Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ofAB9ftdESDz9oD-zULEadLIJDA.roa
File: ofAB9ftdESDz9oD-zULEadLIJDA.roa (raw, json)
Hash identifier: rXf6y0gvlIQOSnyjfjPaKco7je4jQCOscPmxdzqzLHg=
Subject key identifier: A1:F0:01:F5:FB:5D:11:20:F3:F6:80:FE:CD:42:C4:69:D2:C8:24:30
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 01876C5C038E686565D56B841E46E95C1096
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ofAB9ftdESDz9oD-zULEadLIJDA.roa
Signing time: Mon 10 Apr 2023 18:09:42 +0000
ROA not before: Mon 10 Apr 2023 18:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
45.12.218.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.144.176.0/21 maxlen: 21
5.178.99.0/24 maxlen: 24
5.178.101.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.111.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
5.178.108.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6c:5c:03:8e:68:65:65:d5:6b:84:1e:46:e9:5c:10:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Apr 10 18:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1f001f5fb5d1120f3f680fecd42c469d2c82430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:09:cb:47:ff:c5:79:db:a7:b5:99:d7:f0:48:
f5:57:9d:7d:82:35:98:96:00:3e:43:46:18:52:5c:
3c:da:0d:54:57:0d:ae:57:e7:f4:f0:48:20:a7:5e:
52:5c:98:a6:e6:4a:d0:51:5d:76:2c:33:ff:f3:e2:
54:39:02:1a:4d:b6:a4:e6:98:b9:0c:dd:23:dd:1d:
3a:7c:e2:f5:e0:d2:fe:c2:ee:41:e6:91:2e:85:65:
c5:31:53:1a:be:b1:05:ad:82:c1:50:25:20:fb:8e:
5d:cb:20:b2:6d:49:e4:53:57:11:3d:2f:21:61:45:
60:01:05:40:01:c5:63:31:fa:19:b6:00:87:a0:d7:
0c:ea:82:6d:ca:9e:1f:fa:6f:f0:4f:ea:a9:c1:34:
da:f0:f8:10:27:6f:26:8c:25:6a:79:e6:e5:71:fb:
f3:e4:ff:1f:aa:77:0a:b1:ca:94:ed:77:03:5c:ac:
da:fb:98:5b:e9:42:f6:74:09:a7:cc:dc:d9:59:0c:
b2:af:fb:3c:b2:eb:d0:47:25:42:fb:45:24:81:a0:
78:63:4d:47:23:ff:4d:ae:8b:a3:6f:53:9c:ce:0b:
fa:aa:61:a2:e2:e3:aa:3b:7c:93:a6:56:84:1e:bf:
97:17:8e:2e:55:cc:c0:1f:cc:dc:ad:23:f1:a4:02:
07:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F0:01:F5:FB:5D:11:20:F3:F6:80:FE:CD:42:C4:69:D2:C8:24:30
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ofAB9ftdESDz9oD-zULEadLIJDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.144.176.0/21
5.178.96.0/22
5.178.101.0/24
5.178.104.0/23
5.178.108.0/24
5.178.110.0/23
31.192.240.0/21
45.12.216.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
13:37:81:f2:7f:23:39:fb:11:4d:78:a0:ae:20:6c:d8:eb:7b:
87:34:f0:ac:7d:35:b3:93:31:04:42:7e:9d:db:b7:20:64:de:
d3:a4:06:a6:1e:11:87:0b:c8:35:8d:61:c2:d1:b5:34:7f:b9:
5f:6b:ed:3e:f2:cb:e2:5d:b5:ed:7b:14:e6:bf:5f:c8:70:1b:
53:a0:bd:79:e9:71:1f:a8:66:4a:59:bc:d4:4e:a2:30:5c:e4:
bf:38:a9:e6:ae:1f:81:58:8e:cc:81:ac:65:aa:c4:52:db:79:
34:0b:88:6a:1a:44:62:4d:bf:7e:c7:36:07:ad:60:4e:92:52:
d9:7d:cf:ff:f4:17:05:86:14:e3:f6:14:83:19:50:88:b8:75:
fc:c0:bb:22:38:6c:c1:e6:fa:41:93:0a:22:cd:b4:9d:00:d9:
1d:f0:a4:f2:32:f1:f3:9a:50:b1:ef:b6:cd:a2:bd:2f:01:7d:
c5:dc:51:dd:a3:b8:47:a2:67:ba:bd:57:76:b2:0f:a9:46:01:
58:3f:49:49:18:71:00:7b:b5:79:02:58:90:db:98:63:55:e5:
56:6a:a8:89:23:9a:cc:59:d3:77:0c:c3:cc:b4:e3:43:f9:95:
7c:0b:9b:b6:bc:e8:61:95:b7:fd:ae:32:53:b3:a2:47:dd:b6:
97:7a:ae:81
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYdsXAOOaGVl1WuEHkbpXBCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwNDEwMTgwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYwMDFmNWZiNWQxMTIwZjNmNjgwZmVjZDQyYzQ2OWQyYzgyNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggnLR//FeduntZnX8Ej1V519gjWY
lgA+Q0YYUlw82g1UVw2uV+f08Eggp15SXJim5krQUV12LDP/8+JUOQIaTbak5pi5
DN0j3R06fOL14NL+wu5B5pEuhWXFMVMavrEFrYLBUCUg+45dyyCybUnkU1cRPS8h
YUVgAQVAAcVjMfoZtgCHoNcM6oJtyp4f+m/wT+qpwTTa8PgQJ28mjCVqeeblcfvz
5P8fqncKscqU7XcDXKza+5hb6UL2dAmnzNzZWQyyr/s8suvQRyVC+0UkgaB4Y01H
I/9Nroujb1Oczgv6qmGi4uOqO3yTplaEHr+XF44uVczAH8zcrSPxpAIHnQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFKHwAfX7XREg8/aA/s1CxGnSyCQwMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvb2ZBQjlmdGRFU0R6OW9ELXpVTEVhZExJSkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAwWQsAMEAgWyYAMEAAWyZQMEAQWyaAMEAAWybAMEAQWybgME
Ax/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEAEzeB8n8jOfsRTXig
riBs2Ot7hzTwrH01s5MxBEJ+ndu3IGTe06QGph4RhwvINY1hwtG1NH+5X2vtPvLL
4l217XsU5r9fyHAbU6C9eelxH6hmSlm81E6iMFzkvzip5q4fgViOzIGsZarEUtt5
NAuIahpEYk2/fsc2B61gTpJS2X3P//QXBYYU4/YUgxlQiLh1/MC7Ijhsweb6QZMK
Is20nQDZHfCk8jLx85pQse+2zaK9LwF9xdxR3aO4R6Jnur1XdrIPqUYBWD9JSRhx
AHu1eQJYkNuYY1XlVmqoiSOazFnTdwzDzLTjQ/mVfAubtrzoYZW3/a4yU7OiR922
l3qugQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:33 2023 by rpki-client on console-ams.rpki-client.org