Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/Op7SdTTd6pdcoqngrFhmBYanVYs.roa
File: Op7SdTTd6pdcoqngrFhmBYanVYs.roa (raw, json)
Hash identifier: 1/2PN1xXTINttFNedxrLnKLXqzT22J0BcVD5R/x9Og8=
Subject key identifier: 3A:9E:D2:75:34:DD:EA:97:5C:A2:A9:E0:AC:58:66:05:86:A7:55:8B
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 01886C4EE94E0D9774CA293EE8CA6CB01948
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/Op7SdTTd6pdcoqngrFhmBYanVYs.roa
Signing time: Tue 30 May 2023 10:58:10 +0000
ROA not before: Tue 30 May 2023 10:58:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3316
IP address blocks: 194.190.138.0/24 maxlen: 24
194.190.141.0/24 maxlen: 24
194.190.142.0/24 maxlen: 24
194.190.145.0/24 maxlen: 24
194.190.148.0/24 maxlen: 24
194.85.105.0/24 maxlen: 24
194.85.106.0/24 maxlen: 24
194.85.117.0/24 maxlen: 24
194.85.118.0/24 maxlen: 24
194.85.31.0/24 maxlen: 24
193.232.131.0/24 maxlen: 24
195.208.22.0/23 maxlen: 23
195.209.4.0/24 maxlen: 24
195.209.8.0/24 maxlen: 24
86.62.49.0/24 maxlen: 24
195.209.146.0/24 maxlen: 24
193.232.85.0/24 maxlen: 24
194.85.119.0/24 maxlen: 24
194.226.29.0/24 maxlen: 24
194.226.44.0/24 maxlen: 24
194.226.46.0/23 maxlen: 23
195.19.26.0/24 maxlen: 24
212.193.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 08:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:4e:e9:4e:0d:97:74:ca:29:3e:e8:ca:6c:b0:19:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: May 30 10:58:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a9ed27534ddea975ca2a9e0ac58660586a7558b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:45:01:85:2f:95:72:29:ae:3a:06:40:4d:
bc:9f:b8:ff:dc:85:9d:26:8f:7b:b4:f1:cd:14:d3:
d7:d4:fe:10:ab:c2:0f:20:c6:84:be:ca:ac:a2:e4:
28:ec:68:8f:6c:03:43:c6:cc:5a:6b:0c:39:ff:ee:
6a:bb:11:7f:ba:ed:77:65:53:46:aa:3c:72:08:0f:
38:43:41:0d:89:14:ef:8e:df:39:c3:a5:58:07:e2:
24:86:0f:09:f4:d4:8d:3e:ea:9a:5e:dc:fe:03:4e:
5b:54:8b:5f:c2:86:48:7c:bd:06:5d:41:17:2a:1f:
2b:84:36:84:a3:27:ab:01:1f:28:a7:e7:78:ec:4a:
7a:b5:86:b4:a4:81:bf:7a:cf:4f:b3:e9:5e:2e:1b:
27:db:4d:94:59:e1:32:57:28:d5:67:93:51:7a:9f:
9e:5f:12:59:d2:96:89:6a:f1:f7:bf:82:81:2e:d8:
57:08:8d:32:d4:4f:6d:cd:3b:33:7e:3b:b2:13:c1:
24:3a:40:0d:5a:d4:33:0c:0a:53:3d:16:d7:d0:b2:
b8:bd:9a:f9:5c:fa:bd:0d:8a:ef:b5:94:09:f4:24:
e2:8a:9d:49:c7:97:8a:da:e6:e1:de:2f:f9:7d:c4:
b1:9c:d5:2a:c9:00:ac:5b:8f:c4:01:b1:e3:bf:d5:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9E:D2:75:34:DD:EA:97:5C:A2:A9:E0:AC:58:66:05:86:A7:55:8B
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/Op7SdTTd6pdcoqngrFhmBYanVYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.49.0/24
193.232.85.0/24
