Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/OGmdXR4bPo3AaJW7QbsHIZKdHhE.roa
File: OGmdXR4bPo3AaJW7QbsHIZKdHhE.roa (raw, json)
Hash identifier: Y+tPyO0VgzWiOnL2ZaWDG0atwCeFCSHHRZqy/ks3CNE=
Subject key identifier: 38:69:9D:5D:1E:1B:3E:8D:C0:68:95:BB:41:BB:07:21:92:9D:1E:11
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 0185720314D00BD87F6D3AD25CD75C3C2DA0
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/OGmdXR4bPo3AaJW7QbsHIZKdHhE.roa
Signing time: Mon 02 Jan 2023 10:24:42 +0000
ROA not before: Mon 02 Jan 2023 10:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.62.136.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.141.188.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:14:d0:0b:d8:7f:6d:3a:d2:5c:d7:5c:3c:2d:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 2 10:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38699d5d1e1b3e8dc06895bb41bb0721929d1e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:09:6c:c4:87:a1:72:d6:04:3c:95:1f:87:20:
52:5c:5c:45:24:61:31:d6:43:5f:a1:66:1e:2b:f6:
c2:ba:df:87:8e:80:8e:a5:38:eb:5f:ca:ee:be:e8:
4d:7e:c9:79:6c:1c:e4:f4:fa:27:7e:49:4e:a9:f4:
1c:3e:31:0c:29:a0:a8:83:0f:92:0a:71:8e:b6:89:
a6:c4:8b:53:e1:5e:eb:ec:cf:75:1b:c7:c8:3a:cd:
71:41:96:be:65:87:de:f2:d1:d0:24:cb:6b:ad:07:
66:e4:60:c6:3b:3a:2c:70:bd:2f:23:43:0c:18:dc:
0f:2e:4a:dc:dd:ed:eb:43:fc:88:40:ea:43:e9:b4:
cf:05:6b:b2:6b:8c:2c:f8:92:fa:c4:2a:c8:79:95:
48:3f:14:19:ca:c9:7f:24:0d:b3:fe:ea:ba:4f:13:
2e:9d:4e:a9:4f:08:a2:e2:f7:4f:39:d1:9f:cb:cf:
17:e7:ea:1d:b6:11:6c:8c:3a:fe:9c:e3:c8:37:20:
f7:4b:63:88:d2:fd:d7:84:5d:2d:ab:dc:66:ac:09:
3f:e3:87:5e:e9:f4:1e:cd:33:0e:9d:d0:36:2c:66:
1f:04:25:fa:d4:ba:93:e3:3f:13:c8:cb:e3:0d:9d:
9e:1b:2e:20:db:96:3d:b2:d1:42:b5:b7:db:77:64:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:69:9D:5D:1E:1B:3E:8D:C0:68:95:BB:41:BB:07:21:92:9D:1E:11
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/OGmdXR4bPo3AaJW7QbsHIZKdHhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:d3:20:ff:0b:0f:4f:d5:4c:10:85:c3:1a:43:d7:28:f9:82:
07:5c:da:09:d2:a5:70:50:9e:26:25:cc:2b:c5:a2:52:1f:aa:
b8:0e:ce:b6:9f:84:f7:b6:1d:ec:dd:74:19:5f:41:6b:fa:5a:
24:c7:a0:ef:42:63:6a:b5:8e:7b:ab:e0:50:79:13:2a:d1:bc:
6f:f7:91:a1:cd:0b:24:98:d4:68:56:51:9b:7a:f1:88:19:90:
b4:09:c2:ea:9c:33:fc:e5:4e:b8:6f:b4:94:f7:ba:3b:4f:a0:
9a:d5:8b:59:8a:af:fb:86:71:6b:31:ee:b2:f8:8b:3e:08:b5:
df:88:64:12:30:c3:17:c6:b8:e0:5e:b4:ac:df:f1:33:b1:63:
02:b7:18:76:00:5a:64:0b:f5:6a:32:62:cb:92:9c:f6:e2:e6:
7d:b6:06:80:5d:6c:f5:59:9a:a1:7b:61:ea:52:06:9d:92:a1:
01:5a:fa:73:0e:c6:2a:45:62:aa:34:08:d6:70:82:ae:c5:18:
96:cd:05:30:0d:cc:46:65:ab:51:c8:eb:5a:e0:b6:8f:bc:41:
84:07:0c:48:f0:be:b8:95:87:9d:65:1a:7f:e1:19:d5:81:80:
88:43:12:5d:9c:9d:c0:03:f7:df:97:fb:94:aa:41:a0:21:6e:
6f:b5:3c:60
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYVyAxTQC9h/bTrSXNdcPC2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjMwMTAyMTAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODY5OWQ1ZDFlMWIzZThkYzA2ODk1YmI0MWJiMDcyMTkyOWQxZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwlsxIehctYEPJUfhyBSXFxFJGEx
1kNfoWYeK/bCut+HjoCOpTjrX8ruvuhNfsl5bBzk9PonfklOqfQcPjEMKaCogw+S
CnGOtommxItT4V7r7M91G8fIOs1xQZa+ZYfe8tHQJMtrrQdm5GDGOzoscL0vI0MM
GNwPLkrc3e3rQ/yIQOpD6bTPBWuya4ws+JL6xCrIeZVIPxQZysl/JA2z/uq6TxMu
nU6pTwii4vdPOdGfy88X5+odthFsjDr+nOPINyD3S2OI0v3XhF0tq9xmrAk/44de
6fQezTMOndA2LGYfBCX61LqT4z8TyMvjDZ2eGy4g25Y9stFCtbfbd2Q66wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFDhpnV0eGz6NwGiVu0G7ByGSnR4RMB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvT0dtZFhSNGJQbzNBYUpXN1Fic0hJWktkSGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBVW7gAME
Ark0lAMEArk+iAMEArmEBAMEArmFFAMEArmNvAMEArmPLAMEArmSFAMEArmSHAME
ArmULAMEArmUgAMEArmVcAMEArmXMDAMAwQAuaBBAwQCuaBAMAwDBAC5ppEDBAK5
ppADBAK5qGwwDQYJKoZIhvcNAQELBQADggEBAKfTIP8LD0/VTBCFwxpD1yj5ggdc
2gnSpXBQniYlzCvFolIfqrgOzrafhPe2HezddBlfQWv6WiTHoO9CY2q1jnur4FB5
EyrRvG/3kaHNCySY1GhWUZt68YgZkLQJwuqcM/zlTrhvtJT3ujtPoJrVi1mKr/uG
cWsx7rL4iz4Itd+IZBIwwxfGuOBetKzf8TOxYwK3GHYAWmQL9WoyYsuSnPbi5n22
BoBdbPVZmqF7YepSBp2SoQFa+nMOxipFYqo0CNZwgq7FGJbNBTANzEZlq1HI61rg
to+8QYQHDEjwvriVh51lGn/hGdWBgIhDEl2cncAD99+X+5SqQaAhbm+1PGA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:31 2024 by rpki-client on console-ams.rpki-client.org