Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/OaQf3NoxOFFMMzVbr34uGONBbX0.roa
File: OaQf3NoxOFFMMzVbr34uGONBbX0.roa (raw, json)
Hash identifier: ExH+5LaRMv65YaGaft7hLkp0QbmM5bUNf28oFNS9s1Y=
Subject key identifier: 39:A4:1F:DC:DA:31:38:51:4C:33:35:5B:AF:7E:2E:18:E3:41:6D:7D
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 0192661954122C53D238BE8277E14B468B12
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/OaQf3NoxOFFMMzVbr34uGONBbX0.roa
Signing time: Mon 07 Oct 2024 08:29:48 +0000
ROA not before: Mon 07 Oct 2024 08:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 18
77.104.128.0/18 maxlen: 18
82.68.0.0/15 maxlen: 15
82.71.0.0/16 maxlen: 16
82.71.240.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
88.97.64.0/19 maxlen: 19
88.97.96.0/20 maxlen: 20
88.97.169.0/24 maxlen: 24
88.97.170.0/24 maxlen: 24
88.97.171.0/24 maxlen: 24
88.97.172.0/24 maxlen: 24
88.97.173.0/24 maxlen: 24
88.97.174.0/24 maxlen: 24
88.97.175.0/24 maxlen: 24
88.97.176.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 19
212.23.0.0/23 maxlen: 23
217.155.0.0/16 maxlen: 16
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Oct 2024 14:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:19:54:12:2c:53:d2:38:be:82:77:e1:4b:46:8b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Oct 7 08:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39a41fdcda3138514c33355baf7e2e18e3416d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:18:f5:c2:ac:31:c8:9c:ad:5d:5e:b7:75:21:
47:ee:4b:12:e8:ec:79:75:5e:2a:34:27:4a:12:99:
cb:16:f4:58:45:bf:82:29:5c:64:e5:85:fd:43:19:
0b:74:fe:31:20:1f:cd:7b:7d:1c:24:75:2c:8d:8e:
79:69:88:81:90:d3:d3:8f:31:21:48:10:0a:b3:fc:
39:2a:ec:ff:1b:ec:2b:ad:2e:54:e8:d8:c9:64:6a:
ef:da:a5:ec:a0:e7:bc:c7:46:5c:f9:26:2b:9f:e9:
f6:34:a2:c3:77:1c:e6:05:17:02:cd:bc:16:52:4e:
1e:e4:5b:9c:34:a3:b7:e8:d7:9f:d3:25:9d:4f:04:
83:44:80:00:3b:4b:c0:20:da:89:3b:7f:03:47:b8:
7a:2a:47:34:14:b0:15:6d:34:b4:92:6d:4c:4d:9d:
8d:22:df:cc:c4:0c:97:34:43:6a:7e:72:cb:90:01:
7e:dc:7a:72:04:b5:6d:17:09:65:b0:7c:01:b8:7a:
c1:83:c9:67:c3:4a:29:99:10:a6:1c:b3:0a:45:6f:
db:a2:8c:5e:a1:94:f6:72:cd:fb:2d:2a:48:6f:5b:
a5:c7:cc:25:89:db:9e:63:de:d7:40:bc:ba:2d:9c:
c7:5a:5f:54:25:ef:3e:34:4e:07:0f:df:ba:f0:48:
08:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A4:1F:DC:DA:31:38:51:4C:33:35:5B:AF:7E:2E:18:E3:41:6D:7D
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/OaQf3NoxOFFMMzVbr34uGONBbX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/15
