Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/oqtwkrr4kDweB9X5ShC6Ua8Wwzc.roa
File: oqtwkrr4kDweB9X5ShC6Ua8Wwzc.roa (raw, json)
Hash identifier: 0aOEABbyK6stpUJ/frW743XmC4+c9vLggcLQZhKcEHc=
Subject key identifier: A2:AB:70:92:BA:F8:90:3C:1E:07:D5:F9:4A:10:BA:51:AF:16:C3:37
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 0192D1F43BD3DB18840AE2F6B784BBC1A6AF
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/oqtwkrr4kDweB9X5ShC6Ua8Wwzc.roa
Signing time: Mon 28 Oct 2024 07:08:17 +0000
ROA not before: Mon 28 Oct 2024 07:08:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49289
IP address blocks: 93.185.112.0/20 maxlen: 20
159.255.136.0/22 maxlen: 22
159.255.144.0/24 maxlen: 24
171.22.232.0/24 maxlen: 24
171.22.233.0/24 maxlen: 24
171.22.234.0/24 maxlen: 24
171.22.235.0/24 maxlen: 24
178.239.32.0/20 maxlen: 20
178.239.32.0/22 maxlen: 22
178.239.36.0/24 maxlen: 24
178.239.40.0/22 maxlen: 22
178.239.44.0/23 maxlen: 23
178.239.46.0/23 maxlen: 23
185.63.132.0/23 maxlen: 23
185.63.135.0/24 maxlen: 24
188.94.120.0/21 maxlen: 21
2a00:c50::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 08 Nov 2024 04:24:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d1:f4:3b:d3:db:18:84:0a:e2:f6:b7:84:bb:c1:a6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Oct 28 07:08:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2ab7092baf8903c1e07d5f94a10ba51af16c337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:11:9a:9b:65:c6:52:98:3a:18:ff:6e:8d:
b2:82:0b:ca:eb:ba:00:9a:09:ec:dd:d7:f6:bb:f0:
59:b5:ca:8f:0d:bf:aa:73:3e:30:f7:93:d6:c0:a5:
da:2b:a0:a9:00:0c:03:57:87:3f:d4:a2:8f:fc:da:
07:64:fd:0b:85:ea:79:fa:7e:fe:3f:c8:b3:88:e9:
a4:5c:6e:fb:45:57:e4:55:60:18:5f:9d:29:03:f3:
ef:aa:0a:03:37:87:53:6e:c5:b0:f0:05:65:9e:fc:
25:8a:5f:eb:fa:72:ed:e7:76:71:dd:80:0e:6b:b2:
11:04:f5:5e:fc:1c:b8:2f:4a:e1:42:6b:28:ff:49:
0f:f1:e9:d9:28:c7:50:22:5e:ab:95:1d:d1:a6:83:
ed:21:5f:ba:ce:37:43:52:4f:6d:d7:a8:db:42:ed:
40:11:f8:19:b5:1e:7f:53:a0:fc:b8:4a:19:51:bf:
1e:f4:b1:d2:d1:ce:28:95:4a:69:32:9d:d5:d9:1f:
73:4a:dd:13:50:88:b6:be:0c:d7:4f:27:61:c2:a0:
cb:0b:e2:9d:cb:36:02:cd:31:6f:ec:c5:15:c7:11:
87:f9:04:a1:12:70:f4:0e:1c:33:ef:79:37:09:ac:
db:85:5b:3f:4f:71:35:33:b5:0c:da:9d:34:cb:7b:
bc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AB:70:92:BA:F8:90:3C:1E:07:D5:F9:4A:10:BA:51:AF:16:C3:37
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/oqtwkrr4kDweB9X5ShC6Ua8Wwzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.112.0/20
