Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/OGMlhF5Xywr6wobv77GweHtsPpY.roa
File: OGMlhF5Xywr6wobv77GweHtsPpY.roa (raw, json)
Hash identifier: HV6I6+QnzX/lX2fw0Yt/r7/OKm8R9wsY+WeW9V/QVQ8=
Subject key identifier: 38:63:25:84:5E:57:CB:0A:FA:C2:86:EF:EF:B1:B0:78:7B:6C:3E:96
Certificate issuer: /CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Certificate serial: 01860C9897B70662BC84E2D1CF24242F3551
Authority key identifier: 1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/OGMlhF5Xywr6wobv77GweHtsPpY.roa
Signing time: Wed 01 Feb 2023 10:49:32 +0000
ROA not before: Wed 01 Feb 2023 10:49:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62275
IP address blocks: 185.221.72.0/22 maxlen: 24
185.234.112.0/24 maxlen: 24
5.62.72.0/21 maxlen: 24
185.40.212.0/22 maxlen: 24
193.254.12.0/22 maxlen: 24
2a0c:e2c0::/29 maxlen: 29
2a01:ab40::/29 maxlen: 48
2a0c:8000::/29 maxlen: 29
2a04:8640::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:98:97:b7:06:62:bc:84:e2:d1:cf:24:24:2f:35:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Validity
Not Before: Feb 1 10:49:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=386325845e57cb0afac286efefb1b0787b6c3e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f3:01:c1:25:58:69:af:f1:32:aa:c3:70:e4:
73:77:46:69:4c:15:92:6f:54:93:39:63:de:c4:7a:
2a:e1:a8:dd:8b:67:49:67:15:02:86:a8:30:1b:4c:
7c:54:1a:18:f8:01:15:48:99:0c:b6:f5:3a:32:00:
48:d8:a7:cf:41:d4:ca:e0:b0:35:3c:8a:6c:ea:35:
28:15:8d:2a:06:66:82:af:f6:49:4b:4f:28:b8:72:
5c:5c:49:cc:dc:89:56:1b:a4:a5:7e:e8:a5:2c:c9:
b6:9c:56:a4:b2:7b:2d:ae:4f:c0:38:cf:1e:14:b2:
7e:2e:c7:57:ef:8f:fb:3d:71:2a:c5:34:17:c8:85:
a6:5b:97:f9:b9:05:b7:2b:91:9e:9a:28:62:7e:f8:
bd:17:e1:a9:81:d7:04:a6:63:79:f2:c7:7c:da:3a:
20:70:3e:f3:ac:2f:48:26:ee:c5:a0:3b:bf:5c:23:
5d:19:48:be:9a:3d:ec:fb:5e:61:d6:55:81:57:4b:
5a:4e:aa:a1:74:85:28:dd:eb:e1:6f:be:93:13:bb:
8b:a2:f4:f4:0e:f0:77:41:d9:33:55:71:85:19:15:
39:b1:c1:0d:c7:b9:41:d7:e8:57:c7:76:68:95:0b:
87:3c:b9:c5:d9:48:dd:82:ec:06:5d:4f:97:14:3d:
d6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:63:25:84:5E:57:CB:0A:FA:C2:86:EF:EF:B1:B0:78:7B:6C:3E:96
X509v3 Authority Key Identifier:
keyid:1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/OGMlhF5Xywr6wobv77GweHtsPpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/HU6VkgCuqPuSkVi3PowOaaiNxek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.72.0/21
185.40.212.0/22
185.221.72.0/22
185.234.112.0/24
193.254.12.0/22
IPv6:
2a01:ab40::/29
2a04:8640::/29
