Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OU1dY4krNUvFGfpMFK6WWUXdwpI.roa
File: OU1dY4krNUvFGfpMFK6WWUXdwpI.roa (raw, json)
Hash identifier: rrcI95jEqhWp/xzhTF9li5bz9LV4na3o7d4U7Cq4hV0=
Subject key identifier: 39:4D:5D:63:89:2B:35:4B:C5:19:FA:4C:14:AE:96:59:45:DD:C2:92
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FE837E36F5AC9ECD0CFB93050A399B123
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OU1dY4krNUvFGfpMFK6WWUXdwpI.roa
Signing time: Wed 05 Jun 2024 11:45:27 +0000
ROA not before: Wed 05 Jun 2024 11:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
45.88.124.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 05 Jun 2024 13:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:37:e3:6f:5a:c9:ec:d0:cf:b9:30:50:a3:99:b1:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 5 11:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394d5d63892b354bc519fa4c14ae965945ddc292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:b6:c2:07:18:38:c7:95:44:d0:bd:80:c4:
10:2b:bc:ba:01:67:b3:d4:85:ac:c0:b3:e6:d3:fd:
4a:22:d3:24:34:fa:41:b9:19:c7:39:70:9b:d8:0d:
d9:6a:f5:68:ba:5b:8e:12:21:29:c1:19:9f:31:6c:
97:86:86:6a:7c:59:4d:ee:38:6e:54:89:db:71:11:
c3:5c:90:fa:72:d5:8d:cd:24:12:5f:7e:bf:d9:9a:
60:d1:30:c8:0a:e1:30:05:89:8b:d2:99:6d:32:a2:
9a:8b:57:b3:7b:1e:bd:35:ce:94:33:1c:a5:7f:23:
a3:c2:c9:6b:67:e3:85:ff:72:1a:9a:b3:59:78:94:
b9:7c:ab:3f:43:c6:d8:4f:8f:63:ba:18:b0:06:5d:
70:90:35:d0:ea:5c:6a:e6:bb:b9:7c:cf:7e:d7:a5:
9f:95:4b:b8:6a:ca:69:23:9b:c4:17:ae:b9:01:d6:
dc:3c:33:2d:23:3a:8e:84:90:57:6f:1f:5a:56:3f:
71:38:ef:7f:f1:e3:3e:5d:68:55:30:e4:47:15:eb:
80:07:df:33:65:2a:f1:cf:a7:c8:e6:42:1d:ab:a1:
2e:85:d2:4d:db:c7:e4:80:5b:37:0c:99:c6:c8:9e:
8b:84:91:26:35:2d:83:68:e4:9d:cd:a9:ed:d2:63:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4D:5D:63:89:2B:35:4B:C5:19:FA:4C:14:AE:96:59:45:DD:C2:92
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OU1dY4krNUvFGfpMFK6WWUXdwpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
45.88.124.0/22
45.143.44.0/22
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.104.0/24
195.138.106.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
13:11:7a:29:39:b2:5f:8e:01:32:e9:f2:da:39:09:a2:35:50:
d9:44:49:2c:32:07:f7:23:1d:d2:e3:12:73:41:27:59:41:73:
47:6e:69:25:f6:96:25:4d:48:97:77:63:bc:b5:00:89:08:ac:
05:8b:c7:7b:f4:61:1c:fd:6c:28:09:4d:56:58:68:8a:36:30:
2c:f2:67:95:7e:99:86:90:a0:a2:34:ce:d2:79:d6:af:56:8e:
97:df:93:ea:68:e1:57:7c:61:d6:ec:8b:77:cc:57:68:76:bd:
80:57:3d:8d:be:b7:d6:d8:be:8e:9a:59:e4:68:ab:78:de:57:
ef:3b:2b:aa:72:9d:3f:e9:c9:1d:70:54:80:b9:d2:67:5f:c3:
5e:bc:2d:a5:47:6a:00:a9:8e:e8:45:b2:20:b2:bd:23:60:e3:
57:16:74:dd:cf:07:7f:a7:70:5e:12:47:53:c2:74:b4:df:0e:
27:cd:67:fe:0f:86:d4:f6:0c:71:8a:d3:0e:a8:36:f6:ac:03:
32:9c:35:e3:bc:49:13:19:b3:a1:ee:d8:fb:c2:83:a1:9a:fd:
53:66:35:0c:c4:35:c5:27:25:bd:55:43:59:0f:c3:71:70:33:
a4:e7:92:bf:16:fb:a6:d2:f4:44:e3:fa:1c:f4:b9:17:b9:fe:
8c:b6:1b:a7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAY/oN+NvWsns0M+5MFCjmbEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjA1MTE0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRkNWQ2Mzg5MmIzNTRiYzUxOWZhNGMxNGFlOTY1OTQ1ZGRjMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ22wgcYOMeVRNC9gMQQK7y6AWez
1IWswLPm0/1KItMkNPpBuRnHOXCb2A3ZavVouluOEiEpwRmfMWyXhoZqfFlN7jhu
VInbcRHDXJD6ctWNzSQSX36/2Zpg0TDICuEwBYmL0pltMqKai1ezex69Nc6UMxyl
fyOjwslrZ+OF/3IamrNZeJS5fKs/Q8bYT49juhiwBl1wkDXQ6lxq5ru5fM9+16Wf
lUu4asppI5vEF665AdbcPDMtIzqOhJBXbx9aVj9xOO9/8eM+XWhVMORHFeuAB98z
ZSrxz6fI5kIdq6EuhdJN28fkgFs3DJnGyJ6LhJEmNS2DaOSdzant0mNbUwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFDlNXWOJKzVLxRn6TBSulllF3cKSMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvT1UxZFk0a3JOVXZGR2ZwTUZLNldXVVhkd3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BAICOAADBAIFtAQDBAIFthwDBAAtQ3UDBAMtVhADBAItWHwDBAItjywDBAItl8QD
BABVn3UDBABZJ/IDBABZKKEDBABb7zsDBABb8kYDBAJb8kgDBAFb8l4DBABb8mcw
DAMEAFvyewMEB1vyAAMEAF7nxgMEALB+3wMEArKvsAMEALkoaQMEALmt9AMEALmt
9wMEALm0kQMEALnUCwMEAMEuzAMEAcIyyAMEAcIyzgMEAMOKaDAMAwQBw4pqAwQA
w4psMAwDBADDim8DBADDinADBADDinIDBADDinQDBADDinYwDAMEAcOKegMEB8OK
AAMEAsPYnDANBgkqhkiG9w0BAQsFAAOCAQEAExF6KTmyX44BMuny2jkJojVQ2URJ
LDIH9yMd0uMSc0EnWUFzR25pJfaWJU1Il3djvLUAiQisBYvHe/RhHP1sKAlNVlho
ijYwLPJnlX6ZhpCgojTO0nnWr1aOl9+T6mjhV3xh1uyLd8xXaHa9gFc9jb631ti+
jppZ5GireN5X7zsrqnKdP+nJHXBUgLnSZ1/DXrwtpUdqAKmO6EWyILK9I2DjVxZ0
3c8Hf6dwXhJHU8J0tN8OJ81n/g+G1PYMcYrTDqg29qwDMpw147xJExmzoe7Y+8KD
oZr9U2Y1DMQ1xSclvVVDWQ/DcXAzpOeSvxb7ptL0ROP6HPS5F7n+jLYbpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org