Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/odiTOpy8_CNcMJtjA9oLQ1wbi8Q.roa
File: odiTOpy8_CNcMJtjA9oLQ1wbi8Q.roa (raw, json)
Hash identifier: YJ/XX0+/tM+NwYRkzW1EuszABMHMgEUT1901b92tmr0=
Subject key identifier: A1:D8:93:3A:9C:BC:FC:23:5C:30:9B:63:03:DA:0B:43:5C:1B:8B:C4
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018CEDB21749617FCCCCF6EA693BA4184887
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/odiTOpy8_CNcMJtjA9oLQ1wbi8Q.roa
Signing time: Tue 09 Jan 2024 10:08:40 +0000
ROA not before: Tue 09 Jan 2024 10:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13037
IP address blocks: 212.23.0.0/19 maxlen: 19
82.71.240.0/20 maxlen: 20
88.97.64.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.172.0/22 maxlen: 22
88.98.170.0/23 maxlen: 23
88.98.176.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
51.148.0.0/16 maxlen: 16
88.97.128.0/17 maxlen: 17
62.3.64.0/18 maxlen: 18
51.170.0.0/16 maxlen: 18
88.97.96.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.22.0/23 maxlen: 23
88.98.21.0/24 maxlen: 24
88.98.18.0/24 maxlen: 24
88.96.0.0/16 maxlen: 16
217.155.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
77.104.128.0/18 maxlen: 18
82.68.0.0/14 maxlen: 14
88.98.128.0/19 maxlen: 19
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
146.66.64.0/18 maxlen: 18
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:b2:17:49:61:7f:cc:cc:f6:ea:69:3b:a4:18:48:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jan 9 10:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1d8933a9cbcfc235c309b6303da0b435c1b8bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0c:86:5f:8f:d2:b2:8c:7b:d1:4c:6b:a1:6c:
84:f2:5d:50:7e:65:a7:5f:5f:2f:68:8a:45:9e:2d:
23:f5:9a:0a:76:c8:a2:38:db:83:13:87:8b:df:5d:
78:39:72:76:70:d6:67:53:07:6f:68:7e:ec:31:42:
c0:4c:69:19:4d:cc:74:37:80:7c:7d:61:1a:60:66:
89:e3:0a:69:bd:b8:cb:b6:69:43:a9:18:19:36:ea:
af:4d:fc:74:77:5d:fd:84:68:3e:43:73:cc:66:c4:
0e:3a:91:49:3d:6c:cc:2e:d0:0c:5a:dc:d8:a1:fa:
5d:38:68:e3:c4:e3:0b:17:63:3a:fd:9b:1c:c6:89:
d2:dd:2b:86:ab:41:c8:e2:52:8f:d8:3a:1f:77:de:
33:a8:e8:ed:60:b0:7e:b2:a4:07:47:3b:b8:9e:e7:
d3:2e:a9:5d:f9:d4:96:ec:3e:b2:02:68:0c:f1:70:
c8:99:e2:78:7c:1d:ad:ba:5d:1b:ac:38:87:2e:fe:
58:98:2d:c8:de:e0:a2:3e:d8:63:a1:5e:9d:2f:a1:
ae:34:5d:68:ba:0f:4e:fb:b3:87:89:e5:3a:c5:8a:
ae:6e:b8:58:b3:ba:00:49:16:cd:6a:8d:78:dc:2a:
fa:ee:c6:da:08:e4:46:62:d0:f2:ca:6f:f9:a5:65:
73:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D8:93:3A:9C:BC:FC:23:5C:30:9B:63:03:DA:0B:43:5C:1B:8B:C4
