Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OI2ObowwW34et4Bsm6WpV89EpC8.roa
File: OI2ObowwW34et4Bsm6WpV89EpC8.roa (raw, json)
Hash identifier: IYR6TV4bb4P64f3sxBW+nemFLUrqGphXnR5rXaPP+TQ=
Subject key identifier: 38:8D:8E:6E:8C:30:5B:7E:1E:B7:80:6C:9B:A5:A9:57:CF:44:A4:2F
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0187AFDC9444F667AC937CF73A07C284DEA2
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OI2ObowwW34et4Bsm6WpV89EpC8.roa
Signing time: Sun 23 Apr 2023 20:44:41 +0000
ROA not before: Sun 23 Apr 2023 20:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.144.176.0/21 maxlen: 21
5.178.99.0/24 maxlen: 24
5.178.101.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:af:dc:94:44:f6:67:ac:93:7c:f7:3a:07:c2:84:de:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Apr 23 20:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=388d8e6e8c305b7e1eb7806c9ba5a957cf44a42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:b8:73:8f:9d:5c:11:6a:f7:96:3d:91:71:
48:9d:ff:fe:39:29:6b:77:4e:45:7e:46:4f:46:9f:
e9:b7:aa:3c:60:ed:b6:ea:68:4a:d7:a8:f7:2b:42:
f3:7a:94:80:6e:ea:b8:99:eb:9c:90:bb:05:7c:4b:
6c:51:03:4c:54:9c:03:e7:20:6b:93:ce:fe:4c:f9:
f4:3c:07:dd:9d:57:70:0e:ff:9d:eb:30:fa:05:e1:
34:77:90:66:8f:83:48:0c:c3:93:eb:23:5b:ef:61:
2b:c5:e2:e0:36:7b:7c:36:af:ec:27:66:e5:4e:7c:
13:3e:f2:20:8f:62:37:49:29:f6:35:d2:d1:48:1d:
18:29:ef:f4:f9:c7:21:f0:d1:fa:45:24:7e:08:b4:
2c:a0:24:51:ca:15:36:5d:58:af:8d:df:70:d3:cb:
3b:31:f8:15:5e:37:5b:64:20:e2:ed:4b:aa:7d:ce:
83:4b:c7:ec:04:d5:d1:8b:ff:d2:c8:8b:cd:69:40:
b1:b9:dd:c6:5e:b2:99:eb:92:e4:37:01:de:79:d9:
20:0b:c4:3f:16:4d:68:de:8d:c6:b0:1f:ba:00:29:
34:6c:d2:53:29:1c:ea:d1:b1:ba:9c:4d:de:3f:24:
51:22:ab:29:4f:d8:36:ff:70:b8:e2:0e:60:29:49:
76:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8D:8E:6E:8C:30:5B:7E:1E:B7:80:6C:9B:A5:A9:57:CF:44:A4:2F
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OI2ObowwW34et4Bsm6WpV89EpC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.144.176.0/21
5.178.96.0/22
5.178.101.0/24
5.178.104.0-5.178.106.255
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
07:74:b4:8e:3f:44:5d:ed:38:e6:82:0d:0b:62:65:30:09:ba:
49:73:62:65:04:d5:31:94:d2:52:e4:14:7c:ad:08:5b:cf:63:
66:d9:94:a7:e6:3d:3e:79:81:fc:1e:95:80:ba:99:a5:ce:87:
c1:2c:93:bd:0c:46:0d:90:d8:e6:00:3b:46:83:18:47:c6:df:
71:eb:74:1f:2e:a8:b2:89:09:8a:b7:d8:86:ff:70:d2:42:ac:
e2:09:dd:5a:92:d8:8d:ba:0c:2b:c0:b4:cb:2f:5c:f3:a4:45:
be:a9:02:c1:e1:53:a6:f8:18:09:cf:a2:f7:f5:e7:1e:a2:0f:
4a:97:3e:6d:f9:4e:02:3f:de:fe:71:e8:62:53:a8:54:99:e2:
81:c2:a8:7d:f9:c8:28:9d:c5:8c:5e:bd:32:97:1d:54:2f:bb:
18:72:00:1d:f6:bb:63:21:c6:35:ad:34:2c:59:f9:b3:f9:4a:
84:f3:fa:64:d2:13:4e:d3:32:df:55:19:21:64:e3:78:35:7d:
44:9a:94:ad:c5:72:94:93:0a:19:27:fd:cf:ad:31:17:21:f3:
b3:b2:5b:8d:54:f8:2e:12:e3:6a:c5:2a:7b:fa:01:aa:e2:2b:
37:bc:95:8e:c7:05:15:d6:bc:99:5c:b8:69:32:eb:d0:9d:26:
ea:40:c0:0c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYev3JRE9mesk3z3OgfChN6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwNDIzMjA0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhkOGU2ZThjMzA1YjdlMWViNzgwNmM5YmE1YTk1N2NmNDRhNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNe4c4+dXBFq95Y9kXFInf/+OSlr
d05FfkZPRp/pt6o8YO226mhK16j3K0LzepSAbuq4meuckLsFfEtsUQNMVJwD5yBr
k87+TPn0PAfdnVdwDv+d6zD6BeE0d5Bmj4NIDMOT6yNb72ErxeLgNnt8Nq/sJ2bl
TnwTPvIgj2I3SSn2NdLRSB0YKe/0+cch8NH6RSR+CLQsoCRRyhU2XVivjd9w08s7
MfgVXjdbZCDi7Uuqfc6DS8fsBNXRi//SyIvNaUCxud3GXrKZ65LkNwHeedkgC8Q/
Fk1o3o3GsB+6ACk0bNJTKRzq0bG6nE3ePyRRIqspT9g2/3C44g5gKUl26wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDiNjm6MMFt+HreAbJulqVfPRKQvMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvT0kyT2Jvd3dXMzRldDRCc202V3BWODlFcEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAwWQsAMEAgWyYAMEAAWyZTAMAwQDBbJoAwQABbJqAwQDH8Dw
AwQCLQzYAwQCuQUkMA0GCSqGSIb3DQEBCwUAA4IBAQAHdLSOP0Rd7Tjmgg0LYmUw
CbpJc2JlBNUxlNJS5BR8rQhbz2Nm2ZSn5j0+eYH8HpWAupmlzofBLJO9DEYNkNjm
ADtGgxhHxt9x63QfLqiyiQmKt9iG/3DSQqziCd1aktiNugwrwLTLL1zzpEW+qQLB
4VOm+BgJz6L39eceog9Klz5t+U4CP97+cehiU6hUmeKBwqh9+cgoncWMXr0ylx1U
L7sYcgAd9rtjIcY1rTQsWfmz+UqE8/pk0hNO0zLfVRkhZON4NX1EmpStxXKUkwoZ
J/3PrTEXIfOzsluNVPguEuNqxSp7+gGq4is3vJWOxwUV1ryZXLhpMuvQnSbqQMAM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:33 2023 by rpki-client on console-ams.rpki-client.org