Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/OmMPMJCpBqpNCisvBMdNY-xTkr4.roa
File: OmMPMJCpBqpNCisvBMdNY-xTkr4.roa (raw, json)
Hash identifier: APfI7tWxvAHkoH3K2yh/o/MHfvU9x8VeMbBcgYNE0t4=
Subject key identifier: 3A:63:0F:30:90:A9:06:AA:4D:0A:2B:2F:04:C7:4D:63:EC:53:92:BE
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 01857355DAFD7F6BE8585F88C3E5ED73EBFA
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/OmMPMJCpBqpNCisvBMdNY-xTkr4.roa
Signing time: Mon 02 Jan 2023 16:34:44 +0000
ROA not before: Mon 02 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200521
IP address blocks: 212.128.96.0/22 maxlen: 22
212.128.101.0/24 maxlen: 24
212.128.102.0/24 maxlen: 24
212.128.100.0/24 maxlen: 24
212.128.105.0/24 maxlen: 24
212.128.103.0/24 maxlen: 24
212.128.104.0/24 maxlen: 24
192.187.17.0/24 maxlen: 24
192.187.16.0/24 maxlen: 24
192.187.18.0/24 maxlen: 24
192.187.19.0/24 maxlen: 24
192.187.22.0/24 maxlen: 24
192.187.23.0/24 maxlen: 24
192.187.20.0/24 maxlen: 24
192.187.21.0/24 maxlen: 24
192.148.214.0/24 maxlen: 24
192.148.215.0/24 maxlen: 24
212.128.112.0/24 maxlen: 24
212.128.110.0/24 maxlen: 24
212.128.112.0/22 maxlen: 22
212.128.111.0/24 maxlen: 24
212.128.108.0/24 maxlen: 24
212.128.109.0/24 maxlen: 24
212.128.107.0/24 maxlen: 24
212.128.106.0/24 maxlen: 24
212.128.116.0/23 maxlen: 23
212.128.114.0/24 maxlen: 24
212.128.113.0/24 maxlen: 24
212.128.118.0/24 maxlen: 24
212.128.122.0/24 maxlen: 24
212.128.123.0/24 maxlen: 24
212.128.120.0/24 maxlen: 24
212.128.121.0/24 maxlen: 24
212.128.119.0/24 maxlen: 24
212.128.125.0/24 maxlen: 24
212.128.127.0/24 maxlen: 24
212.128.126.0/24 maxlen: 24
192.148.211.0/24 maxlen: 24
192.148.212.0/24 maxlen: 24
192.148.209.0/24 maxlen: 24
192.148.210.0/24 maxlen: 24
192.148.208.0/24 maxlen: 24
192.148.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:da:fd:7f:6b:e8:58:5f:88:c3:e5:ed:73:eb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 2 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a630f3090a906aa4d0a2b2f04c74d63ec5392be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:34:31:b4:5a:99:5d:53:8b:7b:5e:21:7d:
e0:dc:31:7f:69:8c:f4:e1:62:2f:13:85:62:a0:df:
7b:97:ee:28:fd:11:88:0b:5c:d3:b3:42:8f:a2:0d:
50:73:b9:13:bf:9e:a6:2f:51:72:2a:7a:4d:a3:7b:
33:4c:d2:24:f9:8e:8b:64:b2:f3:5a:39:ea:1c:12:
39:06:51:4a:40:7f:fd:5d:89:d4:45:11:dc:c1:86:
6a:c9:1c:c6:8a:39:53:66:1b:4e:dc:aa:25:f2:24:
ea:2e:3d:d6:b9:f4:8e:a4:57:73:8e:f2:0b:e9:25:
c6:f5:e2:f7:e8:8e:ce:e1:6a:5c:a4:d6:c3:8b:54:
68:ac:3c:9c:d7:da:b8:3f:86:5a:0c:c8:49:2e:1d:
92:28:cd:55:39:04:54:07:85:57:bb:d7:ea:4d:28:
dd:7f:f8:07:61:71:26:60:f0:7a:97:0e:14:3d:96:
cf:89:40:bc:22:53:38:93:16:35:a6:71:8a:e2:14:
57:fc:d5:22:a8:8c:7d:46:49:7d:2b:a0:3c:47:81:
91:18:ce:a3:40:c8:bb:c7:d5:57:01:f1:97:e9:ea:
2c:ee:9b:7a:67:55:c5:ae:2e:14:80:08:6d:5c:05:
