Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OihqXzP2jQ-U5WBuDsiJdq_1gNI.roa
File: OihqXzP2jQ-U5WBuDsiJdq_1gNI.roa (raw, json)
Hash identifier: aD8o5GgP1Nd1fOOmGqHrVTJIm6LdAOMZM6dDgtE+dK0=
Subject key identifier: 3A:28:6A:5F:33:F6:8D:0F:94:E5:60:6E:0E:C8:89:76:AF:F5:80:D2
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018CC9BB2A8038A15067614983637226A903
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OihqXzP2jQ-U5WBuDsiJdq_1gNI.roa
Signing time: Tue 02 Jan 2024 10:32:15 +0000
ROA not before: Tue 02 Jan 2024 10:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 85.158.254.0/23 maxlen: 23
185.76.236.0/22 maxlen: 24
46.21.224.0/20 maxlen: 24
85.10.156.0/22 maxlen: 24
2a01:7c8:f0::/46 maxlen: 64
Validation: Failed, certificate revoked on Mon 22 Jan 2024 09:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:2a:80:38:a1:50:67:61:49:83:63:72:26:a9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 10:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a286a5f33f68d0f94e5606e0ec88976aff580d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:7e:10:61:63:b3:d7:c0:fd:1d:57:1c:97:
32:03:be:3f:84:0c:1f:f6:b7:86:2c:87:15:c9:71:
40:b1:40:bc:d3:1f:17:eb:6d:7c:6e:e1:3f:c0:30:
b6:c7:5e:0d:fd:3b:99:27:f1:3d:5c:9e:45:aa:19:
d2:aa:6b:55:f5:8a:41:ba:46:49:fb:b0:50:2f:fb:
18:b1:eb:86:97:eb:ea:79:51:61:df:ee:77:ab:38:
37:12:c7:26:0e:5b:41:b2:f8:61:7f:91:f7:fe:f7:
c5:39:58:ec:2e:53:1d:58:9a:51:f2:41:cb:35:35:
bf:99:a5:5c:8f:fb:28:7e:45:b7:50:9d:1b:bd:48:
f0:a6:22:ce:94:99:28:04:1c:0e:b9:c5:e0:39:f7:
5f:79:e0:a1:cb:ce:8d:b4:f9:ae:68:66:d2:ab:b7:
cb:6a:24:89:b7:8d:93:f3:f6:e5:cb:f7:0f:29:0b:
aa:28:b3:57:8c:78:60:87:ce:97:5f:29:6d:0b:e0:
64:57:e0:0b:6b:0a:1e:0c:8b:11:74:f0:3f:2a:14:
ac:a4:55:05:59:34:2c:ea:00:7c:59:91:86:21:e0:
ce:16:19:e8:bc:91:bd:e2:7e:bb:69:7b:7e:7c:67:
ba:f9:95:28:cc:69:d2:ec:9b:da:c3:f1:00:f2:5b:
8c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:28:6A:5F:33:F6:8D:0F:94:E5:60:6E:0E:C8:89:76:AF:F5:80:D2
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/OihqXzP2jQ-U5WBuDsiJdq_1gNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.224.0/20
85.10.156.0/22
85.158.254.0/23
185.76.236.0/22
IPv6:
2a01:7c8:f0::/46
Signature Algorithm: sha256WithRSAEncryption
82:6e:1c:38:86:6a:94:7f:8f:50:2d:74:8f:12:e9:5f:dd:f3:
94:73:3b:eb:62:de:86:17:9f:04:71:e9:d8:79:08:e0:b4:c6:
5e:74:56:35:cf:5a:4c:ff:7f:a9:85:aa:f9:40:e2:e8:89:82:
cb:e7:59:09:9d:69:64:a5:31:87:6b:ac:d4:ac:72:57:78:5d:
f2:b1:d2:0d:3b:bd:2b:7f:76:74:11:b4:53:b6:74:80:30:1c:
f3:53:73:f7:77:c3:42:0e:4d:ac:10:74:b1:e7:d7:2f:bd:35:
2c:40:dc:dc:0d:30:4f:57:db:4a:fa:6f:fa:94:0e:f0:62:1a:
fb:20:1a:5f:1e:51:0d:58:fd:8c:85:61:49:98:78:9f:99:ea:
6b:ec:82:9a:c4:f1:11:0d:1a:ee:4e:9f:7d:ee:ad:a5:a3:a8:
04:9d:5b:ca:97:b1:e9:af:ce:3f:58:93:c0:bd:7c:8b:11:0e:
fd:7e:49:a0:6e:45:43:99:d0:a0:09:02:6d:8a:09:2f:c7:3e:
08:a8:15:c1:88:25:26:d4:c8:e5:1d:55:81:34:28:30:e7:28:
0a:11:36:64:07:f8:c4:83:a1:5e:5e:3c:fa:e8:4d:b5:75:97:
e8:6c:d4:1c:15:d4:55:2a:94:65:10:ad:bc:f9:a3:ab:14:fc:
31:58:eb:78
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzJuyqAOKFQZ2FJg2NyJqkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTAyMTAzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI4NmE1ZjMzZjY4ZDBmOTRlNTYwNmUwZWM4ODk3NmFmZjU4MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDF+EGFjs9fA/R1XHJcyA74/hAwf
9reGLIcVyXFAsUC80x8X6218buE/wDC2x14N/TuZJ/E9XJ5FqhnSqmtV9YpBukZJ
+7BQL/sYseuGl+vqeVFh3+53qzg3EscmDltBsvhhf5H3/vfFOVjsLlMdWJpR8kHL
NTW/maVcj/sofkW3UJ0bvUjwpiLOlJkoBBwOucXgOfdfeeChy86NtPmuaGbSq7fL
aiSJt42T8/bly/cPKQuqKLNXjHhgh86XXyltC+BkV+ALawoeDIsRdPA/KhSspFUF
WTQs6gB8WZGGIeDOFhnovJG94n67aXt+fGe6+ZUozGnS7Jvaw/EA8luMuwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDooal8z9o0PlOVgbg7IiXav9YDSMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvT2locVh6UDJqUS1VNVdCdURzaUpkcV8xZ05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQELhXgAwQC
VQqcAwQBVZ7+AwQCuUzsMA8EAgACMAkDBwIqAQfIAPAwDQYJKoZIhvcNAQELBQAD
ggEBAIJuHDiGapR/j1AtdI8S6V/d85RzO+ti3oYXnwRx6dh5COC0xl50VjXPWkz/
f6mFqvlA4uiJgsvnWQmdaWSlMYdrrNSscld4XfKx0g07vSt/dnQRtFO2dIAwHPNT
c/d3w0IOTawQdLHn1y+9NSxA3NwNME9X20r6b/qUDvBiGvsgGl8eUQ1Y/YyFYUmY
eJ+Z6mvsgprE8RENGu5On33uraWjqASdW8qXsemvzj9Yk8C9fIsRDv1+SaBuRUOZ
0KAJAm2KCS/HPgioFcGIJSbUyOUdVYE0KDDnKAoRNmQH+MSDoV5ePProTbV1l+hs
1BwV1FUqlGUQrbz5o6sU/DFY63g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org