Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/OCz6i2bJWwmKoxfv--xq3h0EdIE.roa
File: OCz6i2bJWwmKoxfv--xq3h0EdIE.roa (raw, json)
Hash identifier: qXneG7VL8LS0+F6oXHdHVAoUfTbpQ+5L2RAfCnwdi1U=
Subject key identifier: 38:2C:FA:8B:66:C9:5B:09:8A:A3:17:EF:FB:EC:6A:DE:1D:04:74:81
Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Certificate serial: 01856F9DB6DF875887C1E89526539BE0652E
Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/OCz6i2bJWwmKoxfv--xq3h0EdIE.roa
Signing time: Sun 01 Jan 2023 23:14:44 +0000
ROA not before: Sun 01 Jan 2023 23:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44143
IP address blocks: 188.120.112.0/22 maxlen: 22
37.19.104.0/21 maxlen: 21
188.120.118.0/24 maxlen: 24
37.19.104.0/22 maxlen: 22
188.120.117.0/24 maxlen: 24
188.120.116.0/22 maxlen: 22
188.120.116.0/24 maxlen: 24
188.120.113.0/24 maxlen: 24
37.19.110.0/24 maxlen: 24
37.19.108.0/23 maxlen: 23
37.19.107.0/24 maxlen: 24
188.120.119.0/24 maxlen: 24
95.86.48.0/21 maxlen: 21
185.37.24.0/24 maxlen: 24
185.37.24.0/22 maxlen: 22
185.37.27.0/24 maxlen: 24
185.37.26.0/24 maxlen: 24
185.37.25.0/24 maxlen: 24
188.120.96.0/24 maxlen: 24
188.120.96.0/21 maxlen: 21
188.120.98.0/24 maxlen: 24
188.120.97.0/24 maxlen: 24
188.120.104.0/21 maxlen: 21
188.120.103.0/24 maxlen: 24
188.120.102.0/24 maxlen: 24
188.120.101.0/24 maxlen: 24
188.120.100.0/24 maxlen: 24
188.120.99.0/24 maxlen: 24
77.243.16.0/21 maxlen: 21
77.243.16.0/24 maxlen: 24
77.243.24.0/22 maxlen: 22
77.243.23.0/24 maxlen: 24
77.243.22.0/24 maxlen: 24
77.243.20.0/23 maxlen: 23
77.243.20.0/22 maxlen: 22
77.243.20.0/24 maxlen: 24
77.243.19.0/24 maxlen: 24
77.243.31.0/24 maxlen: 24
77.243.30.0/24 maxlen: 24
77.243.29.0/24 maxlen: 24
77.243.28.0/22 maxlen: 22
77.243.28.0/24 maxlen: 24
2a00:61c0::/32 maxlen: 32
2a00:61c0::/29 maxlen: 29
2a00:61c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 11 Jun 2023 17:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b6:df:87:58:87:c1:e8:95:26:53:9b:e0:65:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Validity
Not Before: Jan 1 23:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=382cfa8b66c95b098aa317effbec6ade1d047481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4e:bf:b7:b4:d6:22:2b:7c:35:35:74:e8:fc:
5e:05:d0:ee:2d:49:1d:97:5f:aa:69:ec:80:4e:f7:
c0:95:bd:e3:7c:b9:88:d9:38:e5:6f:36:e9:16:37:
ba:ca:7e:75:5d:a9:86:f0:ad:b5:b6:73:2c:de:bb:
df:22:39:c9:6d:be:ee:95:03:71:d4:3b:78:d4:d1:
33:bf:d4:39:3c:45:9d:0b:50:7c:a4:59:7f:2d:7a:
6e:f2:01:e7:9e:d9:01:75:a2:7e:1d:2e:98:fa:1e:
e6:f4:e2:8b:5e:82:ca:1b:71:ef:36:a7:66:e4:6a:
e8:e5:c6:39:ce:83:62:16:50:b5:e1:53:de:e8:2b:
f3:89:55:45:4c:74:a5:37:14:d2:f0:b7:60:ef:a9:
3d:ad:b7:d5:96:61:72:7a:e2:6d:58:67:43:24:13:
77:2e:e9:28:3b:fb:8e:bd:4c:76:fc:75:13:e7:cb:
62:f0:99:b4:83:1b:a5:d8:f1:60:08:e8:5b:13:d7:
40:84:1b:06:9b:99:e2:c9:13:2b:e1:c2:6c:c6:04:
