Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/OuoBYqy4ZqHVPvoLXvQeW9ZaaJQ.roa
File: OuoBYqy4ZqHVPvoLXvQeW9ZaaJQ.roa (raw, json)
Hash identifier: gO06sN+MfYFXYndZwgyjwcTChtwiedyMULrm6YHdP/s=
Subject key identifier: 3A:EA:01:62:AC:B8:66:A1:D5:3E:FA:0B:5E:F4:1E:5B:D6:5A:68:94
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 01857155395A0FE9DFFE0BF3DA26509E0844
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/OuoBYqy4ZqHVPvoLXvQeW9ZaaJQ.roa
Signing time: Mon 02 Jan 2023 07:14:48 +0000
ROA not before: Mon 02 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209711
IP address blocks: 45.145.20.0/24 maxlen: 24
193.53.87.0/24 maxlen: 24
37.156.246.0/24 maxlen: 24
193.53.98.0/24 maxlen: 24
193.53.103.0/24 maxlen: 24
109.230.196.0/24 maxlen: 24
193.53.245.0/24 maxlen: 24
45.139.222.0/24 maxlen: 24
31.214.152.0/24 maxlen: 24
89.45.94.0/24 maxlen: 24
31.14.52.0/24 maxlen: 24
185.111.245.0/24 maxlen: 24
185.111.244.0/24 maxlen: 24
185.111.246.0/24 maxlen: 24
185.111.247.0/24 maxlen: 24
93.113.96.0/24 maxlen: 24
31.214.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:39:5a:0f:e9:df:fe:0b:f3:da:26:50:9e:08:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 2 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aea0162acb866a1d53efa0b5ef41e5bd65a6894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a8:fe:9d:a8:39:71:1c:13:cc:b2:24:c6:55:
2a:08:ae:32:0a:9f:c9:12:72:b5:41:a6:6a:70:8b:
39:d7:c5:4e:c4:b5:71:27:a8:8a:dc:1e:16:94:a1:
0f:e2:58:d8:18:6f:a5:8e:3b:99:03:85:7a:85:94:
a9:34:2e:b6:df:f5:bc:07:f7:ce:69:50:93:2d:72:
8d:5d:00:49:0b:1a:8a:c6:a0:47:53:db:de:eb:82:
4d:56:b7:00:00:01:97:2e:af:af:8d:6c:4e:c5:a5:
3f:f2:7c:90:21:91:04:04:a5:91:eb:0d:3c:84:d8:
93:fc:89:9c:2c:15:0b:b6:5a:a8:48:ee:f7:1c:b6:
ae:fd:28:4f:36:77:45:ad:bc:9d:f0:2e:0c:21:ac:
a8:23:ce:53:d3:ae:71:05:f4:df:06:ab:65:56:21:
72:35:25:8d:30:d1:30:e4:48:59:21:21:fb:04:48:
b4:94:15:f7:18:72:2d:bb:93:e0:db:e2:8e:45:de:
dd:8a:d5:26:94:14:0a:07:fd:8d:0a:54:3b:86:93:
b1:9b:ba:60:d0:ce:ff:90:43:a4:30:9f:d0:4a:a4:
01:18:f7:67:7b:e5:d5:f6:d6:bd:00:f6:f3:c2:25:
25:31:cb:ba:be:61:84:9e:b8:08:cc:93:8f:2b:83:
c1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EA:01:62:AC:B8:66:A1:D5:3E:FA:0B:5E:F4:1E:5B:D6:5A:68:94
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/OuoBYqy4ZqHVPvoLXvQeW9ZaaJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.52.0/24
31.214.129.0/24
31.214.152.0/24
37.156.246.0/24
45.139.222.0/24