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/odiTOpy8_CNcMJtjA9oLQ1wbi8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/14
88.96.0.0-88.97.111.255
88.97.128.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
14:86:51:b9:29:fa:1c:7f:bb:7d:04:9b:79:27:c5:8f:cb:e5:
2c:90:ed:46:50:87:48:9e:e3:27:e8:fd:6f:e2:28:ba:d2:92:
a2:59:f1:93:05:68:6c:00:a7:0c:20:28:2a:ad:51:6b:23:1e:
71:52:a4:33:b5:2d:81:01:ad:3a:0a:e4:30:1c:bc:02:78:d5:
62:0a:08:c9:8e:8e:11:60:28:14:3b:b6:c5:88:ec:a1:03:4a:
00:30:24:04:e3:21:11:5d:0b:8f:ee:0d:5e:d7:46:45:4a:db:
42:6d:42:5e:18:dc:4b:db:c3:8a:d5:41:f7:ac:49:8f:16:62:
cd:98:3c:fc:06:f6:e5:e6:15:aa:7f:49:f3:79:5a:bd:a1:4c:
ff:b1:ed:0a:1f:1b:c4:74:9c:b9:c6:72:db:ac:35:26:06:76:
13:ed:14:b0:a5:ae:ef:9a:84:da:bc:65:44:3d:51:69:48:be:
e5:e8:15:7c:1e:c5:84:e3:0e:2b:7d:81:92:ee:df:18:f1:02:
a5:7b:ad:d5:ff:f9:e6:e4:81:74:37:26:84:ff:b7:44:67:c5:
8a:11:20:42:14:6a:85:cd:61:18:da:9b:43:a7:1e:70:11:c7:
28:27:7c:2a:95:18:e6:95:3d:da:1f:34:bf:cd:ba:3c:d1:84:
a4:11:0a:4a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYztshdJYX/MzPbqaTukGEiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwMTA5MTAwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ4OTMzYTljYmNmYzIzNWMzMDliNjMwM2RhMGI0MzVjMWI4YmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AyGX4/Ssox70UxroWyE8l1QfmWn
X18vaIpFni0j9ZoKdsiiONuDE4eL3114OXJ2cNZnUwdvaH7sMULATGkZTcx0N4B8
fWEaYGaJ4wppvbjLtmlDqRgZNuqvTfx0d139hGg+Q3PMZsQOOpFJPWzMLtAMWtzY
ofpdOGjjxOMLF2M6/ZscxonS3SuGq0HI4lKP2Dofd94zqOjtYLB+sqQHRzu4nufT
Lqld+dSW7D6yAmgM8XDImeJ4fB2tul0brDiHLv5YmC3I3uCiPthjoV6dL6GuNF1o
ug9O+7OHieU6xYqubrhYs7oASRbNao143Cr67sbaCORGYtDyym/5pWVz7wIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFKHYkzqcvPwjXDCbYwPaC0NcG4vEMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvb2RpVE9weThfQ05jTUp0akE5b0xRMXdiaThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwMAM5QD
AwAzmwMDADOqAwQGPgNAAwQGTWiAAwMCUkQwCwMDBVhgAwQEWGFgMAwDBAdYYYAD
BABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoDBAZYYoAD
BAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0BAQsFAAOC
AQEAFIZRuSn6HH+7fQSbeSfFj8vlLJDtRlCHSJ7jJ+j9b+IoutKSolnxkwVobACn
DCAoKq1RayMecVKkM7UtgQGtOgrkMBy8AnjVYgoIyY6OEWAoFDu2xYjsoQNKADAk
BOMhEV0Lj+4NXtdGRUrbQm1CXhjcS9vDitVB96xJjxZizZg8/Ab25eYVqn9J83la
vaFM/7HtCh8bxHScucZy26w1JgZ2E+0UsKWu75qE2rxlRD1RaUi+5egVfB7FhOMO
K32Bku7fGPECpXut1f/55uSBdDcmhP+3RGfFihEgQhRqhc1hGNqbQ6cecBHHKCd8
KpUY5pU92h80v826PNGEpBEKSg==
-----END CERTIFICATE-----
Generated at Tue Jan 23 17:46:26 2024 by rpki-client on console-fra.rpki-client.org