Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/OChWoB0VVJcTxykTNpN-wlQXSFs.roa
File: OChWoB0VVJcTxykTNpN-wlQXSFs.roa (raw, json)
Hash identifier: su5sR2n2GJlx3CWd1cNFEVqFdmx8+YqC4CN1yL0732Q=
Subject key identifier: 38:28:56:A0:1D:15:54:97:13:C7:29:13:36:93:7E:C2:54:17:48:5B
Certificate issuer: /CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Certificate serial: 0186EA3F110B95260429BA35E67DD1978E87
Authority key identifier: C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/OChWoB0VVJcTxykTNpN-wlQXSFs.roa
Signing time: Thu 16 Mar 2023 11:47:27 +0000
ROA not before: Thu 16 Mar 2023 11:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15659
IP address blocks: 213.187.160.0/19 maxlen: 19
89.10.0.0/16 maxlen: 16
80.202.0.0/16 maxlen: 16
213.187.190.0/24 maxlen: 24
217.13.0.0/19 maxlen: 19
213.145.160.0/19 maxlen: 19
84.48.0.0/18 maxlen: 18
89.11.0.0/17 maxlen: 17
84.49.101.0/24 maxlen: 24
84.49.0.0/16 maxlen: 16
2a04:980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:3f:11:0b:95:26:04:29:ba:35:e6:7d:d1:97:8e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6583f58c7110ad4cc609f4ffb7cab2f80c83581
Validity
Not Before: Mar 16 11:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=382856a01d15549713c7291336937ec25417485b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:cd:7d:6b:4a:9a:a9:d6:4c:60:4c:a0:30:
7e:53:c0:0a:0b:af:fc:19:86:74:02:2d:0e:76:91:
1b:d3:fe:be:53:9b:ae:8f:fd:fa:74:ae:81:f4:d5:
fa:a0:58:3b:aa:9e:3f:c3:06:43:74:c8:22:30:75:
7f:98:ac:e0:c5:50:54:00:e2:fa:f4:3b:3e:1e:55:
6d:22:8c:4a:ea:47:13:b4:ef:85:a2:e7:4a:f6:45:
03:9b:1a:73:29:ab:3d:e4:01:5e:cf:76:8d:6b:13:
9d:95:4a:9c:57:74:36:07:98:27:f0:57:3b:49:d7:
8f:e0:41:ab:b7:bd:ed:75:4d:2a:20:b7:a6:6e:c8:
ca:57:36:bf:90:11:12:b1:ed:58:db:43:1a:cd:5a:
7a:15:ec:44:8f:38:50:51:36:f3:3a:ac:2c:97:a1:
b3:02:97:ac:82:c5:cd:9c:48:75:dc:f3:13:18:7d:
d5:37:02:f3:7d:4d:59:2c:54:56:9e:c7:0f:4e:bc:
c5:b0:c2:80:df:59:a5:44:6c:5c:47:91:0e:a0:c2:
06:3f:ad:4d:5b:c3:20:69:73:c4:88:b0:9b:f3:fa:
94:64:49:58:b1:a4:bb:a5:4b:1b:0d:d1:8b:7e:f4:
d9:17:9e:48:f8:7b:e9:8c:25:91:6e:58:35:b4:df:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:28:56:A0:1D:15:54:97:13:C7:29:13:36:93:7E:C2:54:17:48:5B
X509v3 Authority Key Identifier:
keyid:C6:58:3F:58:C7:11:0A:D4:CC:60:9F:4F:FB:7C:AB:2F:80:C8:35:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlg_WMcRCtTMYJ9P-3yrL4DINYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/OChWoB0VVJcTxykTNpN-wlQXSFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d0cae-ec13-45fb-9afc-3d593ebe5220/1/xlg_WMcRCtTMYJ9P-3yrL4DINYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.202.0.0/16