2a0c:8000::/29
2a0c:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:54:6a:86:de:79:ce:b4:88:ac:af:bb:e1:ce:ae:0c:e6:14:
a5:e2:b2:a1:18:79:a4:a5:03:36:55:d5:71:45:91:83:4e:9d:
8b:92:c2:5a:1a:1b:7b:6d:18:67:1d:5d:a8:79:bd:5b:05:7f:
34:a8:13:d3:8d:56:83:d3:b1:e0:dc:d8:ec:c9:61:53:d7:90:
ab:38:d0:5a:aa:ee:af:75:b2:a4:e8:82:8e:a0:35:66:7f:30:
e4:59:e2:8a:a6:a0:4f:5e:cc:01:ed:d3:92:4c:01:f1:63:92:
e9:0b:2d:e2:65:ac:01:84:a8:b2:c4:33:e8:14:9f:f5:c4:e7:
94:5a:55:4a:f7:4d:98:99:97:96:16:d4:e7:10:ec:c9:24:33:
31:df:30:30:0a:f8:af:bb:f2:aa:35:d8:6f:9a:00:6f:b0:68:
c0:e2:26:87:97:cf:5e:5f:5b:53:a1:8f:a8:d8:1e:67:8a:47:
94:e2:22:c8:b9:7a:3f:df:1f:89:a9:cb:7e:df:9a:6a:92:28:
0f:ad:65:ec:e1:ea:45:a5:1a:26:08:a6:47:ed:75:1b:bc:c2:
c1:60:64:1e:56:d4:f4:da:fb:3d:81:11:8e:2e:d8:0e:9a:98:
f9:91:ff:6d:7b:d9:61:ea:1c:2a:17:a7:97:71:24:f4:3f:66:
98:eb:10:04
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYYMmJe3BmK8hOLRzyQkLzVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNGU5NTkyMDBhZWE4ZmI5MjkxNThiNzNlOGMwZTY5YTg4
ZGM1ZTkwHhcNMjMwMjAxMTA0OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODYzMjU4NDVlNTdjYjBhZmFjMjg2ZWZlZmIxYjA3ODdiNmMzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPMBwSVYaa/xMqrDcORzd0ZpTBWS
b1STOWPexHoq4ajdi2dJZxUChqgwG0x8VBoY+AEVSJkMtvU6MgBI2KfPQdTK4LA1
PIps6jUoFY0qBmaCr/ZJS08ouHJcXEnM3IlWG6SlfuilLMm2nFaksnstrk/AOM8e
FLJ+LsdX74/7PXEqxTQXyIWmW5f5uQW3K5Gemihifvi9F+GpgdcEpmN58sd82jog
cD7zrC9IJu7FoDu/XCNdGUi+mj3s+15h1lWBV0taTqqhdIUo3evhb76TE7uLovT0
DvB3QdkzVXGFGRU5scENx7lB1+hXx3ZolQuHPLnF2UjdguwGXU+XFD3WDwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDhjJYReV8sK+sKG7++xsHh7bD6WMB8GA1UdIwQY
MBaAFB1OlZIArqj7kpFYtz6MDmmojcXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEt
MmI1MzZjZjdiODI1LzEvT0dNbGhGNVh5d3I2d29idjc3R3dlSHRzUHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEtMmI1MzZjZjdiODI1
LzEvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQDBT5IAwQC
uSjUAwQCud1IAwQAuepwAwQCwf4MMCIEAgACMBwDBQMqAatAAwUDKgSGQAMFAyoM
gAADBQMqDOLAMA0GCSqGSIb3DQEBCwUAA4IBAQAqVGqG3nnOtIisr7vhzq4M5hSl
4rKhGHmkpQM2VdVxRZGDTp2LksJaGht7bRhnHV2oeb1bBX80qBPTjVaD07Hg3Njs
yWFT15CrONBaqu6vdbKk6IKOoDVmfzDkWeKKpqBPXswB7dOSTAHxY5LpCy3iZawB
hKiyxDPoFJ/1xOeUWlVK902YmZeWFtTnEOzJJDMx3zAwCvivu/KqNdhvmgBvsGjA
4iaHl89eX1tToY+o2B5nikeU4iLIuXo/3x+Jqct+35pqkigPrWXs4epFpRomCKZH
7XUbvMLBYGQeVtT02vs9gRGOLtgOmpj5kf9te9lh6hwqF6eXcST0P2aY6xAE
-----END CERTIFICATE-----
Generated at Fri Dec 22 08:24:55 2023 by rpki-client on console-fra.rpki-client.org