Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/OHkPJh76VNYGRKmvMB5i26ECKKg.roa
File: OHkPJh76VNYGRKmvMB5i26ECKKg.roa (raw, json)
Hash identifier: LY8S5mWhDizSOolc4XF5mcV1oeikuIj4ZeT2RHwyGXM=
Subject key identifier: 38:79:0F:26:1E:FA:54:D6:06:44:A9:AF:30:1E:62:DB:A1:02:28:A8
Certificate issuer: /CN=4a2027dbb89427a8e031b90962e26e44affa5a95
Certificate serial: 0185711E43531313B4B1EDB590A175A57C38
Authority key identifier: 4A:20:27:DB:B8:94:27:A8:E0:31:B9:09:62:E2:6E:44:AF:FA:5A:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiAn27iUJ6jgMbkJYuJuRK_6WpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/OHkPJh76VNYGRKmvMB5i26ECKKg.roa
Signing time: Mon 02 Jan 2023 06:14:46 +0000
ROA not before: Mon 02 Jan 2023 06:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24800
IP address blocks: 185.96.88.0/22 maxlen: 22
185.108.252.0/22 maxlen: 22
185.108.108.0/22 maxlen: 22
185.109.76.0/22 maxlen: 22
185.109.88.0/22 maxlen: 22
185.107.168.0/22 maxlen: 22
185.96.180.0/22 maxlen: 22
185.107.176.0/22 maxlen: 22
185.109.12.0/22 maxlen: 22
185.108.100.0/22 maxlen: 22
185.109.64.0/22 maxlen: 22
2a00:4020::/32 maxlen: 32
2a00:4820::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:43:53:13:13:b4:b1:ed:b5:90:a1:75:a5:7c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a2027dbb89427a8e031b90962e26e44affa5a95
Validity
Not Before: Jan 2 06:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38790f261efa54d60644a9af301e62dba10228a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e1:71:e3:18:e2:a1:b1:4c:3b:d6:87:86:a0:
fd:e4:55:2d:ff:53:ea:71:9b:85:24:b9:6e:63:28:
4e:dc:a0:71:be:dd:f3:5c:de:3b:27:ef:ec:ed:45:
60:24:86:b8:71:24:0c:42:0e:6b:ad:bd:79:4a:91:
27:fd:fe:3c:18:a7:24:aa:53:7c:63:18:f0:ec:b3:
e0:18:e0:c7:64:b7:96:89:72:2a:3e:f3:d6:fe:a7:
02:8c:dc:bb:79:db:46:51:9b:f0:7e:21:db:d8:9a:
70:39:35:20:61:5b:bc:06:e0:b9:7c:a0:6a:f3:8f:
80:f5:3d:75:16:6f:6f:ea:18:86:00:d6:95:e0:a3:
be:6c:ac:09:df:cd:a2:ac:37:69:55:c9:f2:35:96:
e8:ae:e0:e1:bb:fc:f5:b6:21:77:ae:04:bf:41:4e:
07:fe:55:c9:79:50:a8:68:20:32:42:05:38:a9:5f:
0e:5d:8a:e6:dc:13:c2:36:00:1e:33:01:0d:c7:ff:
7b:bb:9f:1b:e5:8d:94:aa:c8:a1:7e:7e:d0:f2:80:
b5:cd:e8:8e:02:b5:56:7c:f5:ae:4d:97:6c:09:b7:
e4:a5:ca:c3:e1:2f:0c:a4:43:02:33:db:99:ef:f0:
4b:cb:40:24:ee:c2:0f:bd:74:5b:49:87:71:77:32:
f5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:79:0F:26:1E:FA:54:D6:06:44:A9:AF:30:1E:62:DB:A1:02:28:A8
X509v3 Authority Key Identifier:
keyid:4A:20:27:DB:B8:94:27:A8:E0:31:B9:09:62:E2:6E:44:AF:FA:5A:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiAn27iUJ6jgMbkJYuJuRK_6WpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/OHkPJh76VNYGRKmvMB5i26ECKKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/SiAn27iUJ6jgMbkJYuJuRK_6WpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.88.0/22
185.96.180.0/22
185.107.168.0/22