e0:3a:cf:9b:41:a7:be:e6:3b:fe:8a:50:8f:97:55:
30:4f:6a:cc:e4:16:67:12:4c:c5:ed:5a:9e:bc:53:
73:11:39:7d:27:2a:df:38:fb:84:74:3a:63:b1:31:
66:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2C:FA:8B:66:C9:5B:09:8A:A3:17:EF:FB:EC:6A:DE:1D:04:74:81
X509v3 Authority Key Identifier:
keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/OCz6i2bJWwmKoxfv--xq3h0EdIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.104.0/21
77.243.16.0/20
95.86.48.0/21
185.37.24.0/22
188.120.96.0-188.120.119.255
IPv6:
2a00:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:9c:df:1f:3d:c7:58:71:e0:31:81:ee:d1:e9:54:30:ef:56:
d8:f6:3c:bf:1f:1a:0a:66:1c:e5:d4:bd:6b:8d:ba:75:02:f3:
d9:14:1d:a3:4b:52:ee:70:a3:e6:4e:80:63:bc:3a:77:5a:71:
ef:3b:c6:55:b0:cb:e0:39:2c:f4:f8:92:4d:17:2e:8a:74:11:
b5:0e:69:cd:61:96:ae:90:18:af:73:d2:67:57:de:da:e0:b2:
08:37:22:2d:cd:16:b6:e5:d7:08:0c:34:58:e8:6d:2a:6e:c1:
e7:b1:a9:5b:65:bc:c9:47:13:fc:13:b5:e1:4b:00:53:6e:26:
92:03:a8:8e:19:64:3b:5c:7c:3a:1d:5f:2f:60:1d:ef:19:b8:
6e:ba:7d:65:4a:df:64:7d:e2:42:e3:d1:fe:73:cd:a2:94:6c:
9b:e7:38:9b:04:f6:65:ac:cd:63:0b:30:14:55:c0:85:29:a5:
b8:c6:b9:b1:7d:ce:f3:dc:c4:2b:4d:af:9a:09:91:99:5a:48:
53:bb:65:26:b4:5f:67:c0:37:6d:b8:00:bf:63:25:10:c1:6a:
a9:21:c6:4a:3a:4b:7d:13:ca:2b:07:2d:56:4d:c2:82:42:24:
92:e3:c1:e5:3b:6d:1d:31:e6:70:df:9a:5c:54:68:e2:a8:73:
ba:97:da:2e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVvnbbfh1iHweiVJlOb4GUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4
ZDVjYTUwHhcNMjMwMTAxMjMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODJjZmE4YjY2Yzk1YjA5OGFhMzE3ZWZmYmVjNmFkZTFkMDQ3NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgU6/t7TWIit8NTV06PxeBdDuLUkd
l1+qaeyATvfAlb3jfLmI2TjlbzbpFje6yn51XamG8K21tnMs3rvfIjnJbb7ulQNx
1Dt41NEzv9Q5PEWdC1B8pFl/LXpu8gHnntkBdaJ+HS6Y+h7m9OKLXoLKG3HvNqdm
5Gro5cY5zoNiFlC14VPe6CvziVVFTHSlNxTS8Ldg76k9rbfVlmFyeuJtWGdDJBN3
LukoO/uOvUx2/HUT58ti8Jm0gxul2PFgCOhbE9dAhBsGm5niyRMr4cJsxgTgOs+b
Qae+5jv+ilCPl1UwT2rM5BZnEkzF7VqevFNzETl9JyrfOPuEdDpjsTFmqwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDgs+otmyVsJiqMX7/vsat4dBHSBMB8GA1UdIwQY
MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt
YjU2MDJkM2RhOGE2LzEvT0N6NmkyYkpXd21Lb3hmdi0teHEzaDBFZElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2
LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJRNoAwQE
TfMQAwQDX1YwAwQCuSUYMAwDBAW8eGADBAO8eHAwDQQCAAIwBwMFAyoAYcAwDQYJ
KoZIhvcNAQELBQADggEBAEic3x89x1hx4DGB7tHpVDDvVtj2PL8fGgpmHOXUvWuN
unUC89kUHaNLUu5wo+ZOgGO8Ondace87xlWwy+A5LPT4kk0XLop0EbUOac1hlq6Q
GK9z0mdX3trgsgg3Ii3NFrbl1wgMNFjobSpuweexqVtlvMlHE/wTteFLAFNuJpID
qI4ZZDtcfDodXy9gHe8ZuG66fWVK32R94kLj0f5zzaKUbJvnOJsE9mWszWMLMBRV
wIUppbjGubF9zvPcxCtNr5oJkZlaSFO7ZSa0X2fAN224AL9jJRDBaqkhxko6S30T
yisHLVZNwoJCJJLjweU7bR0x5nDfmlxUaOKoc7qX2i4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:52 2024 by rpki-client on console-ams.rpki-client.org