159.255.136.0/22
159.255.144.0/24
171.22.232.0/22
178.239.32.0/20
185.63.132.0/23
185.63.135.0/24
188.94.120.0/21
IPv6:
2a00:c50::/29
Signature Algorithm: sha256WithRSAEncryption
38:50:dc:10:68:5a:6f:d1:70:f5:37:7e:9e:f1:83:1a:4b:32:
cd:27:b7:98:9d:97:eb:b5:91:87:cc:8c:f3:10:6a:8e:c5:a8:
e0:76:d6:8b:db:3a:1c:31:e3:2e:23:4d:67:dc:93:a6:ad:2c:
c9:04:ad:fd:01:1b:29:5b:3d:2f:3f:3d:d2:5e:d2:02:ef:1f:
93:46:ac:dd:d2:ee:25:0e:72:8a:f7:ec:cd:a9:8c:4d:b2:09:
4b:87:8f:8b:f1:6f:7b:8b:f9:87:3a:ca:eb:44:34:05:e4:96:
9d:14:e6:52:62:0d:02:86:f4:e9:93:1d:3e:f7:83:22:f2:73:
66:1c:f5:5a:49:15:06:51:74:57:fb:a1:a6:b5:80:7f:57:ef:
9c:ce:90:72:45:95:60:74:aa:91:55:b9:bb:f0:96:89:96:c9:
06:c3:7a:79:aa:29:d7:8b:d4:36:c6:b5:2c:67:75:8a:27:0b:
db:8f:31:bb:d2:0a:c1:1a:4b:77:42:7e:f0:91:6e:83:64:83:
2e:f3:da:09:8a:4f:96:e7:e8:bb:72:58:fb:29:7f:b0:89:75:
df:1c:aa:5e:3d:0d:45:0d:6e:4f:a3:8f:27:5d:d0:dd:db:98:
85:13:5c:35:40:e1:77:25:f7:87:d3:05:3d:56:b0:f0:f7:41:
b8:80:5c:35
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZLR9DvT2xiECuL2t4S7waavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjQxMDI4MDcwODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFiNzA5MmJhZjg5MDNjMWUwN2Q1Zjk0YTEwYmE1MWFmMTZjMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAQRmptlxlKYOhj/bo2yggvK67oA
mgns3df2u/BZtcqPDb+qcz4w95PWwKXaK6CpAAwDV4c/1KKP/NoHZP0Lhep5+n7+
P8iziOmkXG77RVfkVWAYX50pA/PvqgoDN4dTbsWw8AVlnvwlil/r+nLt53Zx3YAO
a7IRBPVe/By4L0rhQmso/0kP8enZKMdQIl6rlR3RpoPtIV+6zjdDUk9t16jbQu1A
EfgZtR5/U6D8uEoZUb8e9LHS0c4olUppMp3V2R9zSt0TUIi2vgzXTydhwqDLC+Kd
yzYCzTFv7MUVxxGH+QShEnD0Dhwz73k3CazbhVs/T3E1M7UM2p00y3u8bQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKKrcJK6+JA8HgfV+UoQulGvFsM3MB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvb3F0d2tycjRrRHdlQjlYNVNoQzZVYThXd3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYtOGVlMGExMmEzNTli
LzEvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEXblwAwQC
n/+IAwQAn/+QAwQCqxboAwQEsu8gAwQBuT+EAwQAuT+HAwQDvF54MA0EAgACMAcD
BQMqAAxQMA0GCSqGSIb3DQEBCwUAA4IBAQA4UNwQaFpv0XD1N36e8YMaSzLNJ7eY
nZfrtZGHzIzzEGqOxajgdtaL2zocMeMuI01n3JOmrSzJBK39ARspWz0vPz3SXtIC
7x+TRqzd0u4lDnKK9+zNqYxNsglLh4+L8W97i/mHOsrrRDQF5JadFOZSYg0ChvTp
kx0+94Mi8nNmHPVaSRUGUXRX+6GmtYB/V++czpByRZVgdKqRVbm78JaJlskGw3p5
qinXi9Q2xrUsZ3WKJwvbjzG70grBGkt3Qn7wkW6DZIMu89oJik+W5+i7clj7KX+w
iXXfHKpePQ1FDW5Po48nXdDd25iFE1w1QOF3JfeH0wU9VrDw90G4gFw1
-----END CERTIFICATE-----
Generated at Fri Nov 8 08:11:23 2024 by rpki-client on console-fra.rpki-client.org