193.232.131.0/24
194.85.31.0/24
194.85.105.0-194.85.106.255
194.85.117.0-194.85.119.255
194.190.138.0/24
194.190.141.0-194.190.142.255
194.190.145.0/24
194.190.148.0/24
194.226.29.0/24
194.226.44.0/24
194.226.46.0/23
195.19.26.0/24
195.208.22.0/23
195.209.4.0/24
195.209.8.0/24
195.209.146.0/24
212.193.118.0/24
Signature Algorithm: sha256WithRSAEncryption
88:0e:35:ed:59:13:ec:22:94:26:f3:f9:4b:28:31:4c:7d:de:
a5:81:3d:9a:0f:8b:3d:3c:18:44:00:2e:82:cb:6c:85:7a:70:
e9:e9:cf:0a:44:ea:88:2b:04:0f:1b:ef:83:ce:7c:50:83:67:
bd:78:9b:ab:71:31:f9:f2:ae:ae:57:6c:4b:de:84:2c:26:02:
9a:8b:44:22:09:24:c8:f0:12:4e:48:b3:7e:7f:46:49:52:d5:
fd:6c:92:31:22:06:5e:1f:3d:01:b1:91:98:d3:c7:e3:0a:b3:
82:f8:45:50:e0:50:d1:d6:a8:da:0f:37:77:52:5a:e5:c4:c7:
fb:5a:a6:f6:5d:05:d7:5b:3d:7f:8f:57:65:52:93:ac:4f:b7:
de:0a:e4:17:9b:ee:6a:20:35:94:1b:ba:84:be:8c:90:ef:27:
fd:ab:38:e2:e4:d0:d1:d2:5c:3b:62:b9:da:c2:4d:d0:39:96:
b7:35:53:4c:46:33:46:45:7b:0a:24:26:22:c3:ea:a0:39:02:
da:66:e0:ba:db:e2:1c:70:ee:26:60:6a:7e:26:67:d7:ee:eb:
8d:e3:24:45:70:7a:ee:d3:71:1f:2e:4e:8f:a5:90:65:e7:ea:
4e:4a:ec:21:2b:af:b6:3d:c2:64:69:e7:e5:29:67:8e:6a:fd:
45:6c:e6:05
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYhsTulODZd0yik+6MpssBlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwNTMwMTA1ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTllZDI3NTM0ZGRlYTk3NWNhMmE5ZTBhYzU4NjYwNTg2YTc1NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAtFAYUvlXIprjoGQE28n7j/3IWd
Jo97tPHNFNPX1P4Qq8IPIMaEvsqsouQo7GiPbANDxsxaaww5/+5quxF/uu13ZVNG
qjxyCA84Q0ENiRTvjt85w6VYB+Ikhg8J9NSNPuqaXtz+A05bVItfwoZIfL0GXUEX
Kh8rhDaEoyerAR8op+d47Ep6tYa0pIG/es9Ps+leLhsn202UWeEyVyjVZ5NRep+e
XxJZ0paJavH3v4KBLthXCI0y1E9tzTszfjuyE8EkOkANWtQzDApTPRbX0LK4vZr5
XPq9DYrvtZQJ9CTiip1Jx5eK2ubh3i/5fcSxnNUqyQCsW4/EAbHjv9VSMQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFDqe0nU03eqXXKKp4KxYZgWGp1WLMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvT3A3U2RUVGQ2cGRjb3FuZ3JGaG1CWWFuVllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBABW
PjEDBADB6FUDBADB6IMDBADCVR8wDAMEAMJVaQMEAMJVajAMAwQAwlV1AwQDwlVw
AwQAwr6KMAwDBADCvo0DBADCvo4DBADCvpEDBADCvpQDBADC4h0DBADC4iwDBAHC
4i4DBADDExoDBAHD0BYDBADD0QQDBADD0QgDBADD0ZIDBADUwXYwDQYJKoZIhvcN
AQELBQADggEBAIgONe1ZE+wilCbz+UsoMUx93qWBPZoPiz08GEQALoLLbIV6cOnp
zwpE6ogrBA8b74POfFCDZ714m6txMfnyrq5XbEvehCwmApqLRCIJJMjwEk5Is35/
RklS1f1skjEiBl4fPQGxkZjTx+MKs4L4RVDgUNHWqNoPN3dSWuXEx/tapvZdBddb
PX+PV2VSk6xPt94K5Beb7mogNZQbuoS+jJDvJ/2rOOLk0NHSXDtiudrCTdA5lrc1
U0xGM0ZFewokJiLD6qA5Atpm4Lrb4hxw7iZgan4mZ9fu643jJEVweu7TcR8uTo+l
kGXn6k5K7CErr7Y9wmRp5+UpZ45q/UVs5gU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org