Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/oTa_jw2C2mJPbrIsr_SCw81efnY.roa
File: oTa_jw2C2mJPbrIsr_SCw81efnY.roa (raw, json)
Hash identifier: gOMhp/r+Ld9P6LR8P5AKtaq/Izg4kFoDrclmYG7sNeM=
Subject key identifier: A1:36:BF:8F:0D:82:DA:62:4F:6E:B2:2C:AF:F4:82:C3:CD:5E:7E:76
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D3B2D7698DD23C43AB9086B47B482725B
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/oTa_jw2C2mJPbrIsr_SCw81efnY.roa
Signing time: Wed 24 Jan 2024 11:14:11 +0000
ROA not before: Wed 24 Jan 2024 11:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 2.136.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
83.37.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
83.47.0.0/16 maxlen: 16
83.52.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
83.60.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
88.15.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
192.101.1.0/24 maxlen: 24
194.179.112.0/24 maxlen: 24
195.53.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
195.53.218.0/23 maxlen: 23
195.55.110.0/24 maxlen: 24
213.99.44.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 06:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:2d:76:98:dd:23:c4:3a:b9:08:6b:47:b4:82:72:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 24 11:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a136bf8f0d82da624f6eb22caff482c3cd5e7e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:14:87:ca:b1:9e:e1:f8:0c:d3:40:94:d0:
c6:8f:bd:e1:a3:90:9b:f1:4c:e9:d5:0c:71:32:8a:
e4:59:47:5e:0c:f0:47:cf:ab:f4:a2:30:c1:2c:4a:
f0:73:b5:44:56:ed:52:34:e9:16:7d:64:bc:44:f5:
cd:99:c7:83:97:61:e5:47:d1:63:c7:f9:0b:66:f6:
af:18:a3:88:c2:d5:7a:84:b5:d9:58:44:57:d2:f0:
66:ac:5c:be:38:1f:f6:39:5e:ce:e6:9e:98:a2:73:
bf:1a:15:5b:97:49:0f:44:b3:af:d4:b5:87:e0:51:
ad:11:ad:6e:96:fc:ac:26:a8:f8:13:75:cc:5e:00:
de:91:bc:f3:13:2f:a7:c9:ea:6d:fe:c3:99:11:36:
44:4d:63:77:dc:95:64:22:98:35:8d:b0:1a:24:17:
9e:81:69:5f:0d:b7:2b:6b:c9:9f:42:cd:a6:2d:32:
a3:23:61:da:38:69:4f:99:b7:15:13:f7:40:55:77:
38:02:b2:ac:a9:28:55:03:6c:ae:1e:84:f6:4a:2c:
20:88:10:2f:cd:3d:e1:e4:6e:d1:e3:28:3d:0e:c2:
7f:f4:42:ae:b7:2f:f2:c3:22:0c:28:b6:3e:a5:1f:
3c:46:e0:e4:65:54:4f:56:4f:72:5c:34:5c:c0:2b:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:36:BF:8F:0D:82:DA:62:4F:6E:B2:2C:AF:F4:82:C3:CD:5E:7E:76
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/oTa_jw2C2mJPbrIsr_SCw81efnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.136.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.41.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
192.101.1.0/24
194.179.112.0/24
195.53.0.0/16
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:79:a4:10:94:ec:22:79:07:1d:0c:a4:65:3f:56:bc:c7:dd:
56:e8:c3:9b:69:73:53:ea:de:85:8f:fd:f1:2e:97:33:b6:0e:
23:76:f8:1c:37:4e:0d:ce:1b:64:e8:29:14:09:de:e5:af:2e:
f1:e4:52:cb:08:e0:42:7e:ce:0a:7e:e3:07:0d:6a:b7:7d:65:
53:b8:34:d8:9b:32:35:de:c8:30:83:8b:50:f7:6c:b4:44:eb:
93:71:69:3b:96:c0:99:9b:6b:8f:e0:70:7a:7c:12:51:f8:90:
0d:23:19:87:d0:64:b5:82:43:04:d4:79:b6:9b:cb:3d:8b:e5:
89:f0:f3:d8:be:90:b3:ff:7f:a0:40:ad:b5:a2:13:ba:dc:05:
c9:12:34:a6:eb:1a:23:f6:b7:da:c7:7f:0c:c3:02:e1:7c:e0:
8c:79:da:2a:f7:ef:b9:91:e7:96:9b:d9:b7:52:85:a2:42:22:
71:b3:98:15:f5:c8:a9:ff:a8:85:c9:29:52:46:a4:03:58:df:
4a:f2:71:9b:72:19:e9:97:ee:cf:82:48:5e:a4:8a:71:52:8c:
96:90:2e:b2:a0:d5:a5:80:b0:58:9e:92:d9:7f:30:81:69:ed:
ec:a5:3d:85:29:bd:f7:5c:54:bb:19:08:b7:d9:87:11:1f:e8:
46:c4:8f:f8
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAY07LXaY3SPEOrkIa0e0gnJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTI0MTExNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM2YmY4ZjBkODJkYTYyNGY2ZWIyMmNhZmY0ODJjM2NkNWU3ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9EUh8qxnuH4DNNAlNDGj73ho5Cb
8Uzp1QxxMorkWUdeDPBHz6v0ojDBLErwc7VEVu1SNOkWfWS8RPXNmceDl2HlR9Fj
x/kLZvavGKOIwtV6hLXZWERX0vBmrFy+OB/2OV7O5p6YonO/GhVbl0kPRLOv1LWH
4FGtEa1ulvysJqj4E3XMXgDekbzzEy+nyept/sOZETZETWN33JVkIpg1jbAaJBee
gWlfDbcra8mfQs2mLTKjI2HaOGlPmbcVE/dAVXc4ArKsqShVA2yuHoT2SiwgiBAv
zT3h5G7R4yg9DsJ/9EKuty/ywyIMKLY+pR88RuDkZVRPVk9yXDRcwCssOwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFKE2v48NgtpiT26yLK/0gsPNXn52MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvb1RhX2p3MkMybUpQYnJJc3JfU0N3ODFlZm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBmAQCAAEwgZEwCgMD
AwKIAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMBUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMEAMBlAQMEAMKzcAMDAMM1AwQAwzduAwQA1WMsAwQA1WM7MA0G
CSqGSIb3DQEBCwUAA4IBAQDreaQQlOwieQcdDKRlP1a8x91W6MObaXNT6t6Fj/3x
Lpcztg4jdvgcN04Nzhtk6CkUCd7lry7x5FLLCOBCfs4KfuMHDWq3fWVTuDTYmzI1
3sgwg4tQ92y0ROuTcWk7lsCZm2uP4HB6fBJR+JANIxmH0GS1gkME1Hm2m8s9i+WJ
8PPYvpCz/3+gQK21ohO63AXJEjSm6xoj9rfax38MwwLhfOCMedoq9++5keeWm9m3
UoWiQiJxs5gV9cip/6iFySlSRqQDWN9K8nGbchnpl+7PgkhepIpxUoyWkC6yoNWl
gLBYnpLZfzCBae3spT2FKb33XFS7GQi32YcRH+hGxI/4
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:29:11 2025 by rpki-client