Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/oPUORQC0XQ4l5J2lo8IdeDdR0tU.roa
File: oPUORQC0XQ4l5J2lo8IdeDdR0tU.roa (raw, json)
Hash identifier: VyxmCnaL8G7eiUCcnrlD1zpAzRlw7QBqCX+yViEOU4A=
Subject key identifier: A0:F5:0E:45:00:B4:5D:0E:25:E4:9D:A5:A3:C2:1D:78:37:51:D2:D5
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01856D5CEF8EF0898313CCED0C64617511AF
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/oPUORQC0XQ4l5J2lo8IdeDdR0tU.roa
Signing time: Sun 01 Jan 2023 12:44:45 +0000
ROA not before: Sun 01 Jan 2023 12:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28878
IP address blocks: 80.246.192.0/20 maxlen: 20
80.246.194.0/24 maxlen: 24
217.21.240.0/20 maxlen: 20
37.17.208.0/20 maxlen: 20
171.33.128.0/21 maxlen: 21
81.30.32.0/20 maxlen: 20
78.108.128.0/20 maxlen: 20
176.74.224.0/19 maxlen: 19
80.255.240.0/20 maxlen: 20
185.15.248.0/22 maxlen: 22
217.149.128.0/20 maxlen: 20
81.21.136.0/21 maxlen: 21
31.223.160.0/20 maxlen: 20
85.10.160.0/19 maxlen: 24
2001:4cb8::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Nov 2023 13:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:ef:8e:f0:89:83:13:cc:ed:0c:64:61:75:11:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 12:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0f50e4500b45d0e25e49da5a3c21d783751d2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cd:3c:97:62:c0:82:c9:1d:be:9b:2e:ce:10:
37:7e:2d:38:84:65:3c:e4:db:63:0b:1d:51:56:41:
bb:d4:85:d2:ad:76:0e:84:4c:89:78:2d:b2:0c:a3:
d0:7c:80:88:fc:b9:8a:74:f3:18:1b:5e:75:a3:45:
89:07:1c:1a:a3:bc:17:06:1e:dc:5b:78:5c:f8:52:
ba:15:81:22:69:0e:c2:96:ab:6a:cf:09:12:f9:a6:
f5:43:de:e9:2a:eb:a4:a2:67:62:f7:fc:2b:b4:67:
3e:09:ec:cf:88:27:1e:c5:b4:fc:c8:af:01:f4:6d:
d4:ef:fe:06:10:ab:67:74:f7:b9:58:a3:9d:c4:54:
cf:6d:6b:97:05:98:37:8a:a8:52:3a:b7:13:68:e0:
7f:a0:e0:e0:58:43:48:2a:1a:5d:1e:78:21:59:4f:
67:d3:78:39:ef:c0:7a:61:6f:f4:a7:2b:ca:a7:4c:
c1:4c:21:ec:3c:16:ea:88:e9:1e:ea:8e:b5:76:f0:
2e:43:42:d1:d4:33:9e:d7:1e:9b:e7:9a:d0:77:c2:
bf:69:9e:38:02:7b:31:23:f4:89:be:a0:4c:2e:53:
ce:06:13:9e:bf:bb:04:c7:cb:e4:33:d0:db:16:42:
10:0a:05:c3:63:35:4e:1b:69:a0:ba:f6:c6:35:bb:
02:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F5:0E:45:00:B4:5D:0E:25:E4:9D:A5:A3:C2:1D:78:37:51:D2:D5
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/oPUORQC0XQ4l5J2lo8IdeDdR0tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.160.0/20
