Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/oCmvxhfYrof6GHoLWV4T9Ht_YcE.roa
File: oCmvxhfYrof6GHoLWV4T9Ht_YcE.roa (raw, json)
Hash identifier: 7L04ciWzQKWr/A17bn3I0S5AoRW76twsBORuxSk8oQ4=
Subject key identifier: A0:29:AF:C6:17:D8:AE:87:FA:18:7A:0B:59:5E:13:F4:7B:7F:61:C1
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018C34B791F65C0475EDEDDCDDF1F25E27AA
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/oCmvxhfYrof6GHoLWV4T9Ht_YcE.roa
Signing time: Mon 04 Dec 2023 12:04:54 +0000
ROA not before: Mon 04 Dec 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16839
IP address blocks: 165.171.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
37.98.233.0/24 maxlen: 24
37.98.232.0/21 maxlen: 21
37.98.232.0/24 maxlen: 24
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.234.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.239.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.1.0/24 maxlen: 24
148.139.0.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.0.0/16 maxlen: 16
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.29.0/24 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.105.0/24 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.100.0/22 maxlen: 22
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.125.0/24 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.120.0/22 maxlen: 22
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0::/29 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:b7:91:f6:5c:04:75:ed:ed:dc:dd:f1:f2:5e:27:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Dec 4 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a029afc617d8ae87fa187a0b595e13f47b7f61c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e9:03:82:43:06:e2:4a:3b:4d:01:f4:5c:ad:
70:3e:fe:be:ca:cf:61:2c:20:e6:a1:24:b8:c6:8a:
4a:59:7b:cb:02:c0:1d:66:06:8a:b8:24:04:9c:ac:
4e:83:f1:4c:71:06:74:a9:b5:6a:ea:81:95:4e:b0:
a3:77:b0:02:1b:c6:e7:77:e0:93:dc:10:04:f2:57:
1f:e9:01:cd:e4:51:f5:8d:a1:ed:a2:ec:07:29:ae:
e2:2a:25:87:8e:1b:c2:80:38:92:5d:a9:bc:b4:8b:
56:c1:50:d0:a2:12:ec:b0:54:7d:e5:0e:4b:62:c3:
4c:86:e4:43:3c:44:02:6a:43:43:62:b7:2a:f5:0f:
01:88:5c:be:c6:dd:75:13:a7:39:03:ed:5f:82:91:
c1:b1:22:96:4b:fb:33:0e:ef:2d:d3:09:57:05:37:
8a:fd:b1:e5:c0:05:1d:7a:de:83:39:1f:31:1b:d1:
d0:94:66:0d:b8:03:50:21:f7:eb:8c:2f:df:ae:61:
88:8f:58:a0:7f:f1:2c:e4:e7:1d:25:c3:8c:49:39:
32:ed:ec:ab:2a:11:ba:ed:86:29:8b:2d:8a:39:b3:
19:a5:54:d3:3f:b5:f3:d8:94:a5:8f:ab:09:f7:db:
3f:1e:5a:93:c2:d8:2f:dc:cd:91:bc:5a:fc:ef:04:
c5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:29:AF:C6:17:D8:AE:87:FA:18:7A:0B:59:5E:13:F4:7B:7F:61:C1
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/oCmvxhfYrof6GHoLWV4T9Ht_YcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:33:c3:b4:ba:1d:1e:d1:0c:28:a3:66:e7:d4:49:84:05:65:
e4:05:95:27:d1:6d:63:d9:d2:ef:bf:6c:2a:00:66:2f:86:27:
11:a9:97:b7:e5:14:85:7d:7f:2a:f2:ad:4c:26:9d:18:84:aa:
02:91:16:be:be:96:16:31:85:8f:8d:c8:a4:14:d7:0f:5a:90:
7e:af:eb:a3:08:cb:74:8f:d1:4d:b0:a7:71:cf:81:3c:ba:11:
8f:fe:91:3e:06:d5:c3:db:8a:e3:b0:1e:43:3d:b2:62:ab:ee:
02:27:19:70:55:70:2a:c1:b5:03:7a:ec:50:23:83:23:15:8e:
7d:80:fd:31:c6:b4:77:01:e8:3c:cd:3a:28:dc:c5:40:38:ab:
ea:bc:72:87:cf:f4:69:6f:61:57:36:b6:63:06:04:5b:ea:bd:
a4:86:0e:5b:17:2f:55:5a:92:86:a9:f7:d1:43:bb:11:26:39:
e7:b2:19:ae:8a:24:79:7c:96:1f:8f:1e:e0:7b:ef:47:de:65:
97:a3:7f:c9:d5:4e:ba:f1:97:70:fc:99:6e:d1:9b:f8:eb:9b:
7c:c6:5e:1f:65:ca:74:07:38:87:0c:01:cb:76:09:c9:c0:96:
cb:6a:d7:8d:cf:06:ee:50:1a:f9:aa:b0:6f:1f:2a:cc:78:77:
02:29:37:5b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYw0t5H2XAR17e3c3fHyXieqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjMxMjA0MTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI5YWZjNjE3ZDhhZTg3ZmExODdhMGI1OTVlMTNmNDdiN2Y2MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiekDgkMG4ko7TQH0XK1wPv6+ys9h
LCDmoSS4xopKWXvLAsAdZgaKuCQEnKxOg/FMcQZ0qbVq6oGVTrCjd7ACG8bnd+CT
3BAE8lcf6QHN5FH1jaHtouwHKa7iKiWHjhvCgDiSXam8tItWwVDQohLssFR95Q5L
YsNMhuRDPEQCakNDYrcq9Q8BiFy+xt11E6c5A+1fgpHBsSKWS/szDu8t0wlXBTeK
/bHlwAUdet6DOR8xG9HQlGYNuANQIffrjC/frmGIj1igf/Es5OcdJcOMSTky7eyr
KhG67YYpiy2KObMZpVTTP7Xz2JSlj6sJ99s/HlqTwtgv3M2RvFr87wTFDQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKApr8YX2K6H+hh6C1leE/R7f2HBMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvb0NtdnhoZllyb2Y2R0hvTFdWNFQ5SHRfWWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAejeIADBAelqwAwDQQCAAIwBwMFAyoEN8AwDQYJKoZI
hvcNAQELBQADggEBAFgzw7S6HR7RDCijZufUSYQFZeQFlSfRbWPZ0u+/bCoAZi+G
JxGpl7flFIV9fyryrUwmnRiEqgKRFr6+lhYxhY+NyKQU1w9akH6v66MIy3SP0U2w
p3HPgTy6EY/+kT4G1cPbiuOwHkM9smKr7gInGXBVcCrBtQN67FAjgyMVjn2A/THG
tHcB6DzNOijcxUA4q+q8cofP9GlvYVc2tmMGBFvqvaSGDlsXL1Vakoap99FDuxEm
OeeyGa6KJHl8lh+PHuB770feZZejf8nVTrrxl3D8mW7Rm/jrm3zGXh9lynQHOIcM
Act2CcnAlstq143PBu5QGvmqsG8fKsx4dwIpN1s=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:48 2024 by rpki-client on console-ams.rpki-client.org