Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OYFw5v5zl06wpBagCLhOEQ0jgSs.roa
File: OYFw5v5zl06wpBagCLhOEQ0jgSs.roa (raw, json)
Hash identifier: MkbobpwMWGFDvfquWhVvJ4qXZ9KKPgOGFUbUwzkj2NI=
Subject key identifier: 39:81:70:E6:FE:73:97:4E:B0:A4:16:A0:08:B8:4E:11:0D:23:81:2B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01869CB2D45478B4D01D28BD1A32D890C343
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OYFw5v5zl06wpBagCLhOEQ0jgSs.roa
Signing time: Wed 01 Mar 2023 10:23:30 +0000
ROA not before: Wed 01 Mar 2023 10:23:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:b105:120::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:b107:1e40::/44 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:6f0::/44 maxlen: 44
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a10:cc41:800::/37 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Mar 2023 23:51:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:b2:d4:54:78:b4:d0:1d:28:bd:1a:32:d8:90:c3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 1 10:23:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=398170e6fe73974eb0a416a008b84e110d23812b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ae:cc:63:ed:4f:64:54:46:4d:c8:8c:ff:f8:
f7:fb:dd:3e:af:0b:6f:f9:45:31:7c:24:07:09:21:
55:63:e8:08:0c:fc:7e:0a:f6:70:b7:2d:3e:2a:73:
18:26:48:58:c5:9a:8a:cc:2d:90:5f:39:11:1f:45:
cf:6d:fd:57:b6:85:7e:8d:58:50:c4:40:cd:06:b8:
80:ee:88:3f:89:33:d6:14:63:ce:c8:76:81:81:f8:
07:56:2f:30:90:eb:c1:c4:57:0f:24:b4:ce:0c:7e:
89:d7:c5:28:c1:00:2e:45:3e:6c:5b:33:c7:92:ad:
46:02:6e:67:a6:90:76:9c:0f:dd:07:6b:3a:e8:d0:
f3:27:94:d6:af:e5:4f:b2:26:1c:75:dd:cc:8d:d3:
67:ff:55:76:7b:44:79:6d:72:65:80:71:ff:54:d6:
9a:9c:8b:3f:2b:90:b2:7e:07:2b:31:52:97:20:af:
cc:2e:c7:ca:f1:3e:2b:3f:20:3e:7c:a5:90:4d:fc:
42:ef:bd:c4:1b:b5:6a:ed:06:10:b0:06:a0:91:05:
e9:ab:db:a5:b7:2f:8f:6b:0e:58:40:d5:9a:0b:cf:
9a:f5:45:b3:42:2f:62:83:87:86:8c:e2:fc:c5:4a:
40:4d:e0:56:ab:4c:ff:ce:91:d4:47:09:77:6e:a8:
5f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:81:70:E6:FE:73:97:4E:B0:A4:16:A0:08:B8:4E:11:0D:23:81:2B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OYFw5v5zl06wpBagCLhOEQ0jgSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b105:120::/44
2a0e:b107:6f0::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:1e40::/44
2a0f:e404:102::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc41:800::/37
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5e:dc:67:fe:d9:96:0a:c8:f7:5f:4a:11:a3:5f:dc:a5:ac:81:
d9:5a:39:68:49:b3:15:b9:fd:ae:37:b7:1c:cd:39:5a:b0:88:
a9:a8:85:ef:d4:23:86:92:10:7c:ff:2e:92:c2:41:0d:88:7b:
b8:ad:69:2a:1b:b6:c5:90:19:01:44:65:19:92:2b:99:5e:fa:
2a:7f:99:80:b4:b4:66:90:24:3d:3f:62:fb:cb:6a:8c:f6:2a:
8f:d2:91:cd:bd:01:4c:28:a4:ed:0d:60:fc:4e:a6:1c:b0:d3:
30:25:57:01:f1:60:5c:26:22:60:36:e3:b9:bb:24:52:22:fc:
e5:65:40:b8:af:b6:68:71:ba:c4:6c:53:92:59:2c:f7:82:d1:
2b:19:c9:47:bd:2e:e7:80:cc:35:1b:a6:c5:ce:1d:36:6a:37:
99:bc:e2:ed:8c:59:1b:24:98:de:fe:4c:b3:8e:f9:8e:23:b3:
63:3c:d4:e1:69:4a:9c:64:45:cd:ca:b6:0e:c3:54:ce:15:33:
d9:f7:ed:7a:1b:34:f4:04:24:30:2e:5b:b8:46:7b:76:c5:46:
c0:17:d9:35:88:ea:0c:1f:eb:d1:6e:4b:53:87:8a:5c:7e:60:
43:87:29:c5:01:df:4f:0b:ef:64:9f:02:32:09:82:fd:39:88:
09:7c:36:ab
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYacstRUeLTQHSi9GjLYkMNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAxMTAyMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTgxNzBlNmZlNzM5NzRlYjBhNDE2YTAwOGI4NGUxMTBkMjM4MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj67MY+1PZFRGTciM//j3+90+rwtv
+UUxfCQHCSFVY+gIDPx+CvZwty0+KnMYJkhYxZqKzC2QXzkRH0XPbf1XtoV+jVhQ
xEDNBriA7og/iTPWFGPOyHaBgfgHVi8wkOvBxFcPJLTODH6J18UowQAuRT5sWzPH
kq1GAm5nppB2nA/dB2s66NDzJ5TWr+VPsiYcdd3MjdNn/1V2e0R5bXJlgHH/VNaa
nIs/K5CyfgcrMVKXIK/MLsfK8T4rPyA+fKWQTfxC773EG7Vq7QYQsAagkQXpq9ul
ty+Paw5YQNWaC8+a9UWzQi9ig4eGjOL8xUpATeBWq0z/zpHURwl3bqhfowIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFDmBcOb+c5dOsKQWoAi4ThENI4ErMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT1lGdzV2NXpsMDZ3cEJhZ0NMaE9FUTBqZ1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwQgQCAAEwPAMEAB8q
twMEAi0MRAMEAi2DuAMEAi2IiAMEAFXKywMEAF6xegMEAoscYAMEALnodQMEAMIy
XAMEAMIyXjCBqwQCAAIwgaQDBwAgAQf4ARkDBQMqCQTAMA4DBQcqDDuAAwUAKgw7
hgMHACoOl8ABcAMHBCoOl8ACYAMGACoOl8ECAwcEKg6XxAEAAwcEKg6xBQEgAwcE
Kg6xBwbwAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcEKg6xBx5AAwcAKg/k
BAECAwcAKhAvAAGPAwcEKhDMQAJQAwYDKhDMQQgDBgQqEMxGEDANBgkqhkiG9w0B
AQsFAAOCAQEAXtxn/tmWCsj3X0oRo1/cpayB2Vo5aEmzFbn9rje3HM05WrCIqaiF
79QjhpIQfP8uksJBDYh7uK1pKhu2xZAZAURlGZIrmV76Kn+ZgLS0ZpAkPT9i+8tq
jPYqj9KRzb0BTCik7Q1g/E6mHLDTMCVXAfFgXCYiYDbjubskUiL85WVAuK+2aHG6
xGxTklks94LRKxnJR70u54DMNRumxc4dNmo3mbzi7YxZGySY3v5Ms475jiOzYzzU
4WlKnGRFzcq2DsNUzhUz2fftehs09AQkMC5buEZ7dsVGwBfZNYjqDB/r0W5LU4eK
XH5gQ4cpxQHfTwvvZJ8CMgmC/TmICXw2qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org