37.17.208.0/20
78.108.128.0/20
80.246.192.0/20
80.255.240.0/20
81.21.136.0/21
81.30.32.0/20
85.10.160.0/19
171.33.128.0/21
176.74.224.0/19
185.15.248.0/22
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
4d:6a:97:71:4d:5c:c7:d3:10:74:07:46:71:83:6e:ea:c8:14:
3e:e9:b3:f5:2d:c8:e9:40:5b:6c:24:5b:3b:80:f6:72:d8:ae:
07:ee:98:91:f7:73:06:fd:7a:b4:13:94:95:66:87:77:1f:7a:
7a:96:ae:22:66:33:36:78:e4:78:c5:f3:b3:04:5b:66:d8:41:
1b:49:b0:87:5f:c8:5a:ef:e0:8f:e5:eb:5f:5a:e8:91:70:ac:
d2:61:1b:10:15:0b:88:27:95:ce:a7:83:fa:09:d2:39:76:5b:
e5:6f:05:e9:11:d4:89:c0:c0:08:dd:84:47:3e:46:4a:bc:29:
42:a9:15:09:99:77:c1:17:32:f4:ec:b2:07:0c:b5:99:3a:01:
1a:79:0a:44:ea:1d:f6:70:77:50:e5:4a:1b:94:72:10:75:d5:
6d:0b:b6:54:42:b8:93:25:9b:b2:cf:96:0a:90:3b:7a:00:7d:
22:42:7d:c5:d7:26:e6:3c:f4:2c:b0:a3:53:69:a2:1c:21:7d:
27:a7:e3:2b:4f:f2:51:6f:eb:d0:05:2f:25:8a:b5:b2:65:b2:
48:49:e5:4a:d1:0b:db:6e:29:1b:f5:31:68:75:d7:06:10:3d:
e0:83:bd:ad:4c:24:39:4f:f5:fa:28:f2:dd:1f:04:4a:ec:31:
5a:9f:d2:4f
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVtXO+O8ImDE8ztDGRhdRGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwMTAxMTI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGY1MGU0NTAwYjQ1ZDBlMjVlNDlkYTVhM2MyMWQ3ODM3NTFkMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5s08l2LAgskdvpsuzhA3fi04hGU8
5NtjCx1RVkG71IXSrXYOhEyJeC2yDKPQfICI/LmKdPMYG151o0WJBxwao7wXBh7c
W3hc+FK6FYEiaQ7ClqtqzwkS+ab1Q97pKuukomdi9/wrtGc+CezPiCcexbT8yK8B
9G3U7/4GEKtndPe5WKOdxFTPbWuXBZg3iqhSOrcTaOB/oODgWENIKhpdHnghWU9n
03g578B6YW/0pyvKp0zBTCHsPBbqiOke6o61dvAuQ0LR1DOe1x6b55rQd8K/aZ44
AnsxI/SJvqBMLlPOBhOev7sEx8vkM9DbFkIQCgXDYzVOG2mguvbGNbsCPwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFKD1DkUAtF0OJeSdpaPCHXg3UdLVMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvb1BVT1JRQzBYUTRsNUoybG84SWRlRGRSMHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQEH9+gAwQE
JRHQAwQETmyAAwQEUPbAAwQEUP/wAwQDURWIAwQEUR4gAwQFVQqgAwQDqyGAAwQF
sErgAwQCuQ/4AwQE2RXwAwQE2ZWAMA0EAgACMAcDBQMgAUy4MA0GCSqGSIb3DQEB
CwUAA4IBAQBNapdxTVzH0xB0B0Zxg27qyBQ+6bP1LcjpQFtsJFs7gPZy2K4H7piR
93MG/Xq0E5SVZod3H3p6lq4iZjM2eOR4xfOzBFtm2EEbSbCHX8ha7+CP5etfWuiR
cKzSYRsQFQuIJ5XOp4P6CdI5dlvlbwXpEdSJwMAI3YRHPkZKvClCqRUJmXfBFzL0
7LIHDLWZOgEaeQpE6h32cHdQ5UoblHIQddVtC7ZUQriTJZuyz5YKkDt6AH0iQn3F
1ybmPPQssKNTaaIcIX0np+MrT/JRb+vQBS8lirWyZbJISeVK0Qvbbikb9TFoddcG
ED3gg72tTCQ5T/X6KPLdHwRK7DFan9JP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org