Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/ouApVQFvou5UOlJt8F2mbYaZQFQ.roa
File: ouApVQFvou5UOlJt8F2mbYaZQFQ.roa (raw, json)
Hash identifier: Y8sMDa1gp0TCBgwWXMwiYxa//Vq+oYB9s42f5j9YiVU=
Subject key identifier: A2:E0:29:55:01:6F:A2:EE:54:3A:52:6D:F0:5D:A6:6D:86:99:40:54
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 01922FD43300E6E97ED7E2CB492D03B9422C
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/ouApVQFvou5UOlJt8F2mbYaZQFQ.roa
Signing time: Thu 26 Sep 2024 19:34:48 +0000
ROA not before: Thu 26 Sep 2024 19:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
94.124.88.0/21 maxlen: 24
185.94.168.0/22 maxlen: 24
185.103.16.0/22 maxlen: 24
194.50.163.0/24 maxlen: 24
195.216.246.0/24 maxlen: 24
213.132.192.0/19 maxlen: 24
2a00:1bd0::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 27 Sep 2024 08:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:d4:33:00:e6:e9:7e:d7:e2:cb:49:2d:03:b9:42:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Sep 26 19:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e02955016fa2ee543a526df05da66d86994054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:4d:bb:56:21:8c:ee:d4:99:8d:b6:3a:6a:
4d:49:8b:c9:fc:e0:c7:bc:af:f9:c9:66:e1:91:12:
2c:e1:93:18:79:c7:0c:98:9e:bb:96:40:bb:ee:9c:
fd:6d:e7:29:85:1b:ac:23:12:4b:df:7d:57:df:25:
bb:22:fd:fb:a9:04:04:2d:09:23:f3:99:32:3d:e4:
00:8d:d4:5f:f3:bb:32:b0:d7:09:6d:d8:ba:f2:0a:
c6:b8:0a:b5:5d:fd:1c:f0:a7:c6:59:10:13:3c:48:
4d:59:fa:d7:4f:2b:17:6e:43:7c:5c:ae:8c:44:88:
93:14:68:94:5e:4c:c7:ac:cd:9c:83:3e:05:78:1f:
eb:7a:71:47:9f:54:e0:5a:a7:96:98:59:f1:cf:89:
c1:d3:f6:6c:fb:e4:2c:32:60:8a:9d:a1:06:c8:3f:
20:e8:61:07:b0:e3:c8:44:41:97:7c:3f:35:b2:8e:
15:20:54:9d:01:f6:c6:82:69:77:5a:7b:8f:03:13:
a7:aa:0a:b8:6a:e9:ce:62:2a:c2:42:e8:1b:13:a6:
a3:2c:5a:a4:c5:b9:2e:40:c0:6f:67:a0:bf:24:e3:
a0:80:94:24:82:de:17:9a:2c:02:a3:e0:eb:34:02:
98:3f:5a:68:e2:9a:95:45:78:b0:58:46:ed:57:47:
0c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E0:29:55:01:6F:A2:EE:54:3A:52:6D:F0:5D:A6:6D:86:99:40:54
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/ouApVQFvou5UOlJt8F2mbYaZQFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/22
185.103.16.0/22
194.50.163.0/24
195.216.246.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/29
Signature Algorithm: sha256WithRSAEncryption
39:de:de:09:52:b6:07:58:96:26:0c:85:2b:0c:84:e1:b5:82:
cd:3e:88:3a:e9:b6:9d:b0:57:f7:d5:69:41:59:2b:7b:91:9a:
c6:98:67:90:3d:2a:88:64:8e:49:fc:ba:cf:d9:2c:b4:ed:eb:
64:02:67:31:61:ac:cd:24:2b:59:58:6b:44:7c:40:5a:c6:87:
81:99:81:65:6d:eb:87:c1:c6:8b:ac:e9:08:39:11:da:3b:f7:
b4:43:5b:8c:fa:ac:f7:45:c7:8d:23:81:70:40:ca:a3:19:33:
3c:88:d1:3a:8b:ca:58:98:83:6c:44:da:57:2d:fb:3a:fb:dc:
a1:f3:fe:b9:62:97:6b:9e:42:b3:4a:e3:f0:1b:ce:f5:3b:ed:
b2:9a:33:41:24:06:02:bd:96:31:ca:36:99:64:da:17:57:38:
51:18:1a:1a:cb:b0:2f:82:c6:1d:e1:30:75:ad:de:72:41:85:
4d:77:63:4f:5b:2d:9c:5a:99:a9:75:81:25:e8:7c:ed:58:2d:
24:17:f3:2e:eb:d0:61:86:50:bd:08:10:73:c3:ae:45:cf:8a:
62:77:c3:2e:a8:9a:46:f4:65:8c:bc:68:3b:a2:90:fc:d2:e4:
3c:a3:ff:1a:f3:91:de:20:85:16:1b:27:1e:37:87:6e:b5:f9:
2f:70:67:63
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZIv1DMA5ul+1+LLSS0DuUIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjQwOTI2MTkzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmUwMjk1NTAxNmZhMmVlNTQzYTUyNmRmMDVkYTY2ZDg2OTk0MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzpNu1YhjO7UmY22OmpNSYvJ/ODH
vK/5yWbhkRIs4ZMYeccMmJ67lkC77pz9becphRusIxJL331X3yW7Iv37qQQELQkj
85kyPeQAjdRf87sysNcJbdi68grGuAq1Xf0c8KfGWRATPEhNWfrXTysXbkN8XK6M
RIiTFGiUXkzHrM2cgz4FeB/renFHn1TgWqeWmFnxz4nB0/Zs++QsMmCKnaEGyD8g
6GEHsOPIREGXfD81so4VIFSdAfbGgml3WnuPAxOnqgq4aunOYirCQugbE6ajLFqk
xbkuQMBvZ6C/JOOggJQkgt4XmiwCo+DrNAKYP1po4pqVRXiwWEbtV0cMVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKLgKVUBb6LuVDpSbfBdpm2GmUBUMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvb3VBcFZRRnZvdTVVT2xKdDhGMm1iWWFaUUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQCuV6oAwQCuWcQAwQAwjKjAwQAw9j2AwQF1YTAMA0E
AgACMAcDBQMqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQA53t4JUrYHWJYmDIUrDITh
tYLNPog66badsFf31WlBWSt7kZrGmGeQPSqIZI5J/LrP2Sy07etkAmcxYazNJCtZ
WGtEfEBaxoeBmYFlbeuHwcaLrOkIORHaO/e0Q1uM+qz3RceNI4FwQMqjGTM8iNE6
i8pYmINsRNpXLfs6+9yh8/65YpdrnkKzSuPwG871O+2ymjNBJAYCvZYxyjaZZNoX
VzhRGBoay7AvgsYd4TB1rd5yQYVNd2NPWy2cWpmpdYEl6HztWC0kF/Mu69BhhlC9
CBBzw65Fz4pid8MuqJpG9GWMvGg7opD80uQ8o/8a85HeIIUWGyceN4dutfkvcGdj
-----END CERTIFICATE-----
Generated at Fri Sep 27 11:22:41 2024 by rpki-client on console-ams.rpki-client.org