Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/OyIH1y-yygxDfahPYzZRwfOFaeM.roa
File: OyIH1y-yygxDfahPYzZRwfOFaeM.roa (raw, json)
Hash identifier: r/XfIUBiPdguLlJnm464twbhB6uMpbxCazPfxa5YBCA=
Subject key identifier: 3B:22:07:D7:2F:B2:CA:0C:43:7D:A8:4F:63:36:51:C1:F3:85:69:E3
Certificate issuer: /CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Certificate serial: 01856D9D074C390AFFCBFEFDB4068EC8AD4A
Authority key identifier: 3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/OyIH1y-yygxDfahPYzZRwfOFaeM.roa
Signing time: Sun 01 Jan 2023 13:54:45 +0000
ROA not before: Sun 01 Jan 2023 13:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12611
IP address blocks: 91.106.120.0/21 maxlen: 24
46.227.96.0/21 maxlen: 24
88.133.232.0/21 maxlen: 24
80.209.192.0/19 maxlen: 24
95.130.160.0/21 maxlen: 24
212.77.160.0/19 maxlen: 24
185.119.92.0/22 maxlen: 24
88.133.176.0/20 maxlen: 24
81.27.160.0/20 maxlen: 24
217.74.0.0/21 maxlen: 24
5.149.224.0/20 maxlen: 24
130.185.0.0/18 maxlen: 24
2001:16e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:07:4c:39:0a:ff:cb:fe:fd:b4:06:8e:c8:ad:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Validity
Not Before: Jan 1 13:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2207d72fb2ca0c437da84f633651c1f38569e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:39:81:29:eb:ed:77:5a:9d:1d:33:15:d3:9a:
d1:1e:27:f0:2c:1b:46:0d:11:4c:09:3d:91:3b:20:
4b:7c:06:e9:51:3e:a6:de:64:52:14:fc:eb:86:5e:
8a:46:08:95:2f:e4:d5:33:24:f9:5d:75:35:b6:f9:
d3:3e:fc:da:be:73:dc:85:0f:f8:21:01:29:53:1b:
21:d6:a7:b2:87:e0:84:63:1a:1b:90:32:a6:f3:12:
ec:59:e8:d0:5e:75:8c:49:46:c3:02:64:2f:9f:9c:
49:04:ee:44:e7:9c:7d:1e:69:6a:30:8d:4e:58:1b:
d0:43:9a:6c:f5:9c:41:8d:9b:34:41:95:67:62:ac:
15:0a:4a:ca:8b:58:c4:45:ea:82:86:9b:0b:f1:d2:
28:0c:64:a8:99:d6:14:ed:8e:5e:18:9c:b9:c6:64:
f8:38:fe:b4:09:ba:90:c1:67:36:b0:e6:7e:bf:c4:
a8:6c:25:a7:d9:fe:ef:66:e6:f3:fa:e2:74:e2:52:
25:7d:49:81:68:dd:10:70:1c:58:23:14:f8:c2:ca:
1b:9c:30:f5:f3:2a:2c:61:21:57:37:69:36:0a:d7:
3d:e7:df:e2:a5:c3:cb:08:8c:5b:3c:fe:0a:3f:bf:
f9:9c:41:38:aa:f6:92:d4:81:e2:19:ce:d2:3b:29:
d5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:22:07:D7:2F:B2:CA:0C:43:7D:A8:4F:63:36:51:C1:F3:85:69:E3
X509v3 Authority Key Identifier:
keyid:3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/OyIH1y-yygxDfahPYzZRwfOFaeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/PabmnmXdClQFmXA-0MkkdMsg6Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.224.0/20
46.227.96.0/21
80.209.192.0/19
81.27.160.0/20
88.133.176.0/20
88.133.232.0/21
