Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/OgqrenKRFv3AXzkmsvHsRZ_PDNo.roa
File: OgqrenKRFv3AXzkmsvHsRZ_PDNo.roa (raw, json)
Hash identifier: k8E+EsoalFqvjbcmsZ/sVNqvZGrLEDR4krzijszj1W8=
Subject key identifier: 3A:0A:AB:7A:72:91:16:FD:C0:5F:39:26:B2:F1:EC:45:9F:CF:0C:DA
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018CC5012BF71B41CDDD72D3C2C538A9E66C
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/OgqrenKRFv3AXzkmsvHsRZ_PDNo.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35758
IP address blocks: 45.94.138.0/24 maxlen: 24
5.253.186.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
185.114.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2b:f7:1b:41:cd:dd:72:d3:c2:c5:38:a9:e6:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0aab7a729116fdc05f3926b2f1ec459fcf0cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5c:d9:f3:5d:30:88:7e:8b:77:e0:52:38:94:
69:31:9f:71:c9:6f:4c:bb:73:a1:f0:68:cc:26:f2:
9c:f4:20:80:ab:4c:2d:d9:e4:47:a7:0b:44:f3:20:
2e:5d:2b:20:fd:b0:41:7b:50:1d:93:40:d4:5d:25:
cd:85:3c:7c:3f:e0:80:73:a8:86:74:69:de:cc:a9:
58:d5:1d:2b:67:bd:7c:48:59:22:4b:d3:00:81:8e:
61:62:07:69:32:31:14:ad:2c:f5:cb:7c:0c:14:2e:
51:55:92:d3:05:89:ec:f6:bb:a8:98:4c:44:c4:5e:
bf:ab:19:f2:37:a7:30:1b:4e:5e:48:14:bf:5a:ed:
e8:4e:6d:2c:7f:80:52:17:83:5e:0c:dc:ce:16:21:
5e:d2:4d:8f:2a:be:22:ef:0d:a7:13:cc:e2:eb:4b:
cd:ee:34:46:f6:ae:c3:3f:7c:f1:86:f5:e1:f0:50:
6e:a6:be:c2:fc:6c:39:d6:b8:3d:4e:f6:68:06:6f:
b5:52:2b:5e:28:2a:0b:78:ce:94:3c:21:c1:f4:fa:
15:33:55:a7:a5:ff:78:f0:7f:e7:39:17:8c:a7:76:
f6:df:21:c0:49:65:ce:d6:1d:13:75:d8:7d:02:5e:
33:39:12:b3:b9:c5:1c:37:bd:6d:b0:e4:b4:04:66:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0A:AB:7A:72:91:16:FD:C0:5F:39:26:B2:F1:EC:45:9F:CF:0C:DA
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/OgqrenKRFv3AXzkmsvHsRZ_PDNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
45.94.138.0/24
185.114.205.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:20:5e:ba:5c:d9:08:48:b4:b1:c1:3e:95:10:ed:4d:8a:5b:
71:01:10:e6:7d:0d:90:bb:d0:39:df:98:d8:c6:4e:22:1a:06:
a7:d6:74:0d:6d:48:6b:2e:4b:b6:eb:61:c0:ba:6e:53:50:02:
59:ce:69:e2:cd:8c:4e:97:67:b8:6d:8d:42:2b:89:3d:ca:c2:
60:73:fc:88:8e:73:a4:4f:df:81:10:dc:f6:ff:20:59:46:2c:
2e:eb:91:38:86:39:3e:37:20:bb:13:e2:97:14:33:e9:72:56:
a1:c2:32:50:fc:6b:18:9a:34:a6:55:d9:f4:72:b7:6c:14:6a:
16:a0:e0:c3:44:8d:1a:14:a5:0e:81:8f:27:36:93:cd:39:4f:
e9:6a:a5:be:03:00:f7:4b:60:fb:4b:71:71:94:d7:6a:55:59:
22:ca:8f:85:61:52:e9:36:14:d4:72:e0:59:84:41:6f:ca:9c:
c5:d4:8f:79:9a:80:e3:fd:79:85:51:c5:73:cc:ea:99:1a:24:
10:bd:73:7c:2c:83:f3:ce:04:db:09:55:e9:51:f4:d2:1a:5e:
0c:01:5f:dd:f9:6e:12:72:c7:88:db:85:5e:02:ee:c0:cc:5c:
ba:bb:8b:08:58:a2:f4:df:a2:b9:a3:04:64:ee:d1:c5:72:5b:
c8:9b:da:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFASv3G0HN3XLTwsU4qeZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBhYWI3YTcyOTExNmZkYzA1ZjM5MjZiMmYxZWM0NTlmY2YwY2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1zZ810wiH6Ld+BSOJRpMZ9xyW9M
u3Oh8GjMJvKc9CCAq0wt2eRHpwtE8yAuXSsg/bBBe1Adk0DUXSXNhTx8P+CAc6iG
dGnezKlY1R0rZ718SFkiS9MAgY5hYgdpMjEUrSz1y3wMFC5RVZLTBYns9ruomExE
xF6/qxnyN6cwG05eSBS/Wu3oTm0sf4BSF4NeDNzOFiFe0k2PKr4i7w2nE8zi60vN
7jRG9q7DP3zxhvXh8FBupr7C/Gw51rg9TvZoBm+1UiteKCoLeM6UPCHB9PoVM1Wn
pf948H/nOReMp3b23yHASWXO1h0Tddh9Al4zORKzucUcN71tsOS0BGb1vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDoKq3pykRb9wF85JrLx7EWfzwzaMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvT2dxcmVuS1JGdjNBWHprbXN2SHNSWl9QRE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf26AwQA
LV6KAwQAuXLNAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQBfIF66XNkISLSxwT6V
EO1NiltxARDmfQ2Qu9A535jYxk4iGgan1nQNbUhrLku262HAum5TUAJZzmnizYxO
l2e4bY1CK4k9ysJgc/yIjnOkT9+BENz2/yBZRiwu65E4hjk+NyC7E+KXFDPpclah
wjJQ/GsYmjSmVdn0crdsFGoWoODDRI0aFKUOgY8nNpPNOU/paqW+AwD3S2D7S3Fx
lNdqVVkiyo+FYVLpNhTUcuBZhEFvypzF1I95moDj/XmFUcVzzOqZGiQQvXN8LIPz
zgTbCVXpUfTSGl4MAV/d+W4ScseI24VeAu7AzFy6u4sIWKL036K5owRk7tHFclvI
m9qM
-----END CERTIFICATE-----
Generated at Wed Feb 14 12:16:42 2024 by rpki-client on console-fra.rpki-client.org