Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O7KNNTPPivzZsszBO50Qcc2-9Ww.roa
File: O7KNNTPPivzZsszBO50Qcc2-9Ww.roa (raw, json)
Hash identifier: k2SQhUnzv7VBAyamAM2OYt2k5zbGU5qmZ0NVLSUjmiY=
Subject key identifier: 3B:B2:8D:35:33:CF:8A:FC:D9:B2:CC:C1:3B:9D:10:71:CD:BE:F5:6C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E386D38A80148F9E1105B9FD09D2D5C14
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O7KNNTPPivzZsszBO50Qcc2-9Ww.roa
Signing time: Wed 13 Mar 2024 15:27:45 +0000
ROA not before: Wed 13 Mar 2024 15:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 31.216.57.0/24 maxlen: 24
31.216.63.0/24 maxlen: 24
77.87.120.0/24 maxlen: 24
84.246.84.0/24 maxlen: 24
84.246.86.0/24 maxlen: 24
84.246.87.0/24 maxlen: 24
84.246.106.0/24 maxlen: 24
84.246.109.0/24 maxlen: 24
87.236.151.0/24 maxlen: 24
88.151.15.0/24 maxlen: 24
89.107.14.0/24 maxlen: 24
89.107.15.0/24 maxlen: 24
89.248.70.0/24 maxlen: 24
91.190.153.0/24 maxlen: 24
91.246.34.0/24 maxlen: 24
91.246.48.0/24 maxlen: 24
91.246.53.0/24 maxlen: 24
91.247.161.0/24 maxlen: 24
91.247.165.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.167.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
91.247.183.0/24 maxlen: 24
93.157.104.0/24 maxlen: 24
93.157.109.0/24 maxlen: 24
109.94.161.0/24 maxlen: 24
109.94.163.0/24 maxlen: 24
109.107.136.0/24 maxlen: 24
109.107.141.0/24 maxlen: 24
109.107.142.0/24 maxlen: 24
109.107.144.0/24 maxlen: 24
109.107.147.0/24 maxlen: 24
109.205.184.0/24 maxlen: 24
109.205.188.0/24 maxlen: 24
176.97.199.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
176.97.208.0/24 maxlen: 24
176.97.222.0/24 maxlen: 24
176.97.223.0/24 maxlen: 24
176.116.3.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
193.163.22.0/24 maxlen: 24
194.26.224.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
212.52.25.0/24 maxlen: 24
212.52.26.0/24 maxlen: 24
217.198.176.0/24 maxlen: 24
217.198.178.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
217.198.181.0/24 maxlen: 24
217.198.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 17:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:6d:38:a8:01:48:f9:e1:10:5b:9f:d0:9d:2d:5c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 13 15:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bb28d3533cf8afcd9b2ccc13b9d1071cdbef56c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:68:46:a6:94:07:c8:69:1b:a0:ce:94:72:30:
78:ae:ed:cd:42:9a:0e:41:c1:75:35:33:9c:65:bf:
16:60:80:72:93:2f:ed:7a:b4:04:aa:38:e9:82:b1:
b8:14:60:74:ca:41:eb:15:71:17:43:18:fb:73:2d:
4e:87:8d:cf:52:39:96:f1:42:1b:0e:80:00:f0:7e:
e7:65:86:c9:1f:d5:e8:40:64:48:8f:94:18:9e:ed:
86:39:4a:11:32:14:4f:0b:ac:bb:9a:d1:99:08:64:
f1:ed:c2:94:56:b4:dd:b0:28:63:53:33:c3:8e:46:
79:06:3d:ba:07:be:99:84:a2:e2:1f:a4:0a:e2:92:
0d:ec:81:58:f7:ff:bc:fb:6f:d9:05:9e:05:ae:8b:
1e:58:84:57:7e:6c:88:7f:62:38:84:d8:8f:40:27:
9e:08:8b:9a:5b:84:1f:42:97:d1:12:06:3a:74:ed:
a4:80:72:da:e9:35:69:6f:28:89:b2:7c:e3:4f:98:
45:03:cf:f0:11:b3:6a:c7:98:cb:3b:58:e1:c9:d9:
6a:ce:11:eb:4e:a9:d0:3b:c5:ce:ad:1a:3d:ba:fa:
cc:65:8f:8b:f2:d4:f9:37:43:af:cf:7c:f8:a3:76:
42:a5:03:bf:06:f0:7f:fe:36:1f:6e:a8:4c:dd:db:
31:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B2:8D:35:33:CF:8A:FC:D9:B2:CC:C1:3B:9D:10:71:CD:BE:F5:6C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O7KNNTPPivzZsszBO50Qcc2-9Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.57.0/24
