Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Owat0I2KZbwihX-q1M4cHs5lOIA.roa
File: Owat0I2KZbwihX-q1M4cHs5lOIA.roa (raw, json)
Hash identifier: O1z2Bg31fejQI25bJk4sDpPtahd+mnCCKX0IWgeUCoU=
Subject key identifier: 3B:06:AD:D0:8D:8A:65:BC:22:85:7F:AA:D4:CE:1C:1E:CE:65:38:80
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01880080513309010E29D605CDB99444B021
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Owat0I2KZbwihX-q1M4cHs5lOIA.roa
Signing time: Tue 09 May 2023 12:33:09 +0000
ROA not before: Tue 09 May 2023 12:33:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.120.0/22 maxlen: 22
77.36.124.0/22 maxlen: 22
176.112.80.0/23 maxlen: 23
176.112.82.0/23 maxlen: 23
178.159.144.0/23 maxlen: 23
176.113.184.0/22 maxlen: 22
176.113.188.0/22 maxlen: 22
81.161.2.0/23 maxlen: 23
81.161.0.0/23 maxlen: 23
176.116.36.0/22 maxlen: 22
176.116.32.0/22 maxlen: 22
64.43.100.0/22 maxlen: 22
64.43.104.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
31.131.8.0/23 maxlen: 23
31.131.10.0/23 maxlen: 23
176.96.52.0/22 maxlen: 22
77.36.24.0/22 maxlen: 22
91.246.176.0/22 maxlen: 22
91.246.180.0/22 maxlen: 22
176.111.162.0/23 maxlen: 23
176.111.160.0/23 maxlen: 23
93.120.16.0/22 maxlen: 22
93.120.20.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:00:80:51:33:09:01:0e:29:d6:05:cd:b9:94:44:b0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 9 12:33:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b06add08d8a65bc22857faad4ce1c1ece653880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e9:0c:75:0a:3f:9f:60:c0:b4:26:17:65:64:
77:8d:fb:75:ec:b7:38:fd:c0:34:14:fa:d5:38:c0:
4e:ea:8f:ad:56:5c:33:5e:81:71:a6:c0:29:e5:80:
cb:45:aa:c2:ca:06:e3:f5:9c:96:d8:c8:bf:c2:5f:
61:d7:42:77:9d:b0:26:35:b7:90:d1:33:d7:fc:a2:
c2:33:a3:22:49:db:c7:6c:8c:95:9a:90:10:e2:21:
c3:f9:15:74:ac:a8:49:f9:fa:4b:ed:f1:d8:13:83:
f7:49:77:59:83:0c:85:9e:38:e7:7d:58:b7:84:1c:
dd:8d:25:60:d4:be:51:28:cc:da:fd:b3:9c:75:c5:
e3:3f:0f:a4:39:e2:70:a1:ad:7a:a2:97:b7:af:07:
21:bd:c3:ae:ed:08:59:76:fa:50:28:78:ec:49:d6:
30:ac:c3:b0:7c:0f:56:b6:c2:c2:09:c3:05:5b:88:
c4:80:ef:af:91:c2:56:33:c4:6b:00:18:d2:9f:fa:
f3:41:8e:c8:be:d0:19:75:7a:86:ee:78:02:f9:88:
70:86:2f:e9:a7:73:65:6e:8a:e2:9d:fd:f4:29:d7:
5a:68:aa:c3:de:36:ea:58:a1:fd:b1:7c:c2:15:a5:
47:a1:df:26:96:35:30:b8:43:67:b1:2c:1d:ec:f8:
62:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:06:AD:D0:8D:8A:65:BC:22:85:7F:AA:D4:CE:1C:1E:CE:65:38:80
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Owat0I2KZbwihX-q1M4cHs5lOIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
