Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/oznLb3iiayS9ndW4hx4M3OX7gQk.roa
File: oznLb3iiayS9ndW4hx4M3OX7gQk.roa (raw, json)
Hash identifier: Lrx/oA0yLeV5CkkWT09KLqWydpdqu8j5Dm2ZLRvkHX0=
Subject key identifier: A3:39:CB:6F:78:A2:6B:24:BD:9D:D5:B8:87:1E:0C:DC:E5:FB:81:09
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 01888F85371DB465B39D640FCE0CE0C472E4
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/oznLb3iiayS9ndW4hx4M3OX7gQk.roa
Signing time: Tue 06 Jun 2023 07:04:12 +0000
ROA not before: Tue 06 Jun 2023 07:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.199.0/24 maxlen: 24
80.86.196.0/24 maxlen: 24
80.86.198.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.251.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.253.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
81.221.255.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
212.59.186.0/24 maxlen: 24
212.59.184.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.21.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
212.59.189.0/24 maxlen: 24
212.59.188.0/24 maxlen: 24
194.191.28.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
82.195.224.0/24 maxlen: 24
82.195.226.0/24 maxlen: 24
82.195.225.0/24 maxlen: 24
82.195.227.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Oct 2023 13:37:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:85:37:1d:b4:65:b3:9d:64:0f:ce:0c:e0:c4:72:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jun 6 07:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a339cb6f78a26b24bd9dd5b8871e0cdce5fb8109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c3:c5:3c:78:1d:c2:69:38:91:f4:c1:cb:de:
6a:04:c7:ad:89:ec:91:64:3c:a0:28:69:77:79:d9:
23:42:b4:af:66:13:a7:ca:94:5d:9a:7e:f5:f7:7d:
66:7e:63:a9:9f:77:06:68:a8:99:39:94:f7:4f:c3:
44:2d:a1:6f:68:cf:ef:53:b1:0a:f3:95:96:b3:c2:
18:f3:41:c9:d9:84:e8:14:72:47:0c:6e:90:f8:c0:
33:d9:f8:6a:67:18:01:1d:96:fc:17:62:cd:ca:3c:
26:28:8b:90:2f:71:9e:22:12:71:b8:2b:13:8d:70:
3e:8a:68:75:ae:ad:a5:67:86:f3:ad:f8:82:93:55:
75:9e:11:3f:cc:8d:e5:c8:0e:56:62:22:a2:bd:7d:
7f:06:6a:8d:53:82:3b:f1:27:0d:a5:ff:f4:73:a7:
b7:d6:22:37:11:da:84:9e:7a:fc:7a:39:16:b7:19:
32:e8:1d:7d:81:88:7c:cd:2a:f4:0f:74:8b:28:c8:
dd:28:73:01:31:bb:f2:0f:b3:98:5a:63:b5:1e:ea:
76:f7:5d:b8:37:73:24:ba:08:8a:24:e3:0d:06:ae:
71:bc:be:c0:f0:21:13:4d:3c:f6:2d:10:74:48:98:
b4:f3:1a:72:78:fd:a7:4a:1a:8f:a0:ec:ab:1e:fb:
a2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:39:CB:6F:78:A2:6B:24:BD:9D:D5:B8:87:1E:0C:DC:E5:FB:81:09