91.106.120.0/21
95.130.160.0/21
130.185.0.0/18
185.119.92.0/22
212.77.160.0/19
217.74.0.0/21
IPv6:
2001:16e0::/29
Signature Algorithm: sha256WithRSAEncryption
26:89:bd:55:ca:4b:01:74:e4:f7:44:30:41:0e:bc:21:53:18:
35:ae:a4:23:7e:52:c8:86:54:de:73:35:c1:a6:b4:ad:c0:40:
14:13:64:b7:71:ce:db:86:12:0b:be:f8:89:5d:f9:71:60:0d:
15:2b:06:69:36:a3:16:b0:00:43:92:07:4b:1e:7d:3b:d6:8c:
fe:fd:c8:2b:37:22:89:16:93:12:4f:03:c7:dd:3d:9a:22:0e:
45:bf:0b:5e:5d:ee:22:46:d2:f4:3d:06:7c:18:42:95:ba:47:
5f:33:2e:ec:9a:db:36:ed:18:0a:90:be:51:9d:54:87:65:9f:
a9:c3:e3:fa:d3:9a:66:ce:dd:4c:0e:09:4b:16:c3:05:2e:26:
25:f1:41:71:2e:d7:54:d0:3f:b7:9a:a7:0c:da:1c:d5:28:7b:
6e:ec:e4:26:c0:8d:9d:22:db:a4:82:64:87:e4:0f:3e:f0:76:
a6:76:63:6d:5e:6c:9a:1d:4f:99:bf:58:b3:e5:d5:7e:5b:c3:
7a:ae:45:32:cf:2c:f0:ab:de:62:f1:c6:e2:ce:5d:9c:55:0c:
ce:20:84:49:02:9e:9b:5b:13:51:fa:b7:7b:d9:32:8e:78:45:
81:8c:0a:60:aa:b3:da:ff:b3:96:44:5d:5c:08:26:bc:27:65:
0b:5c:14:5b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVtnQdMOQr/y/79tAaOyK1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYTZlNjllNjVkZDBhNTQwNTk5NzAzZWQwYzkyNDc0Y2Iy
MGU5MzkwHhcNMjMwMTAxMTM1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjIyMDdkNzJmYjJjYTBjNDM3ZGE4NGY2MzM2NTFjMWYzODU2OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDmBKevtd1qdHTMV05rRHifwLBtG
DRFMCT2ROyBLfAbpUT6m3mRSFPzrhl6KRgiVL+TVMyT5XXU1tvnTPvzavnPchQ/4
IQEpUxsh1qeyh+CEYxobkDKm8xLsWejQXnWMSUbDAmQvn5xJBO5E55x9HmlqMI1O
WBvQQ5ps9ZxBjZs0QZVnYqwVCkrKi1jEReqChpsL8dIoDGSomdYU7Y5eGJy5xmT4
OP60CbqQwWc2sOZ+v8SobCWn2f7vZubz+uJ04lIlfUmBaN0QcBxYIxT4wsobnDD1
8yosYSFXN2k2Ctc959/ipcPLCIxbPP4KP7/5nEE4qvaS1IHiGc7SOynVRQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDsiB9cvssoMQ32oT2M2UcHzhWnjMB8GA1UdIwQY
MBaAFD2m5p5l3QpUBZlwPtDJJHTLIOk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5Zjct
ZmEzYzRlZjVlZGY2LzEvT3lJSDF5LXl5Z3hEZmFoUFl6WlJ3Zk9GYWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5ZjctZmEzYzRlZjVlZGY2
LzEvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEBZXgAwQD
LuNgAwQFUNHAAwQEURugAwQEWIWwAwQDWIXoAwQDW2p4AwQDX4KgAwQGgrkAAwQC
uXdcAwQF1E2gAwQD2UoAMA0EAgACMAcDBQMgARbgMA0GCSqGSIb3DQEBCwUAA4IB
AQAmib1VyksBdOT3RDBBDrwhUxg1rqQjflLIhlTeczXBprStwEAUE2S3cc7bhhIL
vviJXflxYA0VKwZpNqMWsABDkgdLHn071oz+/cgrNyKJFpMSTwPH3T2aIg5Fvwte
Xe4iRtL0PQZ8GEKVukdfMy7smts27RgKkL5RnVSHZZ+pw+P605pmzt1MDglLFsMF
LiYl8UFxLtdU0D+3mqcM2hzVKHtu7OQmwI2dItukgmSH5A8+8HamdmNtXmyaHU+Z
v1iz5dV+W8N6rkUyzyzwq95i8cbizl2cVQzOIIRJAp6bWxNR+rd72TKOeEWBjApg
qrPa/7OWRF1cCCa8J2ULXBRb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org