31.216.63.0/24
77.87.120.0/24
84.246.84.0/24
84.246.86.0/23
84.246.106.0/24
84.246.109.0/24
87.236.151.0/24
88.151.15.0/24
89.107.14.0/23
89.248.70.0/24
91.190.153.0/24
91.246.34.0/24
91.246.48.0/24
91.246.53.0/24
91.247.161.0/24
91.247.165.0-91.247.167.255
91.247.173.0/24
91.247.183.0/24
93.157.104.0/24
93.157.109.0/24
109.94.161.0/24
109.94.163.0/24
109.107.136.0/24
109.107.141.0-109.107.142.255
109.107.144.0/24
109.107.147.0/24
109.205.184.0/24
109.205.188.0/24
176.97.199.0/24
176.97.203.0/24
176.97.208.0/24
176.97.222.0/23
176.116.3.0/24
193.160.219.0/24
193.163.22.0/24
194.26.224.0/24
194.105.60.0/24
194.107.92.0/24
212.52.25.0-212.52.26.255
217.198.176.0/24
217.198.178.0-217.198.182.255
Signature Algorithm: sha256WithRSAEncryption
20:e3:e6:92:8a:a9:d6:c9:70:a5:cd:f8:63:4a:ba:04:8b:ab:
60:57:4e:7e:8c:e0:2b:74:f3:37:29:32:37:31:c5:4e:1f:c3:
a5:99:0c:05:86:b9:b2:ad:a5:39:e6:f2:0a:01:cc:81:a1:c2:
e7:f5:c1:43:56:a5:b4:2f:b4:f1:83:53:b8:de:25:bc:c0:b6:
a0:06:7e:39:1e:5d:71:39:e8:2d:94:4d:19:e3:fb:00:2b:2d:
a2:b5:79:33:c4:e2:87:7d:e4:e7:d1:8f:e7:ff:c0:76:5f:15:
33:51:a9:66:78:a8:55:1a:da:66:3a:29:a4:66:6d:96:60:ac:
41:5b:fe:ee:00:3c:94:c9:d1:c1:ea:57:07:11:c3:90:9c:41:
26:3e:36:6c:fa:c3:a3:8d:6e:c1:88:1c:6f:5b:de:f5:19:27:
e0:8e:b6:37:5f:f5:86:ae:f6:02:0e:75:c0:a2:0c:b7:a2:65:
fb:fb:6d:a7:30:50:9c:b5:27:fb:1d:47:d8:b4:34:10:05:9c:
e0:10:10:02:10:83:1a:ae:5e:6b:0d:d3:7d:72:09:19:d8:aa:
2d:98:7d:4b:fe:5d:da:8c:90:7c:ce:ee:4f:55:d1:e5:cc:21:
63:4b:94:71:8b:31:70:dc:3b:20:8f:7d:ad:ea:5f:5c:b8:46:
25:49:72:a1
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAY44bTioAUj54RBbn9CdLVwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzEzMTUyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmIyOGQzNTMzY2Y4YWZjZDliMmNjYzEzYjlkMTA3MWNkYmVmNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWhGppQHyGkboM6UcjB4ru3NQpoO
QcF1NTOcZb8WYIByky/terQEqjjpgrG4FGB0ykHrFXEXQxj7cy1Oh43PUjmW8UIb
DoAA8H7nZYbJH9XoQGRIj5QYnu2GOUoRMhRPC6y7mtGZCGTx7cKUVrTdsChjUzPD
jkZ5Bj26B76ZhKLiH6QK4pIN7IFY9/+8+2/ZBZ4FroseWIRXfmyIf2I4hNiPQCee
CIuaW4QfQpfREgY6dO2kgHLa6TVpbyiJsnzjT5hFA8/wEbNqx5jLO1jhydlqzhHr
TqnQO8XOrRo9uvrMZY+L8tT5N0Ovz3z4o3ZCpQO/BvB//jYfbqhM3dsxGwIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFDuyjTUzz4r82bLMwTudEHHNvvVsMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTzdLTk5UUFBpdnpac3N6Qk81MFFjYzItOVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAB/YOQMEAB/YPwMEAE1XeAMEAFT2VAMEAVT2VgMEAFT2agMEAFT2bQMEAFfs
lwMEAFiXDwMEAVlrDgMEAFn4RgMEAFu+mQMEAFv2IgMEAFv2MAMEAFv2NQMEAFv3
oTAMAwQAW/elAwQDW/egAwQAW/etAwQAW/e3AwQAXZ1oAwQAXZ1tAwQAbV6hAwQA
bV6jAwQAbWuIMAwDBABta40DBABta44DBABta5ADBABta5MDBABtzbgDBABtzbwD
BACwYccDBACwYcsDBACwYdADBAGwYd4DBACwdAMDBADBoNsDBADBoxYDBADCGuAD
BADCaTwDBADCa1wwDAMEANQ0GQMEANQ0GgMEANnGsDAMAwQB2cayAwQA2ca2MA0G
CSqGSIb3DQEBCwUAA4IBAQAg4+aSiqnWyXClzfhjSroEi6tgV05+jOArdPM3KTI3
McVOH8OlmQwFhrmyraU55vIKAcyBocLn9cFDVqW0L7Txg1O43iW8wLagBn45Hl1x
OegtlE0Z4/sAKy2itXkzxOKHfeTn0Y/n/8B2XxUzUalmeKhVGtpmOimkZm2WYKxB
W/7uADyUydHB6lcHEcOQnEEmPjZs+sOjjW7BiBxvW971GSfgjrY3X/WGrvYCDnXA
ogy3omX7+22nMFCctSf7HUfYtDQQBZzgEBACEIMarl5rDdN9cgkZ2KotmH1L/l3a
jJB8zu5PVdHlzCFjS5RxizFw3Dsgj32t6l9cuEYlSXKh
-----END CERTIFICATE-----
Generated at Tue May 14 20:13:14 2024 by rpki-client on console-fra.rpki-client.org