Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OZrHh2kIqhnXVm_xCCaQ2KI_9DE.roa
File: OZrHh2kIqhnXVm_xCCaQ2KI_9DE.roa (raw, json)
Hash identifier: Snrjm6ZY0XaScftHmkwK5niGCs4FC8HM1GL1CazHfn0=
Subject key identifier: 39:9A:C7:87:69:08:AA:19:D7:56:6F:F1:08:26:90:D8:A2:3F:F4:31
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D5A725C3EDE68C0C4EC16A297E8A097B6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OZrHh2kIqhnXVm_xCCaQ2KI_9DE.roa
Signing time: Tue 30 Jan 2024 12:57:40 +0000
ROA not before: Tue 30 Jan 2024 12:57:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.148.116.0/22 maxlen: 24
185.238.188.0/22 maxlen: 24
2a06:de01:d0::/44 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc3:ccce::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Feb 2024 15:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:72:5c:3e:de:68:c0:c4:ec:16:a2:97:e8:a0:97:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 30 12:57:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=399ac7876908aa19d7566ff1082690d8a23ff431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:61:be:75:0c:2e:3d:92:85:9b:9f:ad:fb:09:
b5:48:24:0b:0b:19:94:6b:8f:15:71:38:a6:d6:ff:
a7:6d:5e:3b:fd:03:d6:ae:69:85:ac:e5:58:c9:1c:
7f:0b:30:3c:0c:c4:93:d0:1c:97:23:c2:f1:cf:ae:
5d:52:49:4f:4c:85:60:ed:f9:28:1a:6a:12:02:11:
2e:75:ab:92:7b:45:84:b4:84:cd:f3:78:23:b0:07:
d4:8f:7e:b2:32:f8:b3:ef:37:ad:9c:d6:b0:b8:ec:
9d:7e:3c:0b:4f:c6:b2:cf:df:dc:61:b8:cd:41:ae:
82:d9:3c:d4:20:4a:47:3d:ed:00:ad:3a:7f:e2:a3:
5c:78:72:4c:4f:9f:1e:71:0b:84:df:a4:d9:ad:95:
73:93:76:09:2c:57:38:d6:ae:6b:c3:69:2a:1c:eb:
6b:14:6c:0b:c2:c6:54:c7:c1:41:56:2c:66:d3:ed:
d3:ee:64:2c:0e:60:38:c4:61:a7:f9:c6:64:7e:f9:
3a:08:81:99:f0:d5:e2:39:bc:66:9e:4f:b0:3c:37:
f0:43:14:d6:d1:2c:04:05:3b:c1:83:3e:7a:3d:ab:
2b:93:97:03:72:35:3d:c2:0b:b5:70:d3:dc:97:47:
5a:27:80:6f:97:c8:0c:11:2e:f6:05:9c:d2:7c:90:
19:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9A:C7:87:69:08:AA:19:D7:56:6F:F1:08:26:90:D8:A2:3F:F4:31
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OZrHh2kIqhnXVm_xCCaQ2KI_9DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
185.238.188.0/22
IPv6:
2a06:de01:d0::/44
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc3:ccce::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
4b:9b:bc:46:e5:b0:9a:49:20:10:f7:44:e9:85:99:7c:ac:bb:
05:f1:08:34:17:ee:c7:af:a9:4b:39:0a:3e:92:ed:4f:4e:a0:
80:df:68:59:c9:92:fe:31:66:a0:cb:5a:11:a8:c9:96:d7:7b:
37:02:c8:d4:fa:5d:92:23:f2:43:6e:be:10:9a:f4:e4:34:e6:
45:62:9b:cb:f9:a1:aa:e9:e6:2a:14:85:c1:b2:e9:de:fd:52:
69:e6:65:73:f7:7d:0d:0a:0e:df:db:dc:57:da:99:b4:4d:ce:
c7:7d:1f:68:e7:62:87:92:bd:16:69:f4:a7:04:e9:79:1f:cf:
9d:29:1e:7a:32:6d:7d:f1:8c:3a:d1:dc:6b:cb:5b:d3:5f:b9:
33:37:d9:6c:43:92:bc:f6:d4:50:15:8c:fa:35:92:ce:55:12:
77:f4:dc:b7:77:dd:07:e1:1e:f2:b7:38:9a:33:c5:89:5d:77:
94:bf:42:90:67:fc:0f:1f:e0:2c:00:50:dd:0f:66:13:81:82:
b0:dd:aa:0a:10:e1:93:a0:9e:ce:e1:48:fc:e0:3c:b3:c7:9f:
31:e2:b2:cd:b6:ea:17:17:fe:7f:16:e9:fe:ea:27:ba:b8:dc:
00:c0:4e:99:e0:9c:aa:0d:73:e1:f2:66:7e:9a:41:66:4c:ad:
71:22:e4:bd
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAY1aclw+3mjAxOwWopfooJe2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTMwMTI1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTlhYzc4NzY5MDhhYTE5ZDc1NjZmZjEwODI2OTBkOGEyM2ZmNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomG+dQwuPZKFm5+t+wm1SCQLCxmU
a48VcTim1v+nbV47/QPWrmmFrOVYyRx/CzA8DMST0ByXI8Lxz65dUklPTIVg7fko
GmoSAhEudauSe0WEtITN83gjsAfUj36yMviz7zetnNawuOydfjwLT8ayz9/cYbjN
Qa6C2TzUIEpHPe0ArTp/4qNceHJMT58ecQuE36TZrZVzk3YJLFc41q5rw2kqHOtr
FGwLwsZUx8FBVixm0+3T7mQsDmA4xGGn+cZkfvk6CIGZ8NXiObxmnk+wPDfwQxTW
0SwEBTvBgz56Pasrk5cDcjU9wgu1cNPcl0daJ4Bvl8gMES72BZzSfJAZxwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFDmax4dpCKoZ11Zv8QgmkNiiP/QxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT1pySGgya0lxaG5YVm1feENDYVEyS0lfOURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjASBAIAATAMAwQCLZR0
AwQCue68MIGDBAIAAjB9AwcEKgbeAQDQAwYAKgw7h/8DBwAqDpfAB1AwEgMHACoO
l8AHkQMHACoOl8AHkgMGAioOl8SsAwcAKg6xBwn0AwcAKg6xBwn2AwcAKg6xBw3y
AwcAKg6xBxhwAwcAKg6xBxueAwcAKg6xByeLAwcAKhDMw8zOAwYCKhDMx5AwDQYJ
KoZIhvcNAQELBQADggEBAEubvEblsJpJIBD3ROmFmXysuwXxCDQX7sevqUs5Cj6S
7U9OoIDfaFnJkv4xZqDLWhGoyZbXezcCyNT6XZIj8kNuvhCa9OQ05kVim8v5oarp
5ioUhcGy6d79UmnmZXP3fQ0KDt/b3FfambRNzsd9H2jnYoeSvRZp9KcE6Xkfz50p
HnoybX3xjDrR3GvLW9NfuTM32WxDkrz21FAVjPo1ks5VEnf03Ld33QfhHvK3OJoz
xYldd5S/QpBn/A8f4CwAUN0PZhOBgrDdqgoQ4ZOgns7hSPzgPLPHnzHiss226hcX
/n8W6f7qJ7q43ADATpngnKoNc+HyZn6aQWZMrXEi5L0=
-----END CERTIFICATE-----
Generated at Mon Feb 5 20:17:02 2024 by rpki-client on console-fra.rpki-client.org