Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OiAhscz49ef70bJDGQTZNpcrifE.roa
File: OiAhscz49ef70bJDGQTZNpcrifE.roa (raw, json)
Hash identifier: 7A30tVqXwL/XhZJk6jknECXZe2LHRWa5CuP2HjHXBV4=
Subject key identifier: 3A:20:21:B1:CC:F8:F5:E7:FB:D1:B2:43:19:04:D9:36:97:2B:89:F1
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A6FC805E6F569080D628B675BAC74AE2E
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OiAhscz49ef70bJDGQTZNpcrifE.roa
Signing time: Thu 07 Sep 2023 13:14:54 +0000
ROA not before: Thu 07 Sep 2023 13:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133619
IP address blocks: 139.28.232.0/24 maxlen: 24
185.106.96.0/24 maxlen: 24
45.15.124.0/24 maxlen: 24
45.12.148.0/24 maxlen: 24
45.82.244.0/24 maxlen: 24
2.56.116.0/24 maxlen: 24
92.118.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:c8:05:e6:f5:69:08:0d:62:8b:67:5b:ac:74:ae:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 7 13:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a2021b1ccf8f5e7fbd1b2431904d936972b89f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c9:30:ff:6a:d1:ad:9e:b3:a8:87:7c:a6:7f:
85:df:e0:54:1d:9c:ff:a3:23:ad:fb:5d:d0:5b:90:
ec:3d:8b:91:2d:11:f3:5a:04:43:e5:0f:f4:e3:29:
be:b5:2f:dc:87:ab:3f:89:ed:5a:cb:1d:1c:b2:2b:
48:cd:2d:6d:5f:83:83:48:e3:e2:4f:8e:d5:9b:47:
d6:03:ff:50:95:cf:57:40:57:63:28:4b:fb:58:c7:
1a:18:0d:a3:10:a4:31:cf:88:8f:b1:64:40:2d:8f:
02:4f:c5:b3:8b:fd:cc:36:b4:86:5c:d6:18:14:4d:
82:04:09:c1:b8:9a:f8:4e:cf:c4:cd:e7:71:17:64:
30:ed:50:b7:de:fd:ef:43:6e:69:0d:e0:2c:bf:8f:
97:37:29:95:4f:38:d6:91:e6:2a:8d:5a:7a:0c:d4:
30:c6:a4:88:9f:13:2e:be:01:32:4d:20:59:ae:9c:
3c:7b:20:82:79:ab:b2:19:a4:e6:56:c4:3b:07:0a:
be:3f:56:2b:e5:28:e9:95:ee:a1:76:4c:b7:60:9a:
c7:41:82:61:f7:ec:cd:56:79:e7:87:7b:44:b1:e0:
91:16:a4:05:24:c4:9b:19:e5:23:c9:f7:e0:fa:8d:
cb:5d:1e:db:d0:30:35:47:dd:a6:e4:6c:de:03:70:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:20:21:B1:CC:F8:F5:E7:FB:D1:B2:43:19:04:D9:36:97:2B:89:F1
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/OiAhscz49ef70bJDGQTZNpcrifE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.116.0/24
45.12.148.0/24
45.15.124.0/24
45.82.244.0/24
92.118.228.0/24
139.28.232.0/24
185.106.96.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ce:70:c9:8c:4e:73:ff:24:02:49:89:10:8e:e4:80:97:6f:
90:1d:5a:b8:68:ad:71:2a:21:66:ca:9c:a8:87:bf:07:d7:98:
08:4c:e2:48:12:0d:26:09:9f:f3:06:66:1f:ff:e9:0a:bb:64:
2e:cc:f7:7b:4a:fc:5a:7c:3b:2a:8a:b8:a2:ff:4b:81:2c:f0:
b8:2d:46:ed:cc:ca:1f:48:a7:7d:c0:ed:24:c2:c4:99:e9:99:
dd:ea:ae:02:69:67:75:9f:e6:07:c0:dc:92:ef:8d:53:b6:91:
54:95:7f:a0:56:50:61:79:92:13:12:56:d7:64:57:b9:5e:77:
2e:87:7f:dd:76:12:2e:17:a1:0c:fa:1f:70:2d:36:d3:a4:a6:
ee:04:7e:80:6c:c1:52:9e:2a:79:66:17:33:14:e8:48:28:c9:
e7:f4:78:ce:83:f9:e2:60:b4:d8:9e:f1:59:59:88:4d:fa:c4:
30:51:5d:ac:18:da:ae:54:b7:63:76:76:a5:e1:91:46:d7:dd:
9b:5f:74:67:fe:18:6f:95:c2:36:00:8e:58:c6:c8:7e:3e:e0:
58:e8:10:7b:e1:ef:2a:a6:60:eb:8c:be:70:db:10:cb:39:68:
68:41:2d:1f:6d:85:82:3e:6d:63:c1:87:2e:03:8c:9e:41:0d:
f0:d0:a2:1c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpvyAXm9WkIDWKLZ1usdK4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA3MTMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTIwMjFiMWNjZjhmNWU3ZmJkMWIyNDMxOTA0ZDkzNjk3MmI4OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMkw/2rRrZ6zqId8pn+F3+BUHZz/
oyOt+13QW5DsPYuRLRHzWgRD5Q/04ym+tS/ch6s/ie1ayx0csitIzS1tX4ODSOPi
T47Vm0fWA/9Qlc9XQFdjKEv7WMcaGA2jEKQxz4iPsWRALY8CT8Wzi/3MNrSGXNYY
FE2CBAnBuJr4Ts/EzedxF2Qw7VC33v3vQ25pDeAsv4+XNymVTzjWkeYqjVp6DNQw
xqSInxMuvgEyTSBZrpw8eyCCeauyGaTmVsQ7Bwq+P1Yr5Sjple6hdky3YJrHQYJh
9+zNVnnnh3tEseCRFqQFJMSbGeUjyffg+o3LXR7b0DA1R92m5GzeA3A4zQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDogIbHM+PXn+9GyQxkE2TaXK4nxMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvT2lBaHNjejQ5ZWY3MGJKREdRVFpOcGNyaWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjh0AwQA
LQyUAwQALQ98AwQALVL0AwQAXHbkAwQAixzoAwQAuWpgMA0GCSqGSIb3DQEBCwUA
A4IBAQB0znDJjE5z/yQCSYkQjuSAl2+QHVq4aK1xKiFmypyoh78H15gITOJIEg0m
CZ/zBmYf/+kKu2QuzPd7SvxafDsqirii/0uBLPC4LUbtzMofSKd9wO0kwsSZ6Znd
6q4CaWd1n+YHwNyS741TtpFUlX+gVlBheZITElbXZFe5Xncuh3/ddhIuF6EM+h9w
LTbTpKbuBH6AbMFSnip5ZhczFOhIKMnn9HjOg/niYLTYnvFZWYhN+sQwUV2sGNqu
VLdjdnal4ZFG192bX3Rn/hhvlcI2AI5Yxsh+PuBY6BB74e8qpmDrjL5w2xDLOWho
QS0fbYWCPm1jwYcuA4yeQQ3w0KIc
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org