Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/OLpqXJLATUXfBBkWK3E4P5IPEp0.roa
File: OLpqXJLATUXfBBkWK3E4P5IPEp0.roa (raw, json)
Hash identifier: 70W6SkbPYetRe4L1Bcu8dy27Orfz10LYe+RZ3b6V54g=
Subject key identifier: 38:BA:6A:5C:92:C0:4D:45:DF:04:19:16:2B:71:38:3F:92:0F:12:9D
Certificate issuer: /CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Certificate serial: 01857267D0897FA57EEC3E0B7613EDDF7205
Authority key identifier: 84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/OLpqXJLATUXfBBkWK3E4P5IPEp0.roa
Signing time: Mon 02 Jan 2023 12:14:44 +0000
ROA not before: Mon 02 Jan 2023 12:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13036
IP address blocks: 194.108.0.0/16 maxlen: 16
195.22.32.0/19 maxlen: 19
195.39.0.0/17 maxlen: 17
62.84.128.0/19 maxlen: 19
194.149.96.0/19 maxlen: 19
195.144.96.0/19 maxlen: 19
46.13.0.0/16 maxlen: 16
213.29.0.0/16 maxlen: 16
62.209.192.0/18 maxlen: 18
212.65.192.0/18 maxlen: 18
194.213.32.0/19 maxlen: 19
193.86.0.0/16 maxlen: 16
62.77.64.0/18 maxlen: 18
194.212.0.0/16 maxlen: 16
195.47.0.0/17 maxlen: 17
194.213.192.0/19 maxlen: 19
212.47.0.0/19 maxlen: 19
213.210.128.0/18 maxlen: 18
193.85.0.0/16 maxlen: 16
62.168.0.0/18 maxlen: 18
193.179.0.0/16 maxlen: 16
195.70.128.0/19 maxlen: 19
2001:af0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:67:d0:89:7f:a5:7e:ec:3e:0b:76:13:ed:df:72:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Validity
Not Before: Jan 2 12:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38ba6a5c92c04d45df0419162b71383f920f129d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:53:2d:a9:2a:6f:89:fb:6f:0e:48:ab:34:35:
1c:c3:b5:84:ac:8b:3c:ce:94:98:3e:e8:da:89:20:
83:48:d5:95:fe:5c:07:d0:cc:e1:fd:49:b6:a1:d5:
42:1b:2b:9e:83:8a:57:66:1d:d3:99:b3:67:d4:8a:
e8:46:c9:4c:58:9b:57:45:63:61:c6:12:12:6b:c8:
4e:a9:51:b1:1d:83:1a:b9:ca:96:16:5d:0b:0d:4c:
8c:ff:a1:cc:b7:54:7b:cd:0a:b2:86:38:65:97:41:
30:65:b0:2e:57:4d:0b:60:e3:36:c5:65:18:4f:d7:
f6:dd:73:7c:65:4d:1e:81:21:05:ff:98:c5:d6:b4:
83:7c:47:d0:b4:ae:96:f1:b4:dd:a8:6c:39:30:82:
f8:bf:bd:c0:32:08:5e:40:0c:db:5b:c9:92:f1:26:
75:54:51:87:25:ee:dc:ef:b2:54:a5:f2:ff:56:44:
ac:71:7d:d4:51:97:74:87:fd:34:9f:7f:95:6c:0d:
74:33:7a:37:38:ca:20:a1:4b:df:21:3b:49:4c:46:
c3:82:81:62:0f:3e:3b:82:9b:9d:e3:7d:bc:9d:ed:
ed:ca:96:66:82:9f:90:f4:47:b2:5e:47:bc:68:82:
6d:5a:2b:5c:97:65:ea:be:6e:88:4f:9b:93:80:6f:
f5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BA:6A:5C:92:C0:4D:45:DF:04:19:16:2B:71:38:3F:92:0F:12:9D
X509v3 Authority Key Identifier:
keyid:84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/OLpqXJLATUXfBBkWK3E4P5IPEp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.13.0.0/16
62.77.64.0/18
62.84.128.0/19
62.168.0.0/18
62.209.192.0/18
193.85.0.0-193.86.255.255
193.179.0.0/16
194.108.0.0/16
194.149.96.0/19
