:92:ec:ba:
67:13:b2:a1:08:9a:9a:48:06:c8:9a:66:a5:65:a1:
27:9d:ac:09:f3:0e:f6:31:9a:0e:25:84:90:e9:10:
0c:db:a8:83:78:31:f2:ec:7e:02:53:98:97:33:86:
49:79:2c:ca:86:35:3c:7e:15:5d:dd:a3:a4:16:83:
20:96:9d:9b:3a:fe:d2:e3:75:5f:80:1a:90:ae:1c:
8c:87:00:88:ec:e7:b5:e7:fb:68:57:c8:8b:25:3f:
c0:20:b2:2c:c8:eb:cb:68:15:ca:ba:a2:ef:e1:bd:
a0:ad:8c:97:a6:61:05:fd:4e:ab:6f:6a:49:72:92:
ac:e3:8c:06:97:a6:48:25:e0:69:83:3f:28:c4:5b:
61:08:44:4b:34:82:64:ce:98:ec:a3:24:f9:62:ab:
0e:9a:3b:e4:7b:0a:26:10:17:95:12:a2:81:5e:b8:
19:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:05:3B:59:3E:65:B4:FC:F1:FB:64:2E:3C:62:EC:3D:B3:13:EA:62
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/oQU7WT5ltPzx-2QuPGLsPbMT6mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
91.247.178.0/24
176.97.213.0/24
178.23.188.0/24
194.26.223.0/24
213.232.252.0/24
IPv6:
2a11:a100::/29
2a13:8e00::/29
2a13:da00::/29
2a13:fe00::/29
Signature Algorithm: sha256WithRSAEncryption
ad:b4:cb:7c:cf:ae:25:ac:97:61:73:bf:f8:19:88:fa:bb:3a:
91:40:18:96:d0:10:b3:6f:7b:0b:20:a3:9c:93:35:aa:b9:e7:
5c:a1:08:b9:fd:f9:81:d6:0a:74:53:20:75:71:c8:7b:93:69:
49:b8:ca:eb:d7:8d:48:7f:c6:0e:07:f0:d1:12:d4:94:e3:58:
ba:c9:37:a2:e3:a2:c8:a2:0a:29:98:3b:77:a7:3d:40:75:65:
3a:70:5a:47:ed:8e:bb:80:6b:d1:6f:63:d7:8f:e3:e7:4e:2b:
a6:f0:c8:11:1a:27:10:6b:05:90:ea:e6:a0:57:f8:09:49:b9:
90:54:d3:61:e4:55:b2:10:ff:13:7d:73:37:76:41:11:0c:d4:
24:73:64:0a:1e:29:74:56:26:bf:2e:4b:c8:11:cb:33:29:b3:
11:28:2d:31:83:ec:b9:54:65:11:40:e2:6b:51:45:3b:0b:ab:
49:d3:59:46:7d:1a:19:d7:26:08:77:8d:1a:b3:fd:61:ad:ff:
b8:eb:07:33:4e:a1:0b:a7:4c:ab:2c:27:10:3b:a8:89:80:92:
76:a3:53:0d:67:e3:5c:fc:20:c8:b7:0a:56:a9:e4:68:eb:e6:
26:3e:08:d8:ed:35:67:9e:7c:76:dd:29:26:1f:52:45:43:a3:
3c:32:c1:99
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZBv5trUzScwg2rWKOzvmoGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwNzAxMjAwNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA1M2I1OTNlNjViNGZjZjFmYjY0MmUzYzYyZWMzZGIzMTNlYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBnaXanip/xSsNI4zXCCSWE6o0jn
4s7gtoR/DgLc+VjqhrlgaqMWQfshyZgXijzkldpw+UcQAZmJqs0jdPDi/oZasz0t
6syv8uZbCddUID2jSxr7XoSS7LpnE7KhCJqaSAbImmalZaEnnawJ8w72MZoOJYSQ
6RAM26iDeDHy7H4CU5iXM4ZJeSzKhjU8fhVd3aOkFoMglp2bOv7S43VfgBqQrhyM
hwCI7Oe15/toV8iLJT/AILIsyOvLaBXKuqLv4b2grYyXpmEF/U6rb2pJcpKs44wG
l6ZIJeBpgz8oxFthCERLNIJkzpjsoyT5YqsOmjvkewomEBeVEqKBXrgZQwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKEFO1k+ZbT88ftkLjxi7D2zE+piMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvb1FVN1dUNWx0UHp4LTJRdVBHTHNQYk1UNm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQAVPZvAwQA
W/eyAwQAsGHVAwQAshe8AwQAwhrfAwQA1ej8MCIEAgACMBwDBQMqEaEAAwUDKhOO
AAMFAyoT2gADBQMqE/4AMA0GCSqGSIb3DQEBCwUAA4IBAQCttMt8z64lrJdhc7/4
GYj6uzqRQBiW0BCzb3sLIKOckzWquedcoQi5/fmB1gp0UyB1cch7k2lJuMrr141I
f8YOB/DREtSU41i6yTei46LIogopmDt3pz1AdWU6cFpH7Y67gGvRb2PXj+PnTium
8MgRGicQawWQ6uagV/gJSbmQVNNh5FWyEP8TfXM3dkERDNQkc2QKHil0Via/LkvI
EcszKbMRKC0xg+y5VGURQOJrUUU7C6tJ01lGfRoZ1yYId40as/1hrf+46wczTqEL
p0yrLCcQO6iJgJJ2o1MNZ+Nc/CDItwpWqeRo6+YmPgjY7TVnnnx23SkmH1JFQ6M8
MsGZ
-----END CERTIFICATE-----
Generated at Wed Aug 28 21:40:58 2024 by rpki-client on console-ams.rpki-client.org