Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/oy_E4QPb2hghebwkLB1eZDxTzPk.roa
File: oy_E4QPb2hghebwkLB1eZDxTzPk.roa (raw, json)
Hash identifier: SX/jUKNHzpUErUEWrlQO8gAS8bx+ea4kLWlUQQnI720=
Subject key identifier: A3:2F:C4:E1:03:DB:DA:18:21:79:BC:24:2C:1D:5E:64:3C:53:CC:F9
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0185714C20D7E03AC142853B857BD6990CF7
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/oy_E4QPb2hghebwkLB1eZDxTzPk.roa
Signing time: Mon 02 Jan 2023 07:04:52 +0000
ROA not before: Mon 02 Jan 2023 07:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20880
IP address blocks: 158.181.68.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
62.117.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
5.28.64.0/19 maxlen: 19
5.28.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
5.28.96.0/19 maxlen: 19
185.9.224.0/22 maxlen: 22
62.117.0.192/28 maxlen: 28
86.56.64.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.128/26 maxlen: 26
62.117.0.0/19 maxlen: 19
62.117.0.0/20 maxlen: 24
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
2a02:2450::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:20:d7:e0:3a:c1:42:85:3b:85:7b:d6:99:0c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 2 07:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a32fc4e103dbda182179bc242c1d5e643c53ccf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f2:3f:87:f7:3a:e3:0e:a7:26:c9:d6:6f:fd:
e7:31:e3:eb:79:e3:bd:2c:38:cb:37:73:c0:72:9d:
8d:02:9c:df:cd:62:46:62:65:f0:2b:3b:94:ef:26:
62:1e:b8:ef:d2:d8:be:bd:b4:83:a3:3f:cf:33:ab:
07:ab:0a:bd:35:6d:c2:51:41:74:82:1d:16:c6:08:
eb:c8:80:12:09:b1:99:cd:33:6e:86:de:15:28:15:
19:33:5a:74:cc:89:9e:e5:08:ad:72:2b:09:c9:c8:
dd:55:d7:c6:b7:ea:ef:2b:fa:5f:29:a1:46:84:1d:
3a:be:4f:5b:a2:ac:78:39:01:7f:50:d1:d4:58:7a:
07:dd:b4:f7:60:2a:01:d2:b6:b4:a9:1e:4c:d6:bd:
ec:b5:e1:cc:ae:ea:9e:4d:a7:ef:84:6b:2b:33:31:
aa:dc:43:8b:57:0f:d6:2f:dd:72:a4:74:da:b5:6f:
bc:dc:0a:a2:d6:38:79:da:d3:7f:57:ae:67:4d:f4:
2a:7c:d8:54:5f:31:f7:bb:bc:32:e0:5f:15:62:01:
37:9c:82:df:f8:44:f1:e8:fc:5a:83:8c:eb:ef:6e:
9a:b7:73:57:27:5d:1d:59:77:89:60:5f:66:2b:19:
ac:16:3d:98:20:50:3e:8d:b9:44:29:ff:5f:3c:c0:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:2F:C4:E1:03:DB:DA:18:21:79:BC:24:2C:1D:5E:64:3C:53:CC:F9
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/oy_E4QPb2hghebwkLB1eZDxTzPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
7a:5a:32:06:a5:49:c5:e5:93:fa:d0:2c:e6:30:81:ed:6b:c9:
d6:39:18:8d:01:64:19:6e:be:b1:cd:fb:1a:5c:a1:14:bf:73:
87:38:37:53:7a:d6:af:97:c4:94:78:28:f5:84:ed:14:6b:88:
d3:be:b6:5f:8c:9d:f4:19:96:24:19:89:df:08:8c:c1:4b:f3:
bf:49:88:e6:bb:ae:eb:ec:c0:2f:41:1c:67:1a:a2:e5:db:69:
9b:02:5d:46:f8:73:ef:80:60:a3:cc:ee:5a:46:db:a2:72:9f:
67:26:44:09:93:f5:86:8f:b4:79:a7:69:2c:ac:7c:b4:aa:c3:
5f:f0:44:89:04:bb:e8:4a:5b:cb:55:1f:13:9b:94:aa:e0:26:
df:f0:ff:77:51:8f:a2:be:cf:a2:c6:ef:b1:2f:38:55:61:fd:
c0:d0:f1:8e:ba:44:aa:89:f9:46:1d:10:ab:d6:bb:7d:38:0a:
7f:bd:4c:8a:b2:0a:9e:36:72:34:b4:f2:21:04:bf:c9:ba:34:
d3:42:b4:60:f7:c4:ad:65:69:a4:d9:32:c6:74:0a:90:ce:c6:
86:e9:3b:e3:85:39:62:22:86:2c:80:09:69:60:07:7c:fa:72:
a1:24:76:59:84:4d:e1:4a:9d:36:8c:9f:8e:f0:4a:9f:22:8b:
16:66:d1:59
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVxTCDX4DrBQoU7hXvWmQz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjMwMTAyMDcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzJmYzRlMTAzZGJkYTE4MjE3OWJjMjQyYzFkNWU2NDNjNTNjY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/I/h/c64w6nJsnWb/3nMePreeO9
LDjLN3PAcp2NApzfzWJGYmXwKzuU7yZiHrjv0ti+vbSDoz/PM6sHqwq9NW3CUUF0
gh0WxgjryIASCbGZzTNuht4VKBUZM1p0zIme5QitcisJycjdVdfGt+rvK/pfKaFG
hB06vk9boqx4OQF/UNHUWHoH3bT3YCoB0ra0qR5M1r3steHMruqeTafvhGsrMzGq
3EOLVw/WL91ypHTatW+83Aqi1jh52tN/V65nTfQqfNhUXzH3u7wy4F8VYgE3nILf
+ETx6Pxag4zr726at3NXJ10dWXeJYF9mKxmsFj2YIFA+jblEKf9fPMBxHQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKMvxOED29oYIXm8JCwdXmQ8U8z5MB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvb3lfRTRRUGIyaGdoZWJ3a0xCMWVaRHhUelBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGBRxAAwQH
JXgAAwQFPnUAAwQFUncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcD
BQMqAiRQMA0GCSqGSIb3DQEBCwUAA4IBAQB6WjIGpUnF5ZP60CzmMIHta8nWORiN
AWQZbr6xzfsaXKEUv3OHODdTetavl8SUeCj1hO0Ua4jTvrZfjJ30GZYkGYnfCIzB
S/O/SYjmu67r7MAvQRxnGqLl22mbAl1G+HPvgGCjzO5aRtuicp9nJkQJk/WGj7R5
p2ksrHy0qsNf8ESJBLvoSlvLVR8Tm5Sq4Cbf8P93UY+ivs+ixu+xLzhVYf3A0PGO
ukSqiflGHRCr1rt9OAp/vUyKsgqeNnI0tPIhBL/JujTTQrRg98StZWmk2TLGdAqQ
zsaG6TvjhTliIoYsgAlpYAd8+nKhJHZZhE3hSp02jJ+O8EqfIosWZtFZ
-----END CERTIFICATE-----
Generated at Mon Oct 16 08:28:10 2023 by rpki-client on console-fra.rpki-client.org