Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oAYPDBWOtapEucNtdoYucCyWAL4.roa
File: oAYPDBWOtapEucNtdoYucCyWAL4.roa (raw, json)
Hash identifier: 8j9p05F3/S39+pmA6uqbF3hemnchcskXYiSLoYTI0Ek=
Subject key identifier: A0:06:0F:0C:15:8E:B5:AA:44:B9:C3:6D:76:86:2E:70:2C:96:00:BE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01875A21959D5582EF819ED5DE2B131BC6DB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oAYPDBWOtapEucNtdoYucCyWAL4.roa
Signing time: Fri 07 Apr 2023 05:12:43 +0000
ROA not before: Fri 07 Apr 2023 05:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a10:cc41:800::/37 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Apr 2023 06:23:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:21:95:9d:55:82:ef:81:9e:d5:de:2b:13:1b:c6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 7 05:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0060f0c158eb5aa44b9c36d76862e702c9600be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2d:28:ff:02:62:56:3b:e5:1d:b3:67:73:17:
dd:9d:6a:c0:54:8d:f4:12:65:4a:f0:18:17:83:2f:
ed:65:d4:d8:d6:dd:5c:77:5d:39:12:9b:a7:de:a9:
10:9d:46:8d:85:89:61:cc:8a:8d:25:c9:b0:64:61:
72:7c:26:eb:30:cb:bc:4f:08:0d:ce:fc:3a:bd:a4:
ff:94:6b:af:6e:ae:18:2f:5d:ae:09:d5:da:4e:3f:
76:c5:7a:6b:c7:80:c4:68:32:46:a7:6d:b5:06:d1:
5f:d5:f0:9a:19:ae:05:2e:6b:c2:0d:ef:ee:e6:ad:
94:68:14:78:5d:f0:69:e1:43:13:b7:e9:e5:18:da:
6f:1a:e0:d0:be:e8:48:2b:2f:d3:3f:41:3a:e6:62:
af:1e:92:93:47:04:88:3f:41:f2:2f:be:6c:13:d2:
e8:0b:f4:b2:6f:56:4e:1b:d6:6f:6d:8b:d2:28:32:
7f:02:5e:a9:16:78:8b:66:e1:2b:c6:3a:ee:c3:3d:
bb:0f:7c:14:eb:0c:d9:36:72:7c:50:1a:ee:ba:6c:
15:32:f2:fc:dd:e9:0b:44:44:9f:cf:df:0b:8f:6a:
48:6f:7b:12:9c:18:ac:59:54:da:8c:fe:d7:2e:d6:
bf:cc:c4:d9:a7:88:0b:ea:b6:22:f4:1d:c4:12:3c:
c3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:06:0F:0C:15:8E:B5:AA:44:B9:C3:6D:76:86:2E:70:2C:96:00:BE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oAYPDBWOtapEucNtdoYucCyWAL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc41:800::/37
Signature Algorithm: sha256WithRSAEncryption
c8:7b:06:94:12:91:58:49:7b:6f:45:62:22:58:95:9f:66:02:
4a:1c:ef:93:88:80:d7:0e:d5:b6:cf:87:d1:ad:b6:7a:3e:4f:
f7:4e:41:a0:84:1c:09:37:80:e7:2b:0a:a1:4b:c2:85:72:09:
29:6f:1a:0d:1c:b1:55:45:09:f4:ab:2e:b8:79:78:09:78:74:
2a:38:d6:88:00:85:d9:22:be:5b:36:60:bf:51:6d:88:a1:1a:
86:58:b6:c4:fa:c3:fa:fe:7a:17:b2:69:99:7d:b1:c4:5b:5d:
5a:7e:bc:d4:18:c1:43:2e:6c:9f:fc:b0:b6:fd:39:8d:8f:10:
d6:c7:d1:97:fb:6a:0b:9c:b8:fd:bf:0f:f2:34:49:fc:41:c8:
7d:f7:52:3b:25:3b:74:a9:ea:f4:4e:27:1b:6b:33:a7:50:ff:
e8:da:c2:60:1d:b8:29:1e:3f:cf:86:b2:ad:78:88:8b:24:3f:
d4:14:f4:56:bc:f6:93:1a:3f:3c:a1:c5:33:cd:4c:56:3a:8d:
4f:95:68:41:b2:52:fb:41:c3:8c:78:96:ef:48:39:1a:ae:0d:
f7:b0:44:19:77:33:97:5f:4a:4c:cc:e3:56:d3:8b:4b:b7:4d:
d7:13:57:8f:00:4c:ee:47:59:12:0d:fa:1e:ae:a4:62:a7:2c:
1e:b0:f0:89
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYdaIZWdVYLvgZ7V3isTG8bbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDA3MDUxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA2MGYwYzE1OGViNWFhNDRiOWMzNmQ3Njg2MmU3MDJjOTYwMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC0o/wJiVjvlHbNncxfdnWrAVI30
EmVK8BgXgy/tZdTY1t1cd105Epun3qkQnUaNhYlhzIqNJcmwZGFyfCbrMMu8TwgN
zvw6vaT/lGuvbq4YL12uCdXaTj92xXprx4DEaDJGp221BtFf1fCaGa4FLmvCDe/u
5q2UaBR4XfBp4UMTt+nlGNpvGuDQvuhIKy/TP0E65mKvHpKTRwSIP0HyL75sE9Lo
C/Syb1ZOG9ZvbYvSKDJ/Al6pFniLZuErxjruwz27D3wU6wzZNnJ8UBruumwVMvL8
3ekLRESfz98Lj2pIb3sSnBisWVTajP7XLta/zMTZp4gL6rYi9B3EEjzDNwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFKAGDwwVjrWqRLnDbXaGLnAslgC+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0FZUERCV090YXBFdWNOdGRvWXVjQ3lXQUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jBCBAIAATA8AwQAHyq3
AwQCLQxEAwQCLYO4AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAueh1AwQAwjJc
AwQAwjJeMIGjBAIAAjCBnAMHACABB/gBGQMFAyoJBMAwDgMFByoMO4ADBQAqDDuG
AwcAKg6XwAFwAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfDARADBwQqDpfEAQADBwQq
DpfEASADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAqD+QEAQIDBwAqEC8A
AY0DBwAqEC8AAY8DBwQqEMxAAlADBgMqEMxBCDANBgkqhkiG9w0BAQsFAAOCAQEA
yHsGlBKRWEl7b0ViIliVn2YCShzvk4iA1w7Vts+H0a22ej5P905BoIQcCTeA5ysK
oUvChXIJKW8aDRyxVUUJ9KsuuHl4CXh0KjjWiACF2SK+WzZgv1FtiKEahli2xPrD
+v56F7JpmX2xxFtdWn681BjBQy5sn/ywtv05jY8Q1sfRl/tqC5y4/b8P8jRJ/EHI
ffdSOyU7dKnq9E4nG2szp1D/6NrCYB24KR4/z4ayrXiIiyQ/1BT0Vrz2kxo/PKHF
M81MVjqNT5VoQbJS+0HDjHiW70g5Gq4N97BEGXczl19KTMzjVtOLS7dN1xNXjwBM
7kdZEg36Hq6kYqcsHrDwiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org