84.48.0.0/18
84.49.0.0/16
89.10.0.0-89.11.127.255
213.145.160.0/19
213.187.160.0/19
217.13.0.0/19
IPv6:
2a04:980::/29
Signature Algorithm: sha256WithRSAEncryption
cf:77:02:58:5b:d1:31:ee:dd:86:30:f1:e1:7f:e7:13:1b:ce:
9c:58:f2:a9:a8:e8:e2:1b:a0:1b:65:6a:43:c7:d4:9c:62:d0:
98:96:fc:f8:17:b5:e1:a8:c4:c1:44:0a:88:90:dc:3a:c5:02:
61:d2:3f:03:59:3e:b0:85:93:cc:0a:3a:13:8a:54:ab:74:b4:
11:90:20:44:34:26:0b:0d:ef:4a:dd:63:b1:12:76:06:58:57:
18:a1:d6:54:25:bc:48:7e:6f:96:64:db:d2:2e:1a:ee:ff:48:
c3:1d:ef:0a:09:55:13:aa:97:09:46:cc:f7:20:33:e9:8d:61:
77:86:fb:75:30:0e:49:e9:76:f1:e6:a5:cf:f9:b4:8e:d0:34:
15:a8:f5:28:05:ff:34:83:36:e2:8a:7b:81:48:c5:4d:46:64:
be:2a:de:12:30:ae:79:52:7a:85:4c:a1:cc:fe:d0:be:82:c8:
e7:2e:15:ef:e0:89:24:d4:89:4d:9f:f6:71:5f:87:39:ce:ee:
00:48:05:8a:c5:86:18:ae:e8:a5:a8:a2:f2:7b:29:21:41:04:
95:a2:4a:6e:01:81:4f:04:ae:bd:1e:08:04:40:b1:84:e8:9c:
86:95:d7:70:9d:a1:ca:38:25:23:32:ed:82:09:a0:80:cc:13:
dd:72:10:11
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYbqPxELlSYEKbo15n3Rl46HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTgzZjU4YzcxMTBhZDRjYzYwOWY0ZmZiN2NhYjJmODBj
ODM1ODEwHhcNMjMwMzE2MTE0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI4NTZhMDFkMTU1NDk3MTNjNzI5MTMzNjkzN2VjMjU0MTc0ODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriTNfWtKmqnWTGBMoDB+U8AKC6/8
GYZ0Ai0OdpEb0/6+U5uuj/36dK6B9NX6oFg7qp4/wwZDdMgiMHV/mKzgxVBUAOL6
9Ds+HlVtIoxK6kcTtO+FoudK9kUDmxpzKas95AFez3aNaxOdlUqcV3Q2B5gn8Fc7
SdeP4EGrt73tdU0qILembsjKVza/kBESse1Y20MazVp6FexEjzhQUTbzOqwsl6Gz
ApesgsXNnEh13PMTGH3VNwLzfU1ZLFRWnscPTrzFsMKA31mlRGxcR5EOoMIGP61N
W8MgaXPEiLCb8/qUZElYsaS7pUsbDdGLfvTZF55I+HvpjCWRblg1tN+bnQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDgoVqAdFVSXE8cpEzaTfsJUF0hbMB8GA1UdIwQY
MBaAFMZYP1jHEQrUzGCfT/t8qy+AyDWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMt
M2Q1OTNlYmU1MjIwLzEvT0NoV29CMFZWSmNUeHlrVE5wTi13bFFYU0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84ZDBjYWUtZWMxMy00NWZiLTlhZmMtM2Q1OTNlYmU1MjIw
LzEveGxnX1dNY1JDdFRNWUo5UC0zeXJMNERJTllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMAUMoDBAZU
MAADAwBUMTALAwMBWQoDBAdZCwADBAXVkaADBAXVu6ADBAXZDQAwDQQCAAIwBwMF
AyoECYAwDQYJKoZIhvcNAQELBQADggEBAM93Alhb0THu3YYw8eF/5xMbzpxY8qmo
6OIboBtlakPH1Jxi0JiW/PgXteGoxMFECoiQ3DrFAmHSPwNZPrCFk8wKOhOKVKt0
tBGQIEQ0JgsN70rdY7ESdgZYVxih1lQlvEh+b5Zk29IuGu7/SMMd7woJVROqlwlG
zPcgM+mNYXeG+3UwDknpdvHmpc/5tI7QNBWo9SgF/zSDNuKKe4FIxU1GZL4q3hIw
rnlSeoVMocz+0L6CyOcuFe/giSTUiU2f9nFfhznO7gBIBYrFhhiu6KWoovJ7KSFB
BJWiSm4BgU8Err0eCARAsYTonIaV13Cdoco4JSMy7YIJoIDME91yEBE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:25 2024 by rpki-client on console-fra.rpki-client.org