Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/OKJhNNfIeFwiYtkUBWeE11bc7tc.roa
File: OKJhNNfIeFwiYtkUBWeE11bc7tc.roa (raw, json)
Hash identifier: GlzeZkUAquSBCkFDLh9e6RXdrO0R7luMF/kVi2syN3g=
Subject key identifier: 38:A2:61:34:D7:C8:78:5C:22:62:D9:14:05:67:84:D7:56:DC:EE:D7
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0192A40C856C827E3D6BFE36C4C7B8C85383
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/OKJhNNfIeFwiYtkUBWeE11bc7tc.roa
Signing time: Sat 19 Oct 2024 09:12:16 +0000
ROA not before: Sat 19 Oct 2024 09:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Nov 2024 09:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a4:0c:85:6c:82:7e:3d:6b:fe:36:c4:c7:b8:c8:53:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 19 09:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a26134d7c8785c2262d914056784d756dceed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:ea:57:a6:1c:82:a9:99:53:bc:d6:10:6e:
6d:bd:4e:b1:40:73:10:38:0a:72:a7:ed:20:3e:cc:
f5:5a:2b:f1:3b:91:98:7e:a0:fa:4d:9b:8b:7b:d7:
3a:37:e7:85:28:9b:05:99:62:2e:a7:c6:5e:11:54:
97:d0:b3:3e:d4:bc:a2:cc:4c:d2:85:2a:d2:89:cd:
3b:34:e7:2a:0f:03:ca:ba:d6:e9:46:56:35:cf:1f:
2d:c1:b8:70:18:ac:8d:73:04:6f:14:c7:75:36:28:
c8:eb:26:e6:21:db:f1:fa:18:b4:79:61:1c:05:8e:
87:70:fc:84:98:c7:e8:15:4f:36:59:78:56:d7:1d:
a3:b0:cc:d8:13:86:26:7d:e5:9c:9e:39:8b:a4:93:
db:ec:4d:7d:e9:07:d6:ab:88:52:d3:08:2e:d0:1f:
7e:22:b5:2c:4f:2f:58:57:5f:37:ab:05:63:a0:f4:
49:d5:2b:3c:42:73:85:5e:ab:47:e7:39:ac:90:d3:
ac:c4:f4:ef:b7:18:18:db:80:f0:09:34:03:f6:2e:
1a:1c:86:00:81:4d:d0:32:e3:38:f2:09:9b:58:f9:
63:b7:ad:91:ba:76:9c:7c:16:c2:41:f4:65:36:03:
71:28:1d:c4:cd:a0:13:7b:88:4e:aa:4f:ae:5e:50:
bf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A2:61:34:D7:C8:78:5C:22:62:D9:14:05:67:84:D7:56:DC:EE:D7
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/OKJhNNfIeFwiYtkUBWeE11bc7tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.239.0.0/24
185.239.2.0/24
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
42:14:7b:ec:b0:27:6b:87:5a:01:05:f4:c4:1a:b9:49:33:3f:
43:15:12:fd:da:c1:f9:f4:06:64:0e:3f:bc:ff:6f:92:82:4f:
71:96:ce:a4:c4:04:d1:85:32:99:ff:09:fe:da:a8:2c:9b:3e:
6a:17:0a:5c:d3:04:db:50:90:85:5a:74:7d:c1:84:55:73:a5:
e2:86:87:39:99:9d:1c:a9:a2:9b:01:d7:79:e5:59:6a:62:b6:
eb:8a:b6:3a:5d:e6:78:0c:fa:b4:8f:74:ae:c4:fc:84:3a:ab:
ce:78:ba:fc:9e:37:53:de:78:15:01:de:e4:02:f8:84:ce:ee:
bc:98:71:c1:77:bd:14:33:e5:21:4e:b4:bd:23:64:33:f8:69:
a4:5f:4e:85:f1:a3:6e:d6:07:0c:23:2c:f0:fd:e2:00:68:0d:
c2:fa:97:4f:1c:60:21:11:99:ef:d2:36:e9:5e:1e:f5:43:df:
aa:01:fa:bd:bd:4f:43:cb:75:08:50:e3:d6:46:a4:40:86:49:
59:13:3c:32:da:98:95:1b:0d:6f:83:c6:dc:cc:ba:3d:70:49:
14:52:61:4b:c3:12:68:f6:1b:bf:00:15:a4:5d:d6:80:16:04:
93:8f:4f:d6:de:a5:05:a3:da:54:cc:dd:e6:55:6a:64:14:04:
cf:78:25:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKkDIVsgn49a/42xMe4yFODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDE5MDkxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEyNjEzNGQ3Yzg3ODVjMjI2MmQ5MTQwNTY3ODRkNzU2ZGNlZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA3qV6YcgqmZU7zWEG5tvU6xQHMQ
OApyp+0gPsz1WivxO5GYfqD6TZuLe9c6N+eFKJsFmWIup8ZeEVSX0LM+1LyizEzS
hSrSic07NOcqDwPKutbpRlY1zx8twbhwGKyNcwRvFMd1NijI6ybmIdvx+hi0eWEc
BY6HcPyEmMfoFU82WXhW1x2jsMzYE4YmfeWcnjmLpJPb7E196QfWq4hS0wgu0B9+
IrUsTy9YV183qwVjoPRJ1Ss8QnOFXqtH5zmskNOsxPTvtxgY24DwCTQD9i4aHIYA
gU3QMuM48gmbWPljt62RunacfBbCQfRlNgNxKB3EzaATe4hOqk+uXlC/UQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDiiYTTXyHhcImLZFAVnhNdW3O7XMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvT0tKaE5OZkllRndpWXRrVUJXZUUxMWJjN3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZ8xAwQA
BZ82AwQALV7VAwQAue8AAwQAue8CAwQAvNRjMA0GCSqGSIb3DQEBCwUAA4IBAQBC
FHvssCdrh1oBBfTEGrlJMz9DFRL92sH59AZkDj+8/2+Sgk9xls6kxATRhTKZ/wn+
2qgsmz5qFwpc0wTbUJCFWnR9wYRVc6Xihoc5mZ0cqaKbAdd55VlqYrbrirY6XeZ4
DPq0j3SuxPyEOqvOeLr8njdT3ngVAd7kAviEzu68mHHBd70UM+UhTrS9I2Qz+Gmk
X06F8aNu1gcMIyzw/eIAaA3C+pdPHGAhEZnv0jbpXh71Q9+qAfq9vU9Dy3UIUOPW
RqRAhklZEzwy2piVGw1vg8bczLo9cEkUUmFLwxJo9hu/ABWkXdaAFgSTj0/W3qUF
o9pUzN3mVWpkFATPeCW4
-----END CERTIFICATE-----
Generated at Sat Nov 16 10:36:32 2024 by rpki-client on console-fra.rpki-client.org