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/oznLb3iiayS9ndW4hx4M3OX7gQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
80.86.196.0/24
80.86.198.0/23
81.221.250.0-81.221.255.255
82.195.224.0/22
194.191.16.0-194.191.21.255
194.191.24.0-194.191.26.255
194.191.28.0/23
195.49.16.0/24
212.59.184.0/24
212.59.186.0/24
212.59.188.0/23
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
34:e8:8f:25:4b:cb:5a:8b:4e:14:00:62:8f:3f:33:74:8a:32:
da:a9:1e:d9:ba:a4:69:9d:a7:d0:9e:0e:ff:8b:45:e0:e3:8c:
c8:69:5f:f3:50:65:9e:9e:1c:be:be:5f:3f:8f:e0:1d:6b:7b:
45:af:01:f3:01:a8:79:86:92:05:57:42:ab:c8:1a:b6:c2:35:
59:1e:47:9e:98:e5:38:65:15:f2:b0:6d:1c:bc:9d:18:92:1c:
50:d1:b8:e5:5a:92:c3:c2:56:19:a8:fe:df:ef:92:d8:eb:cb:
ea:be:d8:e7:a8:b4:6b:57:c5:bc:1e:3a:68:91:10:e5:00:4e:
f1:66:1f:9c:67:37:15:41:35:73:da:74:a4:8c:fb:5d:d4:4c:
2e:13:8b:d5:ca:16:c2:89:4c:8b:1d:4a:1a:25:5b:be:11:f1:
60:bb:e5:e8:16:5e:c0:0e:06:b4:52:d8:f4:b3:28:e1:38:31:
c8:57:6b:ff:f1:de:b8:d4:8d:6b:85:cd:d7:d8:83:f7:41:38:
f8:48:71:a1:0e:57:65:64:44:72:1e:5c:cb:e0:01:ff:95:80:
ba:07:d9:7a:d7:db:62:5c:12:bb:e8:9b:8e:9b:ed:cb:ad:22:
09:a2:ba:70:b1:85:57:cd:ce:88:5e:85:41:1c:7c:90:98:7e:
8e:6e:9a:aa
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYiPhTcdtGWznWQPzgzgxHLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjMwNjA2MDcwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzM5Y2I2Zjc4YTI2YjI0YmQ5ZGQ1Yjg4NzFlMGNkY2U1ZmI4MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMPFPHgdwmk4kfTBy95qBMetieyR
ZDygKGl3edkjQrSvZhOnypRdmn71931mfmOpn3cGaKiZOZT3T8NELaFvaM/vU7EK
85WWs8IY80HJ2YToFHJHDG6Q+MAz2fhqZxgBHZb8F2LNyjwmKIuQL3GeIhJxuCsT
jXA+imh1rq2lZ4bzrfiCk1V1nhE/zI3lyA5WYiKivX1/BmqNU4I78ScNpf/0c6e3
1iI3EdqEnnr8ejkWtxky6B19gYh8zSr0D3SLKMjdKHMBMbvyD7OYWmO1Hup29124
N3MkugiKJOMNBq5xvL7A8CETTTz2LRB0SJi08xpyeP2nShqPoOyrHvuiuwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFKM5y294omskvZ3VuIceDNzl+4EJMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvb3puTGIzaWlheVM5bmRXNGh4NE0zT1g3Z1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwZQQCAAEwXwMEAVBWwAME
AFBWxAMEAVBWxjALAwQBUd36AwMBUdwDBAJSw+AwDAMEBMK/EAMEAcK/FDAMAwQD
wr8YAwQAwr8aAwQBwr8cAwQAwzEQAwQA1Du4AwQA1Du6AwQB1Du8MA8EAgACMAkD
BwAqAQKoIAEwDQYJKoZIhvcNAQELBQADggEBADTojyVLy1qLThQAYo8/M3SKMtqp
Htm6pGmdp9CeDv+LReDjjMhpX/NQZZ6eHL6+Xz+P4B1re0WvAfMBqHmGkgVXQqvI
GrbCNVkeR56Y5ThlFfKwbRy8nRiSHFDRuOVaksPCVhmo/t/vktjry+q+2OeotGtX
xbweOmiREOUATvFmH5xnNxVBNXPadKSM+13UTC4Ti9XKFsKJTIsdSholW74R8WC7
5egWXsAOBrRS2PSzKOE4MchXa//x3rjUjWuFzdfYg/dBOPhIcaEOV2VkRHIeXMvg
Af+VgLoH2XrX22JcErvom46b7cutIgmiunCxhVfNzohehUEcfJCYfo5umqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org