Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/3iOmrDDFUFPhvygPpTSOcL26K3A.roa
File: 3iOmrDDFUFPhvygPpTSOcL26K3A.roa (raw, json)
Hash identifier: CnQ/90JiNSDyavlUv0mqodsWwVjJkgG4KuFt21VtbdU=
Subject key identifier: DE:23:A6:AC:30:C5:50:53:E1:BF:28:0F:A5:34:8E:70:BD:BA:2B:70
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 01856F14EB6C1CC00F4F157311F9AC0BE2B7
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/3iOmrDDFUFPhvygPpTSOcL26K3A.roa
Signing time: Sun 01 Jan 2023 20:45:20 +0000
ROA not before: Sun 01 Jan 2023 20:45:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35228
IP address blocks: 82.132.138.0/23 maxlen: 24
82.132.216.0/22 maxlen: 24
82.132.220.0/22 maxlen: 24
82.132.224.0/22 maxlen: 24
82.132.232.0/22 maxlen: 24
82.132.228.0/22 maxlen: 24
82.132.236.0/22 maxlen: 24
82.132.240.0/22 maxlen: 24
82.132.244.0/22 maxlen: 24
82.132.248.0/23 maxlen: 24
82.132.164.0/23 maxlen: 24
82.132.162.0/23 maxlen: 24
82.132.160.0/23 maxlen: 24
82.132.168.0/23 maxlen: 24
82.132.166.0/23 maxlen: 24
82.132.172.0/23 maxlen: 24
82.132.170.0/23 maxlen: 24
82.132.174.0/23 maxlen: 24
82.132.182.0/23 maxlen: 24
82.132.180.0/23 maxlen: 24
82.132.184.0/22 maxlen: 24
82.132.199.0/24 maxlen: 24
82.132.198.0/23 maxlen: 24
82.132.210.0/23 maxlen: 24
82.132.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:eb:6c:1c:c0:0f:4f:15:73:11:f9:ac:0b:e2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Jan 1 20:45:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de23a6ac30c55053e1bf280fa5348e70bdba2b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:e8:54:f1:50:4b:07:c7:bf:d3:44:67:b7:
8c:d0:c0:7f:79:50:fa:8c:b2:16:b3:50:7c:7d:52:
18:1b:9c:34:eb:36:9f:1a:a7:ca:c4:9a:dc:f5:04:
82:14:8c:4d:83:62:f8:9d:d8:94:2f:26:da:f1:c6:
f3:d2:9d:90:29:d9:43:9c:00:75:ae:3d:01:b0:7f:
b1:13:2e:a2:9e:58:17:0c:e0:7d:1b:6a:0b:92:fa:
d9:d6:5f:24:81:f1:3e:e0:9e:ff:c6:ce:4b:44:8d:
57:57:3b:7a:59:49:8e:65:19:fd:94:cc:3d:bc:d2:
f3:ae:d8:6a:4a:1e:6d:1e:fe:4e:bf:26:e8:16:c7:
21:69:08:3f:a3:90:dc:9c:ee:a9:7a:a8:58:c9:15:
b3:cc:1b:e6:af:9f:a3:7d:20:64:f5:91:74:35:e3:
d1:d2:8d:13:da:16:20:46:e6:7a:3a:c1:fb:2f:7a:
e7:7a:84:36:3a:d1:6d:4d:f9:35:ed:7f:4c:18:84:
bb:00:1d:2a:fe:5d:ed:56:58:b1:60:1d:9a:4e:6f:
60:8d:1d:62:71:b2:59:f4:25:e9:f7:22:03:cc:06:
fc:13:01:1e:2f:d7:39:5e:f5:f1:8b:77:9b:44:ad:
ec:d8:5c:4a:20:e7:ac:76:1f:32:da:e8:6a:1c:20:
fc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:23:A6:AC:30:C5:50:53:E1:BF:28:0F:A5:34:8E:70:BD:BA:2B:70
