Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Oli6NXgeec2lTezn08tCrJtUCgY.roa
File: Oli6NXgeec2lTezn08tCrJtUCgY.roa (raw, json)
Hash identifier: 2gahw6QhLMytd00kR3xd7DOeX8tb+gRJI64uBIUL6Zo=
Subject key identifier: 3A:58:BA:35:78:1E:79:CD:A5:4D:EC:E7:D3:CB:42:AC:9B:54:0A:06
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018A6A3A1DC50997D435F010D6BC3D166BA4
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Oli6NXgeec2lTezn08tCrJtUCgY.roa
Signing time: Wed 06 Sep 2023 11:21:48 +0000
ROA not before: Wed 06 Sep 2023 11:21:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203963
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
85.153.114.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:3a:1d:c5:09:97:d4:35:f0:10:d6:bc:3d:16:6b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Sep 6 11:21:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a58ba35781e79cda54dece7d3cb42ac9b540a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d6:16:2a:c1:8e:71:f7:74:07:3d:4e:6a:0a:
ab:78:14:5e:8d:75:65:0a:33:cb:38:2c:3a:1b:84:
fa:01:f7:69:3e:ef:05:0f:72:13:49:98:c7:e7:e6:
bd:3a:36:40:9d:8d:83:31:fa:f8:86:2e:a3:90:1b:
83:10:fc:a6:e9:23:5d:ca:bd:c3:e5:58:ed:c0:0b:
c3:f0:b7:e0:78:0c:0c:15:39:b2:dc:79:e1:4c:98:
35:bc:54:f0:6a:1b:9a:19:71:2f:eb:3f:e4:ca:08:
2a:ad:2c:0b:35:06:26:b2:17:50:1c:eb:6d:cf:2f:
1a:85:c5:71:b3:7f:ff:97:46:a4:d3:57:5c:a1:12:
6e:8b:87:11:fa:ae:ad:d6:62:c4:2a:6b:46:f2:36:
a4:93:9f:b6:50:49:9d:c2:2b:5f:fe:c3:68:56:dc:
15:d8:c4:a1:7e:f2:7a:ac:0d:97:a4:d5:03:17:fa:
36:2e:36:dc:a4:cb:52:68:ef:c9:6c:0b:09:76:60:
af:b9:cc:0e:6f:07:22:46:cb:d7:e2:b6:71:64:5c:
d4:16:fe:88:fd:cb:e1:2f:25:f1:96:be:4e:54:9f:
28:ce:16:17:74:dc:24:cd:d8:b4:19:09:49:df:c2:
a8:69:84:e5:40:b8:35:bf:5d:f4:49:b1:49:d2:62:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:58:BA:35:78:1E:79:CD:A5:4D:EC:E7:D3:CB:42:AC:9B:54:0A:06
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Oli6NXgeec2lTezn08tCrJtUCgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.47.0/24
85.153.112.0/24
85.153.114.0-85.153.117.255
Signature Algorithm: sha256WithRSAEncryption
8a:63:5d:44:b9:38:bd:79:cb:63:f8:bb:2c:0f:41:e0:67:6c:
ac:a1:6e:2d:e2:8e:eb:c7:b0:a0:7b:58:77:0a:17:5b:5f:8c:
cc:19:48:89:24:aa:67:10:84:ef:37:58:dc:b5:14:a4:f7:14:
f0:ae:36:4e:16:2e:26:9d:d5:9b:de:0e:3b:a0:eb:bc:16:56:
01:70:13:a2:0a:f3:3b:cb:ce:26:47:d3:2d:83:2d:11:41:b0:
9b:ee:67:7a:a9:9f:1d:c6:e4:bf:c5:0d:9e:f3:4c:cd:cc:63:
d0:1b:70:80:32:3d:29:a1:e4:24:ef:a0:25:f4:4f:8b:eb:bf:
2c:d1:9f:93:eb:e2:89:eb:0d:ad:a0:46:1b:52:cb:5e:c6:c4:
d7:c3:40:85:09:79:ce:8d:f8:ac:dc:d2:3d:dc:94:0b:97:24:
5a:2d:5f:2d:e9:fa:8a:e5:c1:b1:ab:99:e9:ad:2f:e7:61:ea:
96:77:70:cf:e4:b9:e3:76:6d:76:6b:82:e3:ea:32:ce:e0:75:
9b:0b:b5:f5:a0:a2:f4:d3:fa:9e:1f:97:d9:be:2a:33:07:e1:
70:e8:cd:35:8e:5c:29:a7:1e:72:b8:84:41:69:24:7c:40:dc:
bd:59:c4:a8:64:2a:b6:b8:40:77:92:31:5f:1d:34:5d:9c:c3:
40:11:10:d2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpqOh3FCZfUNfAQ1rw9FmukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwOTA2MTEyMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU4YmEzNTc4MWU3OWNkYTU0ZGVjZTdkM2NiNDJhYzliNTQwYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NYWKsGOcfd0Bz1OagqreBRejXVl
CjPLOCw6G4T6AfdpPu8FD3ITSZjH5+a9OjZAnY2DMfr4hi6jkBuDEPym6SNdyr3D
5VjtwAvD8LfgeAwMFTmy3HnhTJg1vFTwahuaGXEv6z/kyggqrSwLNQYmshdQHOtt
zy8ahcVxs3//l0ak01dcoRJui4cR+q6t1mLEKmtG8jakk5+2UEmdwitf/sNoVtwV
2MShfvJ6rA2XpNUDF/o2LjbcpMtSaO/JbAsJdmCvucwObwciRsvX4rZxZFzUFv6I
/cvhLyXxlr5OVJ8ozhYXdNwkzdi0GQlJ38KoaYTlQLg1v130SbFJ0mLd2QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDpYujV4HnnNpU3s59PLQqybVAoGMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvT2xpNk5YZ2VlYzJsVGV6bjA4dENySnRVQ2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVZkvAwQA
VZlwMAwDBAFVmXIDBAFVmXQwDQYJKoZIhvcNAQELBQADggEBAIpjXUS5OL15y2P4
uywPQeBnbKyhbi3ijuvHsKB7WHcKF1tfjMwZSIkkqmcQhO83WNy1FKT3FPCuNk4W
Liad1ZveDjug67wWVgFwE6IK8zvLziZH0y2DLRFBsJvuZ3qpnx3G5L/FDZ7zTM3M
Y9AbcIAyPSmh5CTvoCX0T4vrvyzRn5Pr4onrDa2gRhtSy17GxNfDQIUJec6N+Kzc
0j3clAuXJFotXy3p+orlwbGrmemtL+dh6pZ3cM/kueN2bXZrguPqMs7gdZsLtfWg
ovTT+p4fl9m+KjMH4XDozTWOXCmnHnK4hEFpJHxA3L1ZxKhkKra4QHeSMV8dNF2c
w0ARENI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org