Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/OyZ0FL3uBc2hC8AUSb2svOTPH8Q.roa
File: OyZ0FL3uBc2hC8AUSb2svOTPH8Q.roa (raw, json)
Hash identifier: TMNW0MPQK4gOTR3ia6CgD/2pOluQK7zGi4W6L4st9Sw=
Subject key identifier: 3B:26:74:14:BD:EE:05:CD:A1:0B:C0:14:49:BD:AC:BC:E4:CF:1F:C4
Certificate issuer: /CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Certificate serial: 01856C6EEB86667447F93F438FBBE411FBD6
Authority key identifier: 5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/OyZ0FL3uBc2hC8AUSb2svOTPH8Q.roa
Signing time: Sun 01 Jan 2023 08:24:46 +0000
ROA not before: Sun 01 Jan 2023 08:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12676
IP address blocks: 88.205.96.0/19 maxlen: 24
185.90.228.0/22 maxlen: 22
88.205.0.0/20 maxlen: 21
212.46.96.0/19 maxlen: 24
213.9.0.0/17 maxlen: 17
2a02:4c07:4000::/34 maxlen: 34
2a02:4c07:8000::/34 maxlen: 34
2a02:4c00::/40 maxlen: 40
2a02:4c00:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:eb:86:66:74:47:f9:3f:43:8f:bb:e4:11:fb:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a68d699d1a9457c78acfbec004f98677aa4cc16
Validity
Not Before: Jan 1 08:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b267414bdee05cda10bc01449bdacbce4cf1fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:50:15:92:8e:62:4d:28:3a:6c:1e:85:2d:2d:
e7:44:d7:cc:0a:81:ea:66:58:c4:58:4a:db:ec:b6:
d5:a8:e1:f0:38:ba:ef:d0:a6:3c:3b:0c:dd:66:ec:
f7:0d:85:11:c4:2f:d3:a5:f1:86:3b:5b:11:7f:5d:
58:05:4f:ff:1c:9a:4d:05:b3:58:86:cc:53:5a:78:
73:02:2b:9e:ff:df:f7:da:07:5a:81:12:9d:0c:d3:
1c:87:d8:cc:8c:48:01:f5:ed:cb:21:c7:cd:14:2f:
15:a4:03:b7:82:55:58:91:87:ff:f4:93:11:7e:42:
f5:12:3f:e6:92:9a:8b:9e:32:e0:f5:98:d5:23:47:
3d:34:bd:d5:7f:d4:8e:18:d3:ab:6a:d3:33:3c:82:
4b:6d:4a:74:36:56:89:9e:02:06:53:0e:1e:54:c0:
64:e9:b6:07:c1:98:93:53:1d:34:b0:9a:96:54:53:
c1:94:7d:63:18:9d:a4:41:e2:83:1f:95:3b:8e:02:
02:04:75:95:f0:70:20:56:78:6a:9a:f3:1f:13:9d:
d2:7b:f7:0c:ad:6a:fe:7b:78:1c:ad:c9:bd:6f:96:
7e:7f:8c:c1:67:67:fd:96:5b:67:90:0d:e3:49:1c:
a7:cb:5d:b2:ab:7b:ae:00:90:a5:e3:82:f1:5c:c2:
2c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:26:74:14:BD:EE:05:CD:A1:0B:C0:14:49:BD:AC:BC:E4:CF:1F:C4
X509v3 Authority Key Identifier:
keyid:5A:68:D6:99:D1:A9:45:7C:78:AC:FB:EC:00:4F:98:67:7A:A4:CC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/OyZ0FL3uBc2hC8AUSb2svOTPH8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e28ba6-aaaf-4d33-b8dc-0aee360b0ba4/1/WmjWmdGpRXx4rPvsAE-YZ3qkzBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.205.0.0/20
88.205.96.0/19
185.90.228.0/22
212.46.96.0/19
213.9.0.0/17