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/3iOmrDDFUFPhvygPpTSOcL26K3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.138.0/23
82.132.160.0/20
82.132.180.0-82.132.187.255
82.132.198.0/23
82.132.210.0-82.132.249.255
Signature Algorithm: sha256WithRSAEncryption
69:56:79:57:01:a1:fe:5f:b1:7e:b7:be:6f:1a:8f:bb:2f:bc:
1b:46:d6:f4:e2:49:c7:4b:22:47:20:7b:01:18:cc:cd:57:a1:
d6:bf:22:c4:f3:99:e2:c5:e0:2d:b2:64:dc:85:33:63:aa:9f:
4b:d1:bd:80:0f:9c:b5:0d:80:c9:48:c8:a3:95:67:21:b1:4e:
79:9b:4e:06:52:b8:a2:0f:65:cb:bb:eb:6c:e2:02:82:68:91:
9d:06:d4:2f:d2:6e:85:04:bc:bc:dc:bb:b6:38:fa:d8:5f:05:
51:f1:93:fa:fc:3a:d0:50:5c:e8:bc:a7:67:44:ba:c8:9a:47:
b5:ec:91:13:25:cd:e7:fe:42:ef:0f:71:0f:de:56:64:e0:e2:
84:a7:f7:b6:ee:54:ba:a8:7d:18:29:a0:8a:5a:9b:e4:47:fd:
a6:ed:36:95:a9:a5:86:85:59:9d:77:a8:34:7c:e9:67:24:6e:
5d:62:6a:3b:09:02:66:4c:be:68:5e:a5:a8:c2:fb:48:9c:78:
68:22:77:a5:02:e0:a4:68:59:95:de:6e:6a:78:23:57:74:e8:
1f:39:ef:43:89:cc:6f:ce:b8:79:68:34:85:4c:3f:6a:bf:ad:
48:a4:47:b4:25:5f:cf:a9:26:e2:ef:56:af:0d:ae:2b:6b:6b:
9e:fd:30:98
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvFOtsHMAPTxVzEfmsC+K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjMwMTAxMjA0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIzYTZhYzMwYzU1MDUzZTFiZjI4MGZhNTM0OGU3MGJkYmEyYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6boVPFQSwfHv9NEZ7eM0MB/eVD6
jLIWs1B8fVIYG5w06zafGqfKxJrc9QSCFIxNg2L4ndiULyba8cbz0p2QKdlDnAB1
rj0BsH+xEy6inlgXDOB9G2oLkvrZ1l8kgfE+4J7/xs5LRI1XVzt6WUmOZRn9lMw9
vNLzrthqSh5tHv5OvyboFschaQg/o5DcnO6peqhYyRWzzBvmr5+jfSBk9ZF0NePR
0o0T2hYgRuZ6OsH7L3rneoQ2OtFtTfk17X9MGIS7AB0q/l3tVlixYB2aTm9gjR1i
cbJZ9CXp9yIDzAb8EwEeL9c5XvXxi3ebRK3s2FxKIOesdh8y2uhqHCD8aQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFN4jpqwwxVBT4b8oD6U0jnC9uitwMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvM2lPbXJEREZVRlBodnlnUHBUU09jTDI2SzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBUoSKAwQE
UoSgMAwDBAJShLQDBAJShLgDBAFShMYwDAMEAVKE0gMEAVKE+DANBgkqhkiG9w0B
AQsFAAOCAQEAaVZ5VwGh/l+xfre+bxqPuy+8G0bW9OJJx0siRyB7ARjMzVeh1r8i
xPOZ4sXgLbJk3IUzY6qfS9G9gA+ctQ2AyUjIo5VnIbFOeZtOBlK4og9ly7vrbOIC
gmiRnQbUL9JuhQS8vNy7tjj62F8FUfGT+vw60FBc6LynZ0S6yJpHteyREyXN5/5C
7w9xD95WZODihKf3tu5Uuqh9GCmgilqb5Ef9pu02lamlhoVZnXeoNHzpZyRuXWJq
OwkCZky+aF6lqML7SJx4aCJ3pQLgpGhZld5uangjV3ToHznvQ4nMb864eWg0hUw/
ar+tSKRHtCVfz6km4u9Wrw2uK2trnv0wmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org