Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O1ZpxSjzT4f6Lki799CSoaeCqFM.roa
File: O1ZpxSjzT4f6Lki799CSoaeCqFM.roa (raw, json)
Hash identifier: 8o5tKWnhHUwbp6Sq761Jo8CJhr1Ligw8wtVDGE1PRZk=
Subject key identifier: 3B:56:69:C5:28:F3:4F:87:FA:2E:48:BB:F7:D0:92:A1:A7:82:A8:53
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019123364534C72A91404D385816E9146FC6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O1ZpxSjzT4f6Lki799CSoaeCqFM.roa
Signing time: Mon 05 Aug 2024 15:44:04 +0000
ROA not before: Mon 05 Aug 2024 15:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
2a0a:9300::/32 maxlen: 32
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Aug 2024 13:54:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:36:45:34:c7:2a:91:40:4d:38:58:16:e9:14:6f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 5 15:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b5669c528f34f87fa2e48bbf7d092a1a782a853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:36:db:ec:54:ff:ee:90:68:e5:85:2c:a9:
20:f7:70:9c:a6:c2:19:ff:c3:b0:57:57:98:93:34:
bd:5d:29:08:76:92:d0:e1:f3:90:63:d2:dd:bd:a9:
53:fe:57:3c:c0:47:75:a3:fa:6b:30:38:fd:ad:99:
9f:a4:74:8f:e0:34:a8:73:13:e8:e8:2d:e3:79:28:
d3:c4:2c:15:9a:90:c1:dd:e6:9a:89:50:92:c7:12:
8d:31:95:a7:13:e2:d7:2a:2f:0c:22:16:e2:66:11:
8a:ee:a5:d3:3d:7b:04:22:c8:8d:ec:03:6b:86:24:
91:9c:c4:5f:07:65:fd:eb:b1:da:55:78:41:e9:70:
89:d3:c3:b3:dd:0f:89:c0:5d:52:a5:6a:63:a7:0e:
54:40:82:7b:78:b1:0e:f0:e3:6e:32:0a:05:f4:34:
05:6a:ff:9f:3b:7b:37:11:98:6a:72:14:80:b6:28:
5d:8a:8f:f9:c4:1b:90:41:d4:6d:fa:a0:bd:88:b5:
f9:77:64:6e:97:66:af:e1:f1:ae:8b:f7:cc:3e:09:
64:7e:4b:61:30:90:a3:41:ba:b0:a5:00:8c:35:dc:
63:6f:3e:95:be:30:88:6f:5d:33:cb:d5:73:41:29:
fa:5d:b6:24:96:ac:d0:ae:3a:cc:f9:a4:3a:96:1e:
61:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:56:69:C5:28:F3:4F:87:FA:2E:48:BB:F7:D0:92:A1:A7:82:A8:53
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O1ZpxSjzT4f6Lki799CSoaeCqFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0-45.133.246.255
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.58.207.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.125.228.0/24
185.125.231.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
0c:94:eb:0c:27:aa:0e:8b:e2:76:75:dc:c6:81:09:d0:55:ee:
2b:0b:ef:d0:74:22:9d:9c:f4:e4:6a:b2:17:6c:2b:ec:09:c4:
f0:ed:8d:1d:80:98:cf:d1:46:dd:2a:15:a1:bf:93:cd:97:62:
2f:04:22:43:7d:d0:4b:4f:a8:8d:52:6e:7f:65:50:8d:bd:ad:
4f:ad:c1:8f:83:30:62:60:7a:93:b1:34:82:0f:51:86:61:ab:
10:ea:c4:c2:7d:5e:9a:11:9c:e3:8f:1f:ef:b1:2e:ca:99:e2:
10:a8:82:c9:5e:75:ac:4c:90:7e:cc:e4:08:4e:ce:c0:0b:43:
85:0b:27:68:15:2a:57:c1:84:f7:00:6a:a3:e8:67:2a:57:3f:
84:eb:de:85:1e:7e:b8:90:f6:a2:7e:75:56:3b:9a:66:eb:f9:
f7:83:dc:c2:8d:fd:03:34:07:d9:20:21:96:44:fa:2e:e3:4e:
cc:6f:ce:88:7f:7e:77:fb:81:ef:6b:ce:55:dd:db:41:91:88:
95:22:33:60:04:0f:4f:54:04:55:b4:b8:d4:ba:49:86:36:52:
97:a9:3e:9b:97:1d:1a:b4:47:14:e7:f0:03:75:51:47:d3:d4:
b3:22:3d:6c:2e:01:e3:fb:0d:9b:93:13:39:49:75:06:48:17:
25:7e:2a:8e
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZEjNkU0xyqRQE04WBbpFG/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwODA1MTU0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU2NjljNTI4ZjM0Zjg3ZmEyZTQ4YmJmN2QwOTJhMWE3ODJhODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm822+xU/+6QaOWFLKkg93CcpsIZ
/8OwV1eYkzS9XSkIdpLQ4fOQY9LdvalT/lc8wEd1o/prMDj9rZmfpHSP4DSocxPo
6C3jeSjTxCwVmpDB3eaaiVCSxxKNMZWnE+LXKi8MIhbiZhGK7qXTPXsEIsiN7ANr
hiSRnMRfB2X967HaVXhB6XCJ08Oz3Q+JwF1SpWpjpw5UQIJ7eLEO8ONuMgoF9DQF
av+fO3s3EZhqchSAtihdio/5xBuQQdRt+qC9iLX5d2Rul2av4fGui/fMPglkfkth
MJCjQbqwpQCMNdxjbz6VvjCIb10zy9VzQSn6XbYklqzQrjrM+aQ6lh5hoQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFDtWacUo80+H+i5Iu/fQkqGngqhTMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTzFacHhTanpUNGY2TGtpNzk5Q1NvYWVDcUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAEF
tIgDBAAF/HQDBAAtWUAwDAMEAC2F9QMEAC2F9gMEAC4RagMEAFXRAAMEAF/WCAME
AYsc3AMEALkRAgMEALk6zwMEALlepwMEALlo+gMEALlpdgMEALl95AMEALl95wME
ALm8tQMEAMFtVAMEAMI1NgMEAMJDyAMEAMNCVzANBAIAAjAHAwUAKgqTADANBgkq
hkiG9w0BAQsFAAOCAQEADJTrDCeqDovidnXcxoEJ0FXuKwvv0HQinZz05GqyF2wr
7AnE8O2NHYCYz9FG3SoVob+TzZdiLwQiQ33QS0+ojVJuf2VQjb2tT63Bj4MwYmB6
k7E0gg9RhmGrEOrEwn1emhGc448f77EuypniEKiCyV51rEyQfszkCE7OwAtDhQsn
aBUqV8GE9wBqo+hnKlc/hOvehR5+uJD2on51VjuaZuv594Pcwo39AzQH2SAhlkT6
LuNOzG/OiH9+d/uB72vOVd3bQZGIlSIzYAQPT1QEVbS41LpJhjZSl6k+m5cdGrRH
FOfwA3VRR9PUsyI9bC4B4/sNm5MTOUl1BkgXJX4qjg==
-----END CERTIFICATE-----
Generated at Fri Aug 9 18:23:57 2024 by rpki-client on console-ams.rpki-client.org