Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OH2_XcaSruIIBNF7zcf_Da8q9vQ.roa
File: OH2_XcaSruIIBNF7zcf_Da8q9vQ.roa (raw, json)
Hash identifier: Qecer8Cy56No8QrgXgtFUTr7pmqGwHOCVY1feRzl3H4=
Subject key identifier: 38:7D:BF:5D:C6:92:AE:E2:08:04:D1:7B:CD:C7:FF:0D:AF:2A:F6:F4
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01856E01C2FB09BE260C83B0C492BFE75F9A
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OH2_XcaSruIIBNF7zcf_Da8q9vQ.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59592
IP address blocks: 185.14.92.0/22 maxlen: 22
94.154.51.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.32.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.35.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
2a00:ccc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 26 Jan 2023 15:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c2:fb:09:be:26:0c:83:b0:c4:92:bf:e7:5f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=387dbf5dc692aee20804d17bcdc7ff0daf2af6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2f:04:04:2c:4d:20:27:03:d6:24:db:93:ab:
8f:62:68:2a:b7:63:6d:83:24:b8:9c:c0:1e:05:f7:
fe:be:c1:be:e4:f4:dd:cd:77:ad:ec:01:5b:91:2e:
d7:98:79:38:b1:1b:ab:aa:01:56:23:54:ed:b6:2f:
97:e4:33:6e:ea:ab:99:6d:c9:06:c8:a8:88:f0:34:
ca:54:bf:18:c7:ac:d7:f7:70:88:aa:46:cf:90:24:
b7:a5:9d:3c:8d:54:fe:d0:52:c0:30:61:aa:5e:3f:
ba:5d:59:00:f0:ab:d3:ac:21:ec:8d:b3:91:11:cf:
53:6b:6d:05:2f:d3:b4:16:17:8b:74:b7:7e:92:13:
96:e3:6f:4a:82:a9:44:b3:20:69:a4:52:56:02:57:
2e:bd:da:6b:e5:bc:a5:47:92:7a:2d:c5:9d:90:61:
c0:dc:a2:68:36:03:d5:64:55:29:2b:81:8b:e0:e3:
d0:f5:04:78:41:fc:a4:14:a9:7b:86:fc:a1:81:fd:
0e:32:03:59:ec:93:70:22:bc:d3:2c:d8:49:10:75:
b6:15:2f:6b:60:25:18:c1:b7:ab:df:4c:be:b1:69:
51:2a:42:ce:b6:7a:2e:2d:84:ee:12:fa:ea:0e:a2:
0a:88:09:99:86:07:2e:03:60:90:d8:9d:f5:7d:ea:
fa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:BF:5D:C6:92:AE:E2:08:04:D1:7B:CD:C7:FF:0D:AF:2A:F6:F4
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OH2_XcaSruIIBNF7zcf_Da8q9vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.35.0-37.114.36.255
37.114.38.0/23
94.154.48.0/21
176.100.32.0/22
185.14.92.0/22
IPv6:
2a00:ccc2::/32
Signature Algorithm: sha256WithRSAEncryption
41:a2:89:fa:93:8c:a2:30:54:21:92:37:21:7a:9d:33:a4:7d:
9c:9c:db:95:7d:43:5c:6b:d2:7b:18:d8:1c:89:69:33:65:01:
c9:23:7d:0e:22:23:c0:fb:a0:be:0a:e1:14:2a:11:7d:cc:b9:
27:09:19:5c:b9:a1:8d:70:ca:eb:4b:76:a4:4e:65:b7:06:dd:
f7:62:9f:16:b0:d7:2e:3a:9f:b9:eb:10:68:99:74:9a:90:00:
90:72:c7:b5:80:11:36:80:35:bd:10:48:2e:5c:b6:90:fd:52:
a1:90:10:f0:6d:5d:81:df:15:ed:05:fe:d5:49:a0:05:32:14:
ea:09:36:88:86:c1:5b:51:42:8f:88:62:17:bb:db:c0:4d:46:
89:1c:f7:96:58:7b:83:14:fc:4f:72:3a:1e:a4:dd:41:fb:fc:
2b:57:67:3f:88:be:25:9d:88:3e:4f:21:42:fb:6a:17:60:73:
8e:32:7c:9d:5f:d0:ae:48:66:8c:da:5c:8b:4b:80:ff:25:c9:
bd:3b:ae:39:bc:84:8e:13:3d:5d:c4:b4:28:b9:6b:ab:b1:18:
7a:5d:58:1a:f5:18:fc:59:10:65:4a:2d:80:6c:bd:7b:6e:03:
e3:fd:ee:5a:c1:2b:0c:54:f0:65:09:34:1b:0c:ff:1c:04:f2:
73:73:02:c6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuAcL7Cb4mDIOwxJK/51+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdkYmY1ZGM2OTJhZWUyMDgwNGQxN2JjZGM3ZmYwZGFmMmFmNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS8EBCxNICcD1iTbk6uPYmgqt2Nt
gyS4nMAeBff+vsG+5PTdzXet7AFbkS7XmHk4sRurqgFWI1Ttti+X5DNu6quZbckG
yKiI8DTKVL8Yx6zX93CIqkbPkCS3pZ08jVT+0FLAMGGqXj+6XVkA8KvTrCHsjbOR
Ec9Ta20FL9O0FheLdLd+khOW429KgqlEsyBppFJWAlcuvdpr5bylR5J6LcWdkGHA
3KJoNgPVZFUpK4GL4OPQ9QR4QfykFKl7hvyhgf0OMgNZ7JNwIrzTLNhJEHW2FS9r
YCUYwber30y+sWlRKkLOtnouLYTuEvrqDqIKiAmZhgcuA2CQ2J31fer6kQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDh9v13Gkq7iCATRe83H/w2vKvb0MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvT0gyX1hjYVNydUlJQk5GN3pjZl9EYThxOXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAAlciMD
BAAlciQDBAElciYDBANemjADBAKwZCADBAK5DlwwDQQCAAIwBwMFACoAzMIwDQYJ
KoZIhvcNAQELBQADggEBAEGiifqTjKIwVCGSNyF6nTOkfZyc25V9Q1xr0nsY2ByJ
aTNlAckjfQ4iI8D7oL4K4RQqEX3MuScJGVy5oY1wyutLdqROZbcG3fdinxaw1y46
n7nrEGiZdJqQAJByx7WAETaANb0QSC5ctpD9UqGQEPBtXYHfFe0F/tVJoAUyFOoJ
NoiGwVtRQo+IYhe728BNRokc95ZYe4MU/E9yOh6k3UH7/CtXZz+IviWdiD5PIUL7
ahdgc44yfJ1f0K5IZozaXItLgP8lyb07rjm8hI4TPV3EtCi5a6uxGHpdWBr1GPxZ
EGVKLYBsvXtuA+P97lrBKwxU8GUJNBsM/xwE8nNzAsY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org