185.107.176.0/22
185.108.100.0/22
185.108.108.0/22
185.108.252.0/22
185.109.12.0/22
185.109.64.0/22
185.109.76.0/22
185.109.88.0/22
IPv6:
2a00:4020::/32
2a00:4820::/32
Signature Algorithm: sha256WithRSAEncryption
72:06:4c:27:94:7c:d5:a6:49:b0:69:23:28:58:82:3b:45:5d:
dc:9c:95:e5:0d:66:f2:15:28:44:34:c9:86:24:90:a8:a6:09:
da:3b:7c:19:7b:64:43:a0:e5:47:63:e3:82:72:85:8a:b4:d0:
5c:91:f5:02:8b:10:7c:04:57:b9:ca:a8:17:d7:38:dc:5c:96:
39:be:75:95:c0:29:1a:79:70:06:89:89:c3:39:39:1b:93:a2:
ac:41:44:69:83:d9:00:50:cf:86:72:11:67:8f:4d:11:2a:2d:
e1:1f:da:3b:aa:4f:cf:1a:58:e8:2a:6d:48:fc:65:8b:79:a6:
4a:8a:18:8a:a8:10:f4:63:64:31:24:0e:53:4e:06:66:cc:09:
d0:7b:5c:aa:5a:55:3b:44:46:7a:c9:e5:13:05:a4:94:b3:9f:
4e:50:f4:cc:0a:5a:12:29:3d:42:26:13:e1:09:55:81:95:63:
0e:c6:75:77:5b:68:db:c3:d9:0e:f1:fc:92:2e:1e:3a:3e:90:
04:cb:ff:58:b4:4a:af:45:01:e0:80:2d:cd:1d:ff:c0:10:9b:
d6:2d:ee:4a:bb:91:11:d4:21:92:6c:be:d5:79:6a:44:aa:8a:
af:98:1d:4a:c6:26:d5:89:b9:5d:bd:06:c8:d0:50:83:6f:3c:
6a:a1:45:a3
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVxHkNTExO0se21kKF1pXw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjAyN2RiYjg5NDI3YThlMDMxYjkwOTYyZTI2ZTQ0YWZm
YTVhOTUwHhcNMjMwMTAyMDYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc5MGYyNjFlZmE1NGQ2MDY0NGE5YWYzMDFlNjJkYmExMDIyOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuFx4xjiobFMO9aHhqD95FUt/1Pq
cZuFJLluYyhO3KBxvt3zXN47J+/s7UVgJIa4cSQMQg5rrb15SpEn/f48GKckqlN8
Yxjw7LPgGODHZLeWiXIqPvPW/qcCjNy7edtGUZvwfiHb2JpwOTUgYVu8BuC5fKBq
84+A9T11Fm9v6hiGANaV4KO+bKwJ382irDdpVcnyNZboruDhu/z1tiF3rgS/QU4H
/lXJeVCoaCAyQgU4qV8OXYrm3BPCNgAeMwENx/97u58b5Y2Uqsihfn7Q8oC1zeiO
ArVWfPWuTZdsCbfkpcrD4S8MpEMCM9uZ7/BLy0Ak7sIPvXRbSYdxdzL1MwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDh5DyYe+lTWBkSprzAeYtuhAiioMB8GA1UdIwQY
MBaAFEogJ9u4lCeo4DG5CWLibkSv+lqVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lBbjI3aVVKNmpnTWJrSll1SnVSS182V3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80NzExYTEtNGQyNS00N2U2LWFjZjct
YjA3MTJhYjBiMDc3LzEvT0hrUEpoNzZWTllHUkttdk1CNWkyNkVDS0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80NzExYTEtNGQyNS00N2U2LWFjZjctYjA3MTJhYjBiMDc3
LzEvU2lBbjI3aVVKNmpnTWJrSll1SnVSS182V3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCuWBYAwQC
uWC0AwQCuWuoAwQCuWuwAwQCuWxkAwQCuWxsAwQCuWz8AwQCuW0MAwQCuW1AAwQC
uW1MAwQCuW1YMBQEAgACMA4DBQAqAEAgAwUAKgBIIDANBgkqhkiG9w0BAQsFAAOC
AQEAcgZMJ5R81aZJsGkjKFiCO0Vd3JyV5Q1m8hUoRDTJhiSQqKYJ2jt8GXtkQ6Dl
R2PjgnKFirTQXJH1AosQfARXucqoF9c43FyWOb51lcApGnlwBomJwzk5G5OirEFE
aYPZAFDPhnIRZ49NESot4R/aO6pPzxpY6CptSPxli3mmSooYiqgQ9GNkMSQOU04G
ZswJ0HtcqlpVO0RGesnlEwWklLOfTlD0zApaEik9QiYT4QlVgZVjDsZ1d1to28PZ
DvH8ki4eOj6QBMv/WLRKr0UB4IAtzR3/wBCb1i3uSruREdQhkmy+1XlqRKqKr5gd
SsYm1Ym5Xb0GyNBQg288aqFFow==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:10 2024 by rpki-client on console-ams.rpki-client.org