Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/OKSvEhgZ9npHtGQKK2t00J4OG3k.roa
File: OKSvEhgZ9npHtGQKK2t00J4OG3k.roa (raw, json)
Hash identifier: 5WcZC1QYMOwyIZFcuLn7mcoFujpRuotOP6KDxuXJkVY=
Subject key identifier: 38:A4:AF:12:18:19:F6:7A:47:B4:64:0A:2B:6B:74:D0:9E:0E:1B:79
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E5C6017A7F5BB4CAB15C55573909F2EC8
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/OKSvEhgZ9npHtGQKK2t00J4OG3k.roa
Signing time: Wed 20 Mar 2024 14:59:45 +0000
ROA not before: Wed 20 Mar 2024 14:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16625
IP address blocks: 84.53.156.0/22 maxlen: 22
84.53.164.0/22 maxlen: 22
84.53.188.0/22 maxlen: 22
88.221.4.0/22 maxlen: 22
88.221.8.0/22 maxlen: 22
88.221.16.0/22 maxlen: 22
88.221.32.0/22 maxlen: 22
88.221.36.0/22 maxlen: 22
88.221.40.0/22 maxlen: 22
88.221.44.0/22 maxlen: 22
88.221.58.0/23 maxlen: 23
88.221.60.0/22 maxlen: 22
88.221.68.0/22 maxlen: 22
88.221.76.0/22 maxlen: 22
88.221.96.0/22 maxlen: 22
88.221.124.0/22 maxlen: 22
88.221.130.0/23 maxlen: 23
88.221.136.0/21 maxlen: 21
88.221.148.0/22 maxlen: 22
88.221.152.0/21 maxlen: 21
88.221.164.0/22 maxlen: 22
88.221.168.0/22 maxlen: 22
88.221.176.0/21 maxlen: 21
88.221.224.0/21 maxlen: 21
88.221.236.0/22 maxlen: 22
92.123.240.0/22 maxlen: 22
195.95.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 21 Mar 2024 12:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:60:17:a7:f5:bb:4c:ab:15:c5:55:73:90:9f:2e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 20 14:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a4af121819f67a47b4640a2b6b74d09e0e1b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:20:be:0e:bc:dd:82:ac:4d:93:8b:fc:dd:6b:
eb:bd:2b:4f:f2:2c:85:36:17:8a:89:f3:55:b2:4d:
a1:ce:de:0a:ed:b9:7b:d7:14:29:fc:9f:d2:21:72:
19:ac:a9:74:cf:eb:90:cd:d9:15:08:a8:ba:52:c8:
5a:7d:4d:37:40:37:62:fe:6e:14:c3:c5:d1:30:f5:
81:10:48:2b:28:e6:58:34:5f:74:a5:8b:79:ae:60:
8c:c6:49:a9:0a:29:97:d9:1f:48:c7:4e:41:1c:4d:
fe:e5:f2:a4:5c:99:53:24:52:b5:d8:5e:a1:e8:11:
75:23:70:ee:48:9d:51:e3:79:dd:ab:cf:75:0b:8b:
02:4b:f2:7f:15:31:e8:26:f0:dd:bc:89:35:b0:d2:
db:d7:f8:01:fe:7b:81:98:6b:55:9a:fd:55:cb:3e:
ce:aa:7d:cf:3c:ec:2a:09:7f:f8:42:e2:c7:f4:8c:
08:7c:6a:71:c6:9a:93:84:25:a5:ef:27:28:1d:14:
db:8c:de:f0:ad:a7:88:43:4c:72:73:b1:58:96:16:
19:0c:b3:4c:3d:fb:ef:22:95:28:06:79:0b:b4:dd:
d8:44:75:c7:4e:57:b2:a8:a0:d6:c9:13:63:de:19:
bf:0f:7c:8b:be:01:63:53:6e:fa:21:d9:53:c1:66:
98:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A4:AF:12:18:19:F6:7A:47:B4:64:0A:2B:6B:74:D0:9E:0E:1B:79
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/OKSvEhgZ9npHtGQKK2t00J4OG3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.156.0/22