45.145.20.0/24
89.45.94.0/24
93.113.96.0/24
109.230.196.0/24
185.111.244.0/22
193.53.87.0/24
193.53.98.0/24
193.53.103.0/24
193.53.245.0/24
Signature Algorithm: sha256WithRSAEncryption
33:c8:61:c2:af:d5:30:50:34:f0:52:49:a7:ed:a3:a8:b3:bf:
5d:38:2a:cc:9a:1f:ac:c5:09:85:86:7c:3c:51:9b:6d:ef:c9:
74:3d:ce:dc:c1:ba:a1:e9:96:18:f8:1c:03:c7:f1:52:92:46:
2a:2b:66:b6:ce:24:3a:9d:0c:6f:7e:fd:19:fc:2e:29:e1:22:
85:f1:36:98:28:9e:c0:97:a4:b2:bc:b1:43:e2:fd:a5:12:42:
4a:ff:91:47:08:14:52:72:c3:ac:6e:35:12:ab:8b:05:e8:89:
13:14:86:2b:fc:b8:c3:18:d1:0b:2c:e2:f6:ac:01:d0:4e:57:
cf:47:6e:b8:06:61:99:f3:b7:4e:97:ac:79:6f:ed:84:d0:5f:
e2:80:ae:2e:d4:e2:26:b9:14:61:a7:97:39:32:11:8d:a0:13:
28:e9:36:d2:b9:69:23:8d:bc:09:86:4d:4c:2a:ee:5a:61:e7:
b1:60:87:8c:16:f0:68:92:b1:0c:3c:f8:18:9c:0b:1c:54:df:
82:78:8b:6e:1e:2e:80:29:0c:cf:eb:dc:0d:84:ae:98:ad:19:
5f:de:69:b9:79:5a:bb:6f:d1:3f:f5:86:90:7d:7b:36:24:16:
9d:f3:2a:af:92:89:af:54:0d:d0:df:44:18:60:6a:ad:71:36:
7a:1f:6b:76
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVxVTlaD+nf/gvz2iZQnghEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjMwMTAyMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVhMDE2MmFjYjg2NmExZDUzZWZhMGI1ZWY0MWU1YmQ2NWE2ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Kj+nag5cRwTzLIkxlUqCK4yCp/J
EnK1QaZqcIs518VOxLVxJ6iK3B4WlKEP4ljYGG+ljjuZA4V6hZSpNC623/W8B/fO
aVCTLXKNXQBJCxqKxqBHU9ve64JNVrcAAAGXLq+vjWxOxaU/8nyQIZEEBKWR6w08
hNiT/ImcLBULtlqoSO73HLau/ShPNndFrbyd8C4MIayoI85T065xBfTfBqtlViFy
NSWNMNEw5EhZISH7BEi0lBX3GHItu5Pg2+KORd7ditUmlBQKB/2NClQ7hpOxm7pg
0M7/kEOkMJ/QSqQBGPdne+XV9ta9APbzwiUlMcu6vmGEnrgIzJOPK4PBUQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDrqAWKsuGah1T76C170HlvWWmiUMB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvT3VvQllxeTRacUhWUHZvTFh2UWVXOVphYUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAHw40AwQA
H9aBAwQAH9aYAwQAJZz2AwQALYveAwQALZEUAwQAWS1eAwQAXXFgAwQAbebEAwQC
uW/0AwQAwTVXAwQAwTViAwQAwTVnAwQAwTX1MA0GCSqGSIb3DQEBCwUAA4IBAQAz
yGHCr9UwUDTwUkmn7aOos79dOCrMmh+sxQmFhnw8UZtt78l0Pc7cwbqh6ZYY+BwD
x/FSkkYqK2a2ziQ6nQxvfv0Z/C4p4SKF8TaYKJ7Al6SyvLFD4v2lEkJK/5FHCBRS
csOsbjUSq4sF6IkTFIYr/LjDGNELLOL2rAHQTlfPR264BmGZ87dOl6x5b+2E0F/i
gK4u1OImuRRhp5c5MhGNoBMo6TbSuWkjjbwJhk1MKu5aYeexYIeMFvBokrEMPPgY
nAscVN+CeItuHi6AKQzP69wNhK6YrRlf3mm5eVq7b9E/9YaQfXs2JBad8yqvkomv
VA3Q30QYYGqtcTZ6H2t2
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:15 2024 by rpki-client on console-ams.rpki-client.org