82.71.0.0/16
88.97.0.0-88.97.111.255
88.97.169.0-88.97.191.255
88.98.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
54:17:25:04:af:85:95:a7:9b:0d:14:82:e2:2b:fe:65:fd:d1:
98:70:9a:a8:42:e0:1b:df:29:32:62:be:d8:22:99:8e:4d:3c:
38:e1:f9:fd:cb:45:d3:b1:b0:06:22:b8:24:b4:99:0e:14:21:
6b:8d:4f:f2:8e:94:de:97:c5:7f:f5:95:3f:54:a2:f3:16:bf:
1b:a8:df:50:5f:55:3c:bc:aa:3e:d6:ef:7e:02:18:fa:a2:f9:
79:6b:0a:b4:04:9f:45:d0:e5:6e:d7:eb:98:1e:20:e0:a0:e9:
79:18:b3:0f:b4:eb:3e:7d:7d:46:29:01:49:98:dd:10:1a:27:
06:5f:28:08:24:01:10:61:50:e6:4d:b5:b2:2e:af:50:d8:7a:
12:c6:35:e3:a0:33:d0:b0:2a:4b:90:d4:a1:ea:79:88:9f:26:
9b:b2:f9:82:8d:f2:e8:23:73:d6:8b:2c:b6:5a:bd:f1:cf:66:
8e:9d:8c:96:d6:15:86:5e:78:5c:d7:10:78:ea:64:0d:e1:d9:
17:d3:a9:e7:87:42:c8:c0:8f:d4:f3:84:5e:84:c4:75:e7:47:
9b:4e:7f:c2:fa:be:d8:3c:97:0a:3b:c6:c8:28:1a:10:fd:66:
14:79:5a:6e:97:25:e0:84:a4:50:ed:67:8e:a5:d1:49:a9:e4:
00:36:bc:2f
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZJmGVQSLFPSOL6Cd+FLRosSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQxMDA3MDgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWE0MWZkY2RhMzEzODUxNGMzMzM1NWJhZjdlMmUxOGUzNDE2ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Rj1wqwxyJytXV63dSFH7ksS6Ox5
dV4qNCdKEpnLFvRYRb+CKVxk5YX9QxkLdP4xIB/Ne30cJHUsjY55aYiBkNPTjzEh
SBAKs/w5Kuz/G+wrrS5U6NjJZGrv2qXsoOe8x0Zc+SYrn+n2NKLDdxzmBRcCzbwW
Uk4e5FucNKO36Nef0yWdTwSDRIAAO0vAINqJO38DR7h6Kkc0FLAVbTS0km1MTZ2N
It/MxAyXNENqfnLLkAF+3HpyBLVtFwllsHwBuHrBg8lnw0opmRCmHLMKRW/booxe
oZT2cs37LSpIb1ulx8wlidueY97XQLy6LZzHWl9UJe8+NE4HD9+68EgIwwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFDmkH9zaMThRTDM1W69+LhjjQW19MB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvT2FRZjNOb3hPRkZNTXpWYnIzNHVHT05CYlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBigQCAAEwgYMDAwAz
lAMDADObAwQGPgNAAwQGTWiAAwMBUkQDAwBSRzALAwMAWGEDBARYYWAwDAMEAFhh
qQMEBlhhgDALAwMBWGIDBABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKg
MAwDBAFYYqoDBAZYYoADBAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAVBclBK+FlaebDRSC4iv+Zf3RmHCaqELgG98pMmK+
2CKZjk08OOH5/ctF07GwBiK4JLSZDhQha41P8o6U3pfFf/WVP1Si8xa/G6jfUF9V
PLyqPtbvfgIY+qL5eWsKtASfRdDlbtfrmB4g4KDpeRizD7TrPn19RikBSZjdEBon
Bl8oCCQBEGFQ5k21si6vUNh6EsY146Az0LAqS5DUoep5iJ8mm7L5go3y6CNz1oss
tlq98c9mjp2MltYVhl54XNcQeOpkDeHZF9Op54dCyMCP1POEXoTEdedHm05/wvq+
2DyXCjvGyCgaEP1mFHlabpcl4ISkUO1njqXRSankADa8Lw==
-----END CERTIFICATE-----
Generated at Mon Oct 7 20:37:58 2024 by rpki-client on console-fra.rpki-client.org