Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/OqFKXwD-Wxd97MFBHghuCHMuTbA.roa
File: OqFKXwD-Wxd97MFBHghuCHMuTbA.roa (raw, json)
Hash identifier: w34Q7LcFXQBA2AIMo/NY9W/p5MkbyUyRUsh+WsDEWE4=
Subject key identifier: 3A:A1:4A:5F:00:FE:5B:17:7D:EC:C1:41:1E:08:6E:08:73:2E:4D:B0
Certificate issuer: /CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Certificate serial: 018570DE6587BDE550A0820C8303C7659762
Authority key identifier: BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/OqFKXwD-Wxd97MFBHghuCHMuTbA.roa
Signing time: Mon 02 Jan 2023 05:05:01 +0000
ROA not before: Mon 02 Jan 2023 05:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5432
IP address blocks: 62.4.128.0/17 maxlen: 17
46.178.0.0/15 maxlen: 16
195.13.0.0/19 maxlen: 19
178.144.0.0/15 maxlen: 16
213.181.32.0/19 maxlen: 19
62.235.0.0/16 maxlen: 16
91.176.0.0/14 maxlen: 16
81.240.0.0/14 maxlen: 16
83.134.0.0/16 maxlen: 16
195.207.0.0/16 maxlen: 16
81.244.0.0/14 maxlen: 16
91.180.0.0/14 maxlen: 16
193.74.0.0/16 maxlen: 16
188.5.0.0/16 maxlen: 16
217.136.0.0/16 maxlen: 16
80.200.0.0/15 maxlen: 16
92.48.128.0/18 maxlen: 18
109.136.0.0/14 maxlen: 16
81.11.128.0/17 maxlen: 17
193.75.128.0/17 maxlen: 17
37.62.0.0/16 maxlen: 16
193.121.0.0/16 maxlen: 16
194.119.224.0/19 maxlen: 19
109.140.0.0/14 maxlen: 16
212.239.128.0/17 maxlen: 17
195.0.0.0/17 maxlen: 17
109.128.0.0/14 maxlen: 16
87.64.0.0/14 maxlen: 16
213.49.0.0/16 maxlen: 16
195.74.192.0/19 maxlen: 19
213.177.128.0/19 maxlen: 19
195.95.0.0/17 maxlen: 17
80.236.128.0/17 maxlen: 17
109.132.0.0/14 maxlen: 16
193.91.96.0/19 maxlen: 19
88.197.128.0/17 maxlen: 17
37.184.0.0/15 maxlen: 16
195.238.0.0/19 maxlen: 19
194.78.0.0/16 maxlen: 16
212.233.0.0/19 maxlen: 19
81.169.0.0/17 maxlen: 17
2a02:a000::/26 maxlen: 26
2a04:6c40::/29 maxlen: 29
2a04:9f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:65:87:bd:e5:50:a0:82:0c:83:03:c7:65:97:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Validity
Not Before: Jan 2 05:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aa14a5f00fe5b177decc1411e086e08732e4db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7e:3e:8f:f3:05:19:83:8f:83:ee:bb:b4:33:
f0:3d:ab:86:b9:11:03:cb:6c:74:87:73:97:97:37:
52:96:8b:52:74:b7:fd:b7:61:10:95:ed:05:0e:e9:
2b:e9:f9:c3:9f:7b:47:c6:19:c1:e8:4f:46:b0:f0:
fa:f6:5d:51:f3:51:8b:77:7e:e6:41:5a:82:fa:2e:
98:19:2e:b7:27:8d:39:05:3e:e0:d4:54:8f:f8:5b:
ca:da:ab:33:e9:bc:93:ef:ba:64:04:0d:00:6b:f4:
e3:a7:8d:79:ca:11:e7:97:7b:69:c4:c7:13:8a:c9:
05:33:25:5d:5f:e6:91:a3:a6:57:ff:83:0f:bd:f4:
30:2a:e6:3c:33:5b:91:b1:c7:a0:3d:ea:62:ef:73:
2c:15:7e:7b:f5:cd:3b:86:f5:85:e5:09:ba:6c:69:
07:f8:8f:aa:de:e3:3f:38:c5:03:52:94:8c:a8:9e:
d0:83:e2:68:a7:11:fb:a9:f4:8e:80:ef:71:1d:f0:
21:dc:33:62:10:9c:da:75:dd:70:20:0c:60:8d:85:
0b:89:5b:b7:09:10:d8:93:71:f2:62:51:c8:94:82:
3e:bf:c2:2d:e0:c7:4e:76:1f:c2:fe:0b:06:4f:54:
0f:c9:1c:64:0d:a5:cb:01:c4:e8:ad:2f:49:92:07:
ac:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A1:4A:5F:00:FE:5B:17:7D:EC:C1:41:1E:08:6E:08:73:2E:4D:B0
X509v3 Authority Key Identifier:
keyid:BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/OqFKXwD-Wxd97MFBHghuCHMuTbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.62.0.0/16
37.184.0.0/15
46.178.0.0/15