c8:0a:eb:1a:41:46:95:15:29:21:ea:4a:b1:0e:96:
e8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:63:0F:30:90:A9:06:AA:4D:0A:2B:2F:04:C7:4D:63:EC:53:92:BE
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/OmMPMJCpBqpNCisvBMdNY-xTkr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.208.0/21
192.187.16.0/21
212.128.96.0-212.128.123.255
212.128.125.0-212.128.127.255
Signature Algorithm: sha256WithRSAEncryption
86:8e:0b:ff:99:f2:dc:be:15:d8:7a:48:4b:9e:7e:60:c5:32:
96:a1:85:34:ee:f8:89:91:7f:af:d5:a3:cd:96:85:9a:c6:e9:
8a:1c:5e:42:9a:f7:c2:dc:7d:5c:60:b2:8e:f8:98:7a:2b:c3:
d6:43:04:14:5a:b5:f2:23:eb:40:4b:70:70:8c:d9:53:95:52:
fa:db:04:53:f9:05:d4:76:8d:88:43:b9:a2:62:27:0c:b3:2f:
4b:eb:bb:09:e3:20:62:1a:54:48:f7:5a:14:73:84:f8:8d:39:
cb:5f:b1:27:45:6d:e0:0a:7d:02:72:3f:e7:56:08:62:ee:fb:
bd:fd:75:18:a9:ee:cb:a3:73:f2:2e:07:50:e1:d9:a0:c2:42:
a7:0e:a4:d4:3d:9f:ed:dc:b1:d1:c0:39:93:81:7f:9c:a1:28:
57:57:7c:e5:13:02:20:6e:fc:c0:de:d7:7d:ca:fc:57:5c:26:
cc:5b:55:9a:17:b5:3a:a8:dc:69:9b:7e:46:42:c1:bd:4f:0f:
f2:5e:b3:e0:ba:f1:fe:ac:1b:93:0a:a9:b9:d1:e1:8e:57:7d:
2c:ac:9c:35:68:83:1f:be:7d:4d:a0:6d:77:aa:a0:f0:a4:0e:
aa:81:30:c1:03:d9:42:1b:9b:6d:5a:79:95:05:1c:09:1f:30:
29:3c:ca:a7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVzVdr9f2voWF+Iw+Xtc+v6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTAwNzdkMmRkOGE2N2ExYWU4YjZhYmQ2YmJiMzQ4OTAy
OGE1YmIwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYzMGYzMDkwYTkwNmFhNGQwYTJiMmYwNGM3NGQ2M2VjNTM5MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNU0MbRamV1Ti3teIX3g3DF/aYz0
4WIvE4VioN97l+4o/RGIC1zTs0KPog1Qc7kTv56mL1FyKnpNo3szTNIk+Y6LZLLz
WjnqHBI5BlFKQH/9XYnURRHcwYZqyRzGijlTZhtO3Kol8iTqLj3WufSOpFdzjvIL
6SXG9eL36I7O4WpcpNbDi1RorDyc19q4P4ZaDMhJLh2SKM1VOQRUB4VXu9fqTSjd
f/gHYXEmYPB6lw4UPZbPiUC8IlM4kxY1pnGK4hRX/NUiqIx9Rkl9K6A8R4GRGM6j
QMi7x9VXAfGX6eos7pt6Z1XFri4UgAhtXAXICusaQUaVFSkh6kqxDpbocQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDpjDzCQqQaqTQorLwTHTWPsU5K+MB8GA1UdIwQY
MBaAFH9QB30t2KZ6Gui2q9a7s0iQKKW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2Mt
M2U3Y2FkZDg4YzcwLzEvT21NUE1KQ3BCcXBOQ2lzdkJNZE5ZLXhUa3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2MtM2U3Y2FkZDg4Yzcw
LzEvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDwJTQAwQD
wLsQMAwDBAXUgGADBALUgHgwDAMEANSAfQMEB9SAADANBgkqhkiG9w0BAQsFAAOC
AQEAho4L/5ny3L4V2HpIS55+YMUylqGFNO74iZF/r9WjzZaFmsbpihxeQpr3wtx9
XGCyjviYeivD1kMEFFq18iPrQEtwcIzZU5VS+tsEU/kF1HaNiEO5omInDLMvS+u7
CeMgYhpUSPdaFHOE+I05y1+xJ0Vt4Ap9AnI/51YIYu77vf11GKnuy6Nz8i4HUOHZ
oMJCpw6k1D2f7dyx0cA5k4F/nKEoV1d85RMCIG78wN7Xfcr8V1wmzFtVmhe1Oqjc
aZt+RkLBvU8P8l6z4Lrx/qwbkwqpudHhjld9LKycNWiDH759TaBtd6qg8KQOqoEw
wQPZQhubbVp5lQUcCR8wKTzKpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:18 2024 by rpki-client on console-fra.rpki-client.org