194.212.0.0/16
194.213.32.0/19
194.213.192.0/19
195.22.32.0/19
195.39.0.0/17
195.47.0.0/17
195.70.128.0/19
195.144.96.0/19
212.47.0.0/19
212.65.192.0/18
213.29.0.0/16
213.210.128.0/18
IPv6:
2001:af0::/32
Signature Algorithm: sha256WithRSAEncryption
10:19:83:cb:e4:bc:d7:97:6b:1f:02:01:c9:1d:01:ba:05:7d:
e1:ec:c4:bc:b4:3c:55:e3:43:7e:0b:c6:7f:06:b5:d0:c8:7f:
17:d3:4d:59:f2:fa:e1:56:d3:2d:7f:57:80:cb:e6:4f:18:1a:
df:a8:13:6e:ad:b0:25:57:ba:36:f1:d4:c7:86:f5:6a:29:d4:
98:f7:07:56:8e:e0:1f:db:d4:4c:72:8b:77:a3:22:02:2e:32:
31:5a:c6:52:c5:37:69:c3:f7:6f:15:07:33:cd:ae:1f:2c:d2:
94:7c:4c:44:01:5b:8c:ce:74:9c:9f:be:cb:69:30:ed:3c:1b:
48:55:19:b5:db:f7:1d:09:31:e1:94:a6:82:af:b9:e8:14:09:
d2:3b:b6:23:4a:8c:a8:1a:45:e3:15:4c:98:89:9b:0c:0b:11:
fa:b8:d6:ee:a3:67:94:00:7a:bf:24:61:67:32:2e:84:73:24:
d7:82:c8:5d:8d:4b:5f:37:be:3d:6b:64:f3:d9:fb:69:20:d9:
5f:ca:d6:ca:91:07:d0:23:97:70:bf:ad:6b:54:58:b3:f3:d9:
e8:a4:ef:4d:e9:16:1f:d7:9b:31:b5:a3:12:d8:95:97:5f:8b:
56:51:72:05:54:c9:43:d9:83:9b:b6:a3:ca:ba:e7:a5:51:7c:
f2:3a:9f:f5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYVyZ9CJf6V+7D4LdhPt33IFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjJjZTcxYzZmZmNlODc1NjBkNTY1ZWU1Y2NkYTMxZTAx
YjljMTUwHhcNMjMwMTAyMTIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJhNmE1YzkyYzA0ZDQ1ZGYwNDE5MTYyYjcxMzgzZjkyMGYxMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1MtqSpviftvDkirNDUcw7WErIs8
zpSYPujaiSCDSNWV/lwH0Mzh/Um2odVCGyueg4pXZh3TmbNn1IroRslMWJtXRWNh
xhISa8hOqVGxHYMaucqWFl0LDUyM/6HMt1R7zQqyhjhll0EwZbAuV00LYOM2xWUY
T9f23XN8ZU0egSEF/5jF1rSDfEfQtK6W8bTdqGw5MIL4v73AMgheQAzbW8mS8SZ1
VFGHJe7c77JUpfL/VkSscX3UUZd0h/00n3+VbA10M3o3OMogoUvfITtJTEbDgoFi
Dz47gpud4328ne3typZmgp+Q9EeyXke8aIJtWitcl2Xqvm6IT5uTgG/1lwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFDi6alySwE1F3wQZFitxOD+SDxKdMB8GA1UdIwQY
MBaAFITyznHG/86HVg1WXuXM2jHgG5wVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0Mjgt
N2I5OGM3NDYyYTdlLzEvT0xwcVhKTEFUVVhmQkJrV0szRTRQNUlQRXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0MjgtN2I5OGM3NDYyYTdl
LzEvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzCBhQQCAAEwfwMDAC4N
AwQGPk1AAwQFPlSAAwQGPqgAAwQGPtHAMAoDAwDBVQMDAMFWAwMAwbMDAwDCbAME
BcKVYAMDAMLUAwQFwtUgAwQFwtXAAwQFwxYgAwQHwycAAwQHwy8AAwQFw0aAAwQF
w5BgAwQF1C8AAwQG1EHAAwMA1R0DBAbV0oAwDQQCAAIwBwMFACABCvAwDQYJKoZI
hvcNAQELBQADggEBABAZg8vkvNeXax8CAckdAboFfeHsxLy0PFXjQ34Lxn8GtdDI
fxfTTVny+uFW0y1/V4DL5k8YGt+oE26tsCVXujbx1MeG9Wop1Jj3B1aO4B/b1Exy
i3ejIgIuMjFaxlLFN2nD928VBzPNrh8s0pR8TEQBW4zOdJyfvstpMO08G0hVGbXb
9x0JMeGUpoKvuegUCdI7tiNKjKgaReMVTJiJmwwLEfq41u6jZ5QAer8kYWcyLoRz
JNeCyF2NS183vj1rZPPZ+2kg2V/K1sqRB9Ajl3C/rWtUWLPz2eik703pFh/XmzG1
oxLYlZdfi1ZRcgVUyUPZg5u2o8q656VRfPI6n/U=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:24 2023 by rpki-client on console-fra.rpki-client.org