62.4.128.0/17
62.235.0.0/16
80.200.0.0/15
80.236.128.0/17
81.11.128.0/17
81.169.0.0/17
81.240.0.0/13
83.134.0.0/16
87.64.0.0/14
88.197.128.0/17
91.176.0.0/13
92.48.128.0/18
109.128.0.0/12
178.144.0.0/15
188.5.0.0/16
193.74.0.0/16
193.75.128.0/17
193.91.96.0/19
193.121.0.0/16
194.78.0.0/16
194.119.224.0/19
195.0.0.0/17
195.13.0.0/19
195.74.192.0/19
195.95.0.0/17
195.207.0.0/16
195.238.0.0/19
212.233.0.0/19
212.239.128.0/17
213.49.0.0/16
213.177.128.0/19
213.181.32.0/19
217.136.0.0/16
IPv6:
2a02:a000::/26
2a04:6c40::/29
2a04:9f80::/29
Signature Algorithm: sha256WithRSAEncryption
05:e4:9e:0a:25:f9:19:59:78:77:24:ed:4b:c8:8f:3d:e3:73:
95:c0:f8:80:df:9f:4a:4c:c8:eb:3a:d4:b5:5c:71:02:ee:43:
f2:24:4d:3b:32:02:41:f2:70:bd:fd:02:25:42:dc:6f:e4:96:
ae:77:33:d4:a1:a0:08:c4:6d:0f:08:43:93:d4:46:49:0a:ea:
24:e1:e2:52:4e:01:8a:e4:d5:3e:2a:46:b1:37:69:c7:a3:24:
cb:95:d4:80:56:47:d5:cf:84:14:e5:e1:5f:c4:f4:cd:67:9d:
5a:a5:60:98:16:16:3d:96:08:4b:03:31:2a:99:3a:13:b0:97:
22:b8:51:fc:65:fb:77:1f:cb:62:4c:80:df:bf:03:81:b4:42:
6b:c2:cb:b4:5d:8a:8c:9b:1c:58:9b:45:77:cf:0c:17:16:09:
a6:1b:c6:8f:e7:d0:54:ec:1f:fe:f9:9c:2d:4a:62:61:fb:94:
ca:43:e6:15:61:9e:9a:7c:4e:7a:3a:92:f5:dc:ec:99:a0:c2:
56:5f:a8:fc:91:e0:4c:52:c4:64:5b:5d:0e:fa:a7:42:f0:cd:
55:8d:c7:4d:f6:13:e0:62:03:44:c3:5a:c8:57:74:70:b9:b1:
ce:33:5d:06:7a:9e:56:5a:fa:89:f5:bc:47:46:85:36:48:b4:
13:04:eb:b1
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAYVw3mWHveVQoIIMgwPHZZdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmEzYWY4MzlhYTFkY2U3NThmNDg5ZTJkMzFhZTIyMDky
ZmM5OWEwHhcNMjMwMTAyMDUwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWExNGE1ZjAwZmU1YjE3N2RlY2MxNDExZTA4NmUwODczMmU0ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH4+j/MFGYOPg+67tDPwPauGuRED
y2x0h3OXlzdSlotSdLf9t2EQle0FDukr6fnDn3tHxhnB6E9GsPD69l1R81GLd37m
QVqC+i6YGS63J405BT7g1FSP+FvK2qsz6byT77pkBA0Aa/Tjp415yhHnl3tpxMcT
iskFMyVdX+aRo6ZX/4MPvfQwKuY8M1uRscegPepi73MsFX579c07hvWF5Qm6bGkH
+I+q3uM/OMUDUpSMqJ7Qg+JopxH7qfSOgO9xHfAh3DNiEJzadd1wIAxgjYULiVu3
CRDYk3HyYlHIlII+v8It4MdOdh/C/gsGT1QPyRxkDaXLAcTorS9JkgesXQIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFDqhSl8A/lsXfezBQR4IbghzLk2wMB8GA1UdIwQY
MBaAFL36Ovg5qh3OdY9Ini0xriIJL8maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMt
YWU3NzQ2ZjA5NjMwLzEvT3FGS1h3RC1XeGQ5N01GQkhnaHVDSE11VGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMtYWU3NzQ2ZjA5NjMw
LzEvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgc0EAgABMIHGAwMA
JT4DAwEluAMDAS6yAwQHPgSAAwMAPusDAwFQyAMEB1DsgAMEB1ELgAMEB1GpAAMD
A1HwAwMAU4YDAwJXQAMEB1jFgAMDA1uwAwQGXDCAAwMEbYADAwGykAMDALwFAwMA
wUoDBAfBS4ADBAXBW2ADAwDBeQMDAMJOAwQFwnfgAwQHwwAAAwQFww0AAwQFw0rA
AwQHw18AAwMAw88DBAXD7gADBAXU6QADBAfU74ADAwDVMQMEBdWxgAMEBdW1IAMD
ANmIMBsEAgACMBUDBQYqAqAAAwUDKgRsQAMFAyoEn4AwDQYJKoZIhvcNAQELBQAD
ggEBAAXkngol+RlZeHck7UvIjz3jc5XA+IDfn0pMyOs61LVccQLuQ/IkTTsyAkHy
cL39AiVC3G/klq53M9ShoAjEbQ8IQ5PURkkK6iTh4lJOAYrk1T4qRrE3acejJMuV
1IBWR9XPhBTl4V/E9M1nnVqlYJgWFj2WCEsDMSqZOhOwlyK4Ufxl+3cfy2JMgN+/
A4G0QmvCy7RdioybHFibRXfPDBcWCaYbxo/n0FTsH/75nC1KYmH7lMpD5hVhnpp8
Tno6kvXc7JmgwlZfqPyR4ExSxGRbXQ76p0LwzVWNx032E+BiA0TDWshXdHC5sc4z
XQZ6nlZa+on1vEdGhTZItBME67E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:09 2024 by rpki-client on console-ams.rpki-client.org