Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/oMDjLMvH59eQkPASl7mPvG62IgI.roa
File: oMDjLMvH59eQkPASl7mPvG62IgI.roa (raw, json)
Hash identifier: WOXmtNmqW25+O3XpYF6wskEZ1m+ZqU8W5K1EDBu5Wmk=
Subject key identifier: A0:C0:E3:2C:CB:C7:E7:D7:90:90:F0:12:97:B9:8F:BC:6E:B6:22:02
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01857142D72261B974B78B6FE9DF93539AF0
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/oMDjLMvH59eQkPASl7mPvG62IgI.roa
Signing time: Mon 02 Jan 2023 06:54:43 +0000
ROA not before: Mon 02 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
91.220.49.0/24 maxlen: 24
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.254.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
81.88.16.0/24 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Feb 2023 16:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d7:22:61:b9:74:b7:8b:6f:e9:df:93:53:9a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 2 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0c0e32ccbc7e7d79090f01297b98fbc6eb62202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b4:9b:47:29:f2:c1:b7:22:72:77:e2:c4:52:
16:52:1b:b5:56:d9:9e:6f:e1:bb:ec:2f:83:1c:c2:
0e:23:6f:f9:20:16:07:c9:e1:01:ff:99:30:3b:69:
93:f5:1e:21:d1:2e:a8:28:cc:46:3f:ef:98:fd:3b:
08:40:8e:09:d6:1c:10:66:71:44:f5:6d:10:97:b1:
18:12:5c:08:b3:d0:2f:a6:16:de:83:dd:00:0c:b8:
a7:cb:bd:07:d4:3a:d9:14:a8:ae:9c:49:7f:83:f2:
49:49:e3:f5:07:19:86:38:a7:b0:cc:35:2c:fc:df:
28:90:3f:67:07:68:ce:00:e9:99:a6:99:83:c0:ff:
0f:01:18:1b:05:9a:25:22:a2:f8:7d:f7:fe:8d:08:
c1:b3:02:b0:80:97:5d:67:12:89:5b:5f:92:05:e2:
2e:be:e3:15:72:cc:71:b8:9b:ad:ff:55:99:df:17:
fd:0f:f9:71:2e:ea:71:92:09:75:f4:05:da:d6:12:
73:7d:94:c7:b2:19:49:37:ce:56:8a:43:53:61:fe:
98:03:80:93:5d:06:73:5f:4b:b0:1b:41:8c:15:75:
a8:55:b2:cc:6b:77:86:e1:01:fb:e4:92:44:64:78:
5d:58:a9:7b:f6:7b:47:3a:ed:3a:06:db:61:42:46:
9d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C0:E3:2C:CB:C7:E7:D7:90:90:F0:12:97:B9:8F:BC:6E:B6:22:02
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/oMDjLMvH59eQkPASl7mPvG62IgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0/23
5.44.104.0/21
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
81.88.16.0/24
89.22.100.0/22
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.220.49.0/24
93.90.178.0/24
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
IPv6:
2a00:fa40:3000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:60:2a:32:62:66:74:8b:4e:8b:89:15:b3:af:19:31:f8:c7:
92:5b:28:16:6a:dd:01:a4:86:6c:38:44:35:a9:4e:ae:8d:b6:
77:4a:a4:3b:e7:32:51:15:bb:90:15:68:fe:c1:45:76:98:48:
b4:50:0f:cc:d9:ab:77:06:bf:4f:c6:db:10:43:40:df:a0:1f:
27:2d:be:11:db:0f:a9:42:35:94:71:fe:d8:43:19:49:64:13:
70:26:da:f4:5c:ee:11:2c:ae:87:74:b8:f3:ac:97:7b:18:f1:
d3:18:bb:64:85:65:47:02:a6:84:e7:f1:55:c6:09:a9:1d:3d:
df:89:ad:27:c7:53:80:04:09:20:e1:9b:1c:c4:a5:13:f9:b4:
a4:0f:da:6e:66:fb:51:7b:6b:8c:b8:d4:a4:35:2d:e2:a2:43:
d3:cf:f6:f4:09:89:13:06:ce:cb:db:a3:09:3b:ad:d6:a5:a3:
17:56:2c:a5:6b:57:fe:a2:89:4e:01:2f:91:b5:03:26:18:00:
9a:74:f4:7b:b0:8a:cf:7b:ac:ee:32:d4:9c:73:d0:20:b7:38:
9f:03:20:bf:d1:91:f0:0a:77:d7:b0:d0:9d:71:56:b1:7b:aa:
9b:57:f7:a6:11:85:eb:59:51:48:0f:9f:70:34:b1:d5:10:4d:
b8:e8:08:a9
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYVxQtciYbl0t4tv6d+TU5rwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGMwZTMyY2NiYzdlN2Q3OTA5MGYwMTI5N2I5OGZiYzZlYjYyMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrSbRynywbcicnfixFIWUhu1Vtme
b+G77C+DHMIOI2/5IBYHyeEB/5kwO2mT9R4h0S6oKMxGP++Y/TsIQI4J1hwQZnFE
9W0Ql7EYElwIs9Avphbeg90ADLiny70H1DrZFKiunEl/g/JJSeP1BxmGOKewzDUs
/N8okD9nB2jOAOmZppmDwP8PARgbBZolIqL4fff+jQjBswKwgJddZxKJW1+SBeIu
vuMVcsxxuJut/1WZ3xf9D/lxLupxkgl19AXa1hJzfZTHshlJN85WikNTYf6YA4CT
XQZzX0uwG0GMFXWoVbLMa3eG4QH75JJEZHhdWKl79ntHOu06BtthQkaddQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFKDA4yzLx+fXkJDwEpe5j7xutiICMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvb01EakxNdkg1OWVRa1BBU2w3bVB2RzYySWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBsQQCAAEwgaoDBAEF
LGQDBAMFLGgDBAQfL/AwDAMEAyXa+AMEACXa/AMEACXa/gMEAFFYEAMEAlkWZAME
AFkWbDAMAwQBWRZuAwQDWRZwMAwDBAFZFnoDBAdZFgADBAJby2wDBABb3DEDBABd
WrIwDAMEAIB/QQMEAIB/QgMEA7IUYAMEALL6qgMEALL6rgMEArlQXAMEArmJqAME
ArnP5AMEAMCiVwMEAMEW/wMEAMKR4jAfBAIAAjAZMBADBgQqAPpAMAMGBCoA+kBA
AwUAKgFkwDANBgkqhkiG9w0BAQsFAAOCAQEAHmAqMmJmdItOi4kVs68ZMfjHklso
FmrdAaSGbDhENalOro22d0qkO+cyURW7kBVo/sFFdphItFAPzNmrdwa/T8bbEENA
36AfJy2+EdsPqUI1lHH+2EMZSWQTcCba9FzuESyuh3S486yXexjx0xi7ZIVlRwKm
hOfxVcYJqR0934mtJ8dTgAQJIOGbHMSlE/m0pA/abmb7UXtrjLjUpDUt4qJD08/2
9AmJEwbOy9ujCTut1qWjF1YspWtX/qKJTgEvkbUDJhgAmnT0e7CKz3us7jLUnHPQ
ILc4nwMgv9GR8Ap317DQnXFWsXuqm1f3phGF61lRSA+fcDSx1RBNuOgIqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org