Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/og3xse8trQBLCDMkLmdwp988wpE.roa
File: og3xse8trQBLCDMkLmdwp988wpE.roa (raw, json)
Hash identifier: REnvInRky8UKMgO50e4BWzalcGK1wpm8UspdvjiddiE=
Subject key identifier: A2:0D:F1:B1:EF:2D:AD:00:4B:08:33:24:2E:67:70:A7:DF:3C:C2:91
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 018DBF8CF29085DCB8A08363209C8DAED37B
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/og3xse8trQBLCDMkLmdwp988wpE.roa
Signing time: Mon 19 Feb 2024 04:08:21 +0000
ROA not before: Mon 19 Feb 2024 04:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211995
IP address blocks: 46.28.237.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
194.164.222.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 01 Aug 2024 12:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bf:8c:f2:90:85:dc:b8:a0:83:63:20:9c:8d:ae:d3:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Feb 19 04:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a20df1b1ef2dad004b0833242e6770a7df3cc291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d2:56:f1:ce:01:8d:d4:11:47:01:b3:20:d2:
36:6e:ce:4b:ee:25:b4:6e:45:68:59:5a:07:44:db:
aa:68:cc:ac:b4:b7:22:d1:c0:dc:75:50:ea:f0:3a:
76:ec:f0:ba:cc:23:9f:9b:43:2e:2c:89:14:09:d3:
4b:d8:05:6c:c4:53:1e:6b:92:db:f9:1c:8a:44:f4:
9f:22:2e:14:1c:fa:f8:33:f9:08:68:87:69:38:07:
f6:bb:75:f7:d5:dc:57:1c:9c:88:05:bf:81:65:6f:
d7:1f:59:be:d7:5f:a9:f3:97:af:68:b3:7d:7b:07:
f1:88:23:c6:ec:2b:94:ff:60:f2:93:d7:8f:1f:4f:
f1:75:44:51:3c:49:43:8b:c3:2e:43:9b:9e:db:86:
d3:83:d9:9b:4f:7a:47:c7:7f:30:1f:fa:c8:b9:cf:
95:b9:b1:fa:8d:fe:03:4f:31:75:52:ce:c9:3a:0d:
85:f7:84:d2:7c:21:c7:c2:96:c0:1f:a0:da:33:74:
9c:d4:59:09:cb:ce:2c:64:2a:aa:42:67:6d:67:2c:
df:2e:9b:71:fa:22:5e:42:2c:65:bd:cd:fd:40:ea:
1b:44:01:fe:b1:02:af:cb:3f:b3:d3:2e:c5:43:fe:
3c:38:85:10:94:fd:25:dd:86:b6:03:ef:16:3e:2d:
ba:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0D:F1:B1:EF:2D:AD:00:4B:08:33:24:2E:67:70:A7:DF:3C:C2:91
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/og3xse8trQBLCDMkLmdwp988wpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.237.0/24
93.114.130.0/24
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
194.164.222.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
13:be:08:2c:a8:f4:be:28:d0:3c:f9:de:6f:69:c6:ca:1e:fb:
8e:09:8c:1f:85:d9:05:37:5a:2b:0c:01:6b:83:85:c3:d7:fc:
0c:48:c6:18:7f:10:b8:1e:b3:19:a0:3b:b3:7e:22:bf:b0:e7:
f5:e2:5e:b2:68:96:6a:e8:9b:31:05:2e:79:4e:30:8a:29:87:
6a:d0:52:31:f4:a9:85:cc:ab:8f:9e:81:cf:f9:69:f7:24:2a:
8c:1b:86:b2:34:99:bb:c8:f5:06:a0:87:6b:50:6b:1b:93:12:
eb:38:b2:a2:9b:96:51:0a:75:00:55:70:6c:42:fd:88:e2:3a:
39:a8:6f:6a:1f:b7:36:bb:d7:21:24:97:37:65:a6:5a:91:95:
8c:d3:82:49:38:88:54:95:8e:43:d5:b4:99:32:02:74:34:7c:
db:ed:b9:58:68:a4:a1:d7:a7:74:d2:28:b4:54:48:4e:ac:ce:
44:fd:4d:6d:25:2b:35:88:a3:32:b6:81:c8:b9:45:7c:9f:fc:
cd:d3:81:ad:65:a7:53:a2:e9:42:40:84:c1:1d:2b:5d:de:20:
f2:a1:f1:23:c9:fa:37:39:79:b3:7d:f5:44:56:ce:e2:57:13:
29:bc:d9:14:62:1d:4d:99:c7:a3:11:b8:2d:b7:d2:2a:bc:4b:
7c:d6:53:c2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY2/jPKQhdy4oINjIJyNrtN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjQwMjE5MDQwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBkZjFiMWVmMmRhZDAwNGIwODMzMjQyZTY3NzBhN2RmM2NjMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNJW8c4BjdQRRwGzINI2bs5L7iW0
bkVoWVoHRNuqaMystLci0cDcdVDq8Dp27PC6zCOfm0MuLIkUCdNL2AVsxFMea5Lb
+RyKRPSfIi4UHPr4M/kIaIdpOAf2u3X31dxXHJyIBb+BZW/XH1m+11+p85evaLN9
ewfxiCPG7CuU/2Dyk9ePH0/xdURRPElDi8MuQ5ue24bTg9mbT3pHx38wH/rIuc+V
ubH6jf4DTzF1Us7JOg2F94TSfCHHwpbAH6DaM3Sc1FkJy84sZCqqQmdtZyzfLptx
+iJeQixlvc39QOobRAH+sQKvyz+z0y7FQ/48OIUQlP0l3Ya2A+8WPi26yQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKIN8bHvLa0ASwgzJC5ncKffPMKRMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvb2czeHNlOHRyUUJMQ0RNa0xtZHdwOTg4d3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALhztAwQA
XXKCAwQAuU0DAwQAuYjPAwQAuekjAwQAwqTeAwQA1Y6eMA0EAgACMAcDBQMqENiA
MA0GCSqGSIb3DQEBCwUAA4IBAQATvggsqPS+KNA8+d5vacbKHvuOCYwfhdkFN1or
DAFrg4XD1/wMSMYYfxC4HrMZoDuzfiK/sOf14l6yaJZq6JsxBS55TjCKKYdq0FIx
9KmFzKuPnoHP+Wn3JCqMG4ayNJm7yPUGoIdrUGsbkxLrOLKim5ZRCnUAVXBsQv2I
4jo5qG9qH7c2u9chJJc3ZaZakZWM04JJOIhUlY5D1bSZMgJ0NHzb7blYaKSh16d0
0ii0VEhOrM5E/U1tJSs1iKMytoHIuUV8n/zN04GtZadToulCQITBHStd3iDyofEj
yfo3OXmzffVEVs7iVxMpvNkUYh1NmcejEbgtt9IqvEt81lPC
-----END CERTIFICATE-----
Generated at Thu Aug 1 14:00:10 2024 by rpki-client on console-fra.rpki-client.org