84.53.164.0/22
84.53.188.0/22
88.221.4.0-88.221.11.255
88.221.16.0/22
88.221.32.0/20
88.221.58.0-88.221.63.255
88.221.68.0/22
88.221.76.0/22
88.221.96.0/22
88.221.124.0/22
88.221.130.0/23
88.221.136.0/21
88.221.148.0-88.221.159.255
88.221.164.0-88.221.171.255
88.221.176.0/21
88.221.224.0/21
88.221.236.0/22
92.123.240.0/22
195.95.192.0/22
Signature Algorithm: sha256WithRSAEncryption
88:4e:77:fa:d9:0c:9b:24:f8:d6:6f:29:c1:3c:5c:33:03:cb:
cf:0e:fd:ce:82:e6:06:88:dc:5a:89:4f:e9:16:26:00:a6:ed:
02:f7:90:c1:3e:13:4a:82:b2:4a:50:2c:4c:ce:71:65:f1:ae:
27:eb:d1:ef:34:fa:3a:28:cb:49:b7:e6:4b:da:bb:5d:71:56:
46:0a:bd:01:11:57:2b:ec:5a:0a:7f:74:22:9f:a5:8c:44:e7:
43:1d:5a:fc:63:9c:99:44:70:ab:32:31:2c:6d:ad:3f:45:2b:
e5:27:bd:dc:f0:98:cf:7f:a8:c9:6e:44:f4:b0:48:a0:1a:89:
58:8d:03:10:6a:ff:40:fd:54:f8:20:39:cd:b9:75:55:b9:78:
f5:5a:e7:28:4e:fd:0d:b3:ee:6d:cb:fe:98:f4:92:d3:a8:e1:
ec:f4:17:36:24:1e:53:a0:94:11:d3:e6:96:c3:33:b1:d8:97:
03:61:9b:42:68:a9:c7:f1:12:df:f9:59:3c:93:d5:8b:26:eb:
d6:a0:d6:4f:b9:89:57:b2:82:c7:d0:26:7e:c0:4d:52:9a:a4:
91:45:c0:c4:54:a2:7c:70:82:e5:53:58:01:d4:97:fd:4c:b0:
40:99:03:e5:f1:d3:8e:0d:2c:0a:fe:79:25:eb:92:c3:4b:08:
6b:34:78:71
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY5cYBen9btMqxXFVXOQny7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIwMTQ1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGE0YWYxMjE4MTlmNjdhNDdiNDY0MGEyYjZiNzRkMDllMGUxYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSC+DrzdgqxNk4v83WvrvStP8iyF
NheKifNVsk2hzt4K7bl71xQp/J/SIXIZrKl0z+uQzdkVCKi6UshafU03QDdi/m4U
w8XRMPWBEEgrKOZYNF90pYt5rmCMxkmpCimX2R9Ix05BHE3+5fKkXJlTJFK12F6h
6BF1I3DuSJ1R43ndq891C4sCS/J/FTHoJvDdvIk1sNLb1/gB/nuBmGtVmv1Vyz7O
qn3PPOwqCX/4QuLH9IwIfGpxxpqThCWl7ycoHRTbjN7wraeIQ0xyc7FYlhYZDLNM
PfvvIpUoBnkLtN3YRHXHTleyqKDWyRNj3hm/D3yLvgFjU276IdlTwWaYZQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDikrxIYGfZ6R7RkCitrdNCeDht5MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvT0tTdkVoZ1o5bnBIdEdRS0sydDAwSjRPRzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAJU
NZwDBAJUNaQDBAJUNbwwDAMEAljdBAMEAljdCAMEAljdEAMEBFjdIDAMAwQBWN06
AwQGWN0AAwQCWN1EAwQCWN1MAwQCWN1gAwQCWN18AwQBWN2CAwQDWN2IMAwDBAJY
3ZQDBAVY3YAwDAMEAljdpAMEAljdqAMEA1jdsAMEA1jd4AMEAljd7AMEAlx78AME
AsNfwDANBgkqhkiG9w0BAQsFAAOCAQEAiE53+tkMmyT41m8pwTxcMwPLzw79zoLm
BojcWolP6RYmAKbtAveQwT4TSoKySlAsTM5xZfGuJ+vR7zT6OijLSbfmS9q7XXFW
Rgq9ARFXK+xaCn90Ip+ljETnQx1a/GOcmURwqzIxLG2tP0Ur5Se93PCYz3+oyW5E
9LBIoBqJWI0DEGr/QP1U+CA5zbl1Vbl49VrnKE79DbPubcv+mPSS06jh7PQXNiQe
U6CUEdPmlsMzsdiXA2GbQmipx/ES3/lZPJPViybr1qDWT7mJV7KCx9AmfsBNUpqk
kUXAxFSifHCC5VNYAdSX/UywQJkD5fHTjg0sCv55JeuSw0sIazR4cQ==
-----END CERTIFICATE-----
Generated at Thu Mar 21 15:37:21 2024 by rpki-client on console-ams.rpki-client.org