IPv6:
2a02:4c00::/39
2a02:4c07:4000::-2a02:4c07:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:99:fe:b8:48:cd:51:18:44:3b:ac:2d:ab:71:85:91:ec:86:
88:5d:4d:f9:fe:46:23:0a:ec:5d:1e:84:61:91:03:c9:47:de:
08:be:3b:88:d0:29:1d:91:0c:a1:b9:58:d8:29:f1:3d:c6:9d:
99:85:fa:c5:2c:a4:78:77:b5:b9:1d:4c:5d:26:65:69:ae:0a:
5f:a2:68:5b:a9:f8:14:11:eb:47:4e:70:fa:91:4b:a7:9f:16:
bd:2d:e5:75:f7:f0:3e:13:a4:94:60:9a:a3:2a:5c:a0:14:8a:
90:64:b2:61:5b:ee:eb:af:91:63:9e:5a:05:c5:55:a9:27:e3:
2c:b8:6b:a2:ec:7c:a0:b2:1f:e0:8d:4e:f2:c2:a4:c9:18:66:
f1:d7:c3:b7:b6:54:b1:34:bb:25:a4:09:69:02:c3:59:84:2b:
33:47:f7:93:39:15:c3:6b:64:4a:33:e0:be:ec:a5:29:17:af:
f6:78:86:72:6d:f0:04:2b:b3:06:18:43:66:93:55:77:fc:34:
a4:13:54:d0:7b:53:89:f1:bc:86:c0:d2:e4:cc:c7:22:6c:64:
f1:5c:da:4b:4b:58:11:f8:f0:15:a4:fc:5f:6a:7d:03:1c:ee:
b0:2f:48:b2:64:fd:b3:b7:34:fd:28:b6:e2:56:56:5d:86:d7:
af:e1:65:87
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVsbuuGZnRH+T9Dj7vkEfvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjhkNjk5ZDFhOTQ1N2M3OGFjZmJlYzAwNGY5ODY3N2Fh
NGNjMTYwHhcNMjMwMTAxMDgyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI2NzQxNGJkZWUwNWNkYTEwYmMwMTQ0OWJkYWNiY2U0Y2YxZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1AVko5iTSg6bB6FLS3nRNfMCoHq
ZljEWErb7LbVqOHwOLrv0KY8OwzdZuz3DYURxC/TpfGGO1sRf11YBU//HJpNBbNY
hsxTWnhzAiue/9/32gdagRKdDNMch9jMjEgB9e3LIcfNFC8VpAO3glVYkYf/9JMR
fkL1Ej/mkpqLnjLg9ZjVI0c9NL3Vf9SOGNOratMzPIJLbUp0NlaJngIGUw4eVMBk
6bYHwZiTUx00sJqWVFPBlH1jGJ2kQeKDH5U7jgICBHWV8HAgVnhqmvMfE53Se/cM
rWr+e3gcrcm9b5Z+f4zBZ2f9lltnkA3jSRyny12yq3uuAJCl44LxXMIsPwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDsmdBS97gXNoQvAFEm9rLzkzx/EMB8GA1UdIwQY
MBaAFFpo1pnRqUV8eKz77ABPmGd6pMwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMt
MGFlZTM2MGIwYmE0LzEvT3laMEZMM3VCYzJoQzhBVVNiMnN2T1RQSDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lMjhiYTYtYWFhZi00ZDMzLWI4ZGMtMGFlZTM2MGIwYmE0
LzEvV21qV21kR3BSWHg0clB2c0FFLVlaM3FrekJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAkBAIAATAeAwQEWM0AAwQF
WM1gAwQCuVrkAwQF1C5gAwQH1QkAMCAEAgACMBoDBgEqAkwAADAQAwYGKgJMB0AD
BgYqAkwHgDANBgkqhkiG9w0BAQsFAAOCAQEArJn+uEjNURhEO6wtq3GFkeyGiF1N
+f5GIwrsXR6EYZEDyUfeCL47iNApHZEMoblY2CnxPcadmYX6xSykeHe1uR1MXSZl
aa4KX6JoW6n4FBHrR05w+pFLp58WvS3ldffwPhOklGCaoypcoBSKkGSyYVvu66+R
Y55aBcVVqSfjLLhroux8oLIf4I1O8sKkyRhm8dfDt7ZUsTS7JaQJaQLDWYQrM0f3
kzkVw2tkSjPgvuylKRev9niGcm3wBCuzBhhDZpNVd/w0pBNU0HtTifG8hsDS5MzH
Imxk8VzaS0tYEfjwFaT8X2p9AxzusC9IsmT9s7c0/Si24lZWXYbXr+Flhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:47 2024 by rpki-client on console-ams.rpki-client.org