64.43.100.0-64.43.111.255
64.43.116.0/22
77.36.24.0/22
77.36.120.0/21
81.161.0.0/22
91.246.176.0/21
93.120.16.0/21
176.96.52.0/22
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.32.0/21
178.159.144.0/23
Signature Algorithm: sha256WithRSAEncryption
07:15:95:78:43:00:e1:2c:1b:f2:a8:35:65:e3:81:e4:9b:bd:
41:27:47:83:90:0a:da:19:72:0c:4a:cd:2e:87:9c:0a:54:42:
cd:b7:c4:b4:ff:07:b6:7d:83:ef:27:f5:4f:80:82:3d:b4:22:
e1:38:e5:18:52:cc:8c:93:c4:37:0c:a8:97:53:02:23:8b:37:
38:56:00:e3:3f:36:2a:c1:97:00:12:0d:fa:c5:93:ee:8d:7c:
3c:87:e5:e2:8c:13:c5:73:af:70:62:76:81:1f:46:b8:94:00:
1c:cb:67:82:ac:68:82:e7:15:1f:95:2b:aa:04:a9:4b:df:e4:
23:15:fb:09:1b:73:5e:46:d6:83:34:5b:04:f7:49:77:96:a0:
1f:ec:5d:7f:5c:dc:71:7d:b9:63:f0:bc:86:d8:65:ee:db:7b:
a7:80:b8:01:8c:6e:32:f6:12:bf:28:5a:8e:6e:42:31:41:f8:
77:87:a4:7a:76:6f:07:7c:56:eb:10:8b:07:e5:1d:28:8d:2b:
1e:72:78:29:c6:e6:36:dd:10:d9:d1:99:a1:ff:bd:7b:e0:c6:
34:78:04:b1:2d:f6:2f:3e:ed:e7:ae:e9:21:1f:ac:e2:6f:ee:
ad:bc:b1:df:b3:18:eb:5e:eb:c5:e9:e5:4f:f9:ff:8f:87:ba:
69:0f:e7:67
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYgAgFEzCQEOKdYFzbmURLAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTA5MTIzMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA2YWRkMDhkOGE2NWJjMjI4NTdmYWFkNGNlMWMxZWNlNjUzODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ukMdQo/n2DAtCYXZWR3jft17Lc4
/cA0FPrVOMBO6o+tVlwzXoFxpsAp5YDLRarCygbj9ZyW2Mi/wl9h10J3nbAmNbeQ
0TPX/KLCM6MiSdvHbIyVmpAQ4iHD+RV0rKhJ+fpL7fHYE4P3SXdZgwyFnjjnfVi3
hBzdjSVg1L5RKMza/bOcdcXjPw+kOeJwoa16ope3rwchvcOu7QhZdvpQKHjsSdYw
rMOwfA9WtsLCCcMFW4jEgO+vkcJWM8RrABjSn/rzQY7IvtAZdXqG7ngC+Yhwhi/p
p3Nlborinf30KddaaKrD3jbqWKH9sXzCFaVHod8mljUwuENnsSwd7PhisQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDsGrdCNimW8IoV/qtTOHB7OZTiAMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvT3dhdDBJMktaYndpaFgtcTFNNGNIczVsT0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQCH4MIMAwD
BAJAK2QDBARAK2ADBAJAK3QDBAJNJBgDBANNJHgDBAJRoQADBANb9rADBANdeBAD
BAKwYDQDBAKwb6ADBAKwcFADBAOwcbgDBAOwdCADBAGyn5AwDQYJKoZIhvcNAQEL
BQADggEBAAcVlXhDAOEsG/KoNWXjgeSbvUEnR4OQCtoZcgxKzS6HnApUQs23xLT/
B7Z9g+8n9U+Agj20IuE45RhSzIyTxDcMqJdTAiOLNzhWAOM/NirBlwASDfrFk+6N
fDyH5eKME8Vzr3BidoEfRriUABzLZ4KsaILnFR+VK6oEqUvf5CMV+wkbc15G1oM0
WwT3SXeWoB/sXX9c3HF9uWPwvIbYZe7be6eAuAGMbjL2Er8oWo5uQjFB+HeHpHp2
bwd8VusQiwflHSiNKx5yeCnG5jbdENnRmaH/vXvgxjR4BLEt9i8+7eeu6SEfrOJv
7q28sd+zGOte68Xp5U/5/4+HumkP52c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org