Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O8nvht3XaZCFkklrrOBKiL3s_BM.roa
File: O8nvht3XaZCFkklrrOBKiL3s_BM.roa (raw, json)
Hash identifier: K/N+SN+qlVISVK/PIJV/9cj9AAkRExs/FwSWEcJVNVc=
Subject key identifier: 3B:C9:EF:86:DD:D7:69:90:85:92:49:6B:AC:E0:4A:88:BD:EC:FC:13
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C3996551E7060129336E99A7D5D07
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O8nvht3XaZCFkklrrOBKiL3s_BM.roa
Signing time: Mon 02 Jan 2023 05:55:04 +0000
ROA not before: Mon 02 Jan 2023 05:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 Feb 2023 11:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:39:96:55:1e:70:60:12:93:36:e9:9a:7d:5d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc9ef86ddd769908592496bace04a88bdecfc13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a6:8e:0a:4d:b8:f5:1d:e0:4f:43:b7:e3:56:
73:69:70:6a:32:d6:47:e0:89:7b:04:2a:ea:e9:d9:
31:e5:a9:35:3d:7c:56:c9:80:db:45:35:e9:84:92:
7a:fa:0d:78:22:a6:8c:3d:5c:26:96:be:6c:f7:4f:
8f:9e:e9:80:ad:29:3a:0b:43:17:bd:2f:29:22:a4:
c4:71:b4:08:cd:74:b4:66:57:f8:db:8f:fc:83:ac:
c6:c0:8c:46:64:97:f7:96:b6:bf:0a:c0:6e:85:46:
ad:00:91:38:68:30:f2:d5:52:a9:34:75:b7:5d:90:
2e:ec:37:fa:12:ae:58:0f:29:2b:b5:f6:79:e0:52:
cd:fc:81:d5:5b:26:55:fc:3f:c1:e2:ba:6e:48:06:
c6:cc:cb:40:b7:99:da:40:11:d9:dd:28:7a:bb:ea:
c9:56:3f:3a:1d:88:57:d5:0f:f5:63:8f:70:aa:5b:
8f:0e:45:fd:1c:b1:82:6d:6b:e5:40:1c:ae:35:a6:
7c:e5:85:59:cb:6f:cd:39:14:10:31:c8:dd:50:58:
c5:17:75:da:4e:d6:98:4a:dd:e6:4c:79:92:54:19:
25:e7:3b:aa:4c:21:99:f5:a1:a2:13:ef:e2:70:19:
a7:7f:34:1f:72:4a:c7:70:f3:ba:f0:95:a5:25:6a:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C9:EF:86:DD:D7:69:90:85:92:49:6B:AC:E0:4A:88:BD:EC:FC:13
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/O8nvht3XaZCFkklrrOBKiL3s_BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.221.0/24
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
91:2e:62:c0:68:93:fd:2a:e8:72:51:72:07:13:b9:b0:0c:1c:
88:35:53:29:03:f8:b1:41:82:49:df:63:fc:45:4f:57:3e:f1:
fe:11:e5:7b:54:7a:69:e4:b5:fd:ce:3a:30:9b:24:ef:24:4c:
ea:29:74:08:d6:69:50:72:b2:d6:32:77:50:77:64:7d:57:21:
ab:6d:54:66:78:32:12:b0:9d:fb:b1:e9:03:75:02:53:c8:cd:
4e:d5:70:6b:b5:ec:77:c7:54:45:86:09:ce:e1:1a:f7:7f:3b:
05:81:c8:32:87:f5:1f:5f:8c:a0:d2:e9:64:ed:75:f5:50:1a:
3c:d9:f8:b6:35:54:f6:4b:b8:6b:d0:a9:91:9b:a6:28:ef:17:
a3:32:cd:d2:bb:90:f7:38:93:46:a1:a7:ff:e2:3b:e0:53:f5:
da:9b:20:10:94:88:d4:3d:c0:b3:1a:8e:49:16:81:12:6b:6b:
c3:e0:0d:dd:1b:87:6f:89:e8:f0:85:b9:64:04:51:13:e9:2a:
da:d8:11:ee:75:79:60:0c:6f:c7:e5:b6:a3:0f:be:4a:ef:46:
f3:7d:c9:0d:d7:61:4a:59:b2:d0:be:11:86:e6:c7:03:35:fd:
35:86:ad:e7:d6:b6:26:e4:1f:db:64:44:8a:f7:4e:db:60:c5:
38:d1:fe:76
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVxDDmWVR5wYBKTNumafV0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM5ZWY4NmRkZDc2OTkwODU5MjQ5NmJhY2UwNGE4OGJkZWNmYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqaOCk249R3gT0O341ZzaXBqMtZH
4Il7BCrq6dkx5ak1PXxWyYDbRTXphJJ6+g14IqaMPVwmlr5s90+PnumArSk6C0MX
vS8pIqTEcbQIzXS0Zlf424/8g6zGwIxGZJf3lra/CsBuhUatAJE4aDDy1VKpNHW3
XZAu7Df6Eq5YDykrtfZ54FLN/IHVWyZV/D/B4rpuSAbGzMtAt5naQBHZ3Sh6u+rJ
Vj86HYhX1Q/1Y49wqluPDkX9HLGCbWvlQByuNaZ85YVZy2/NORQQMcjdUFjFF3Xa
TtaYSt3mTHmSVBkl5zuqTCGZ9aGiE+/icBmnfzQfckrHcPO68JWlJWqgVQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFDvJ74bd12mQhZJJa6zgSoi97PwTMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTzhudmh0M1hhWkNGa2tscnJPQktpTDNzX0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCBbSIAwQA
Bfx0AwQALVlAAwQALYX1AwQALhFqAwQAVdEAAwQAX9YIAwQAixzdAwQAuRECAwQA
uV6nAwQAuWj6AwQAuby1AwQAwW1UAwQAwjU2MA0EAgACMAcDBQAqCpMAMA0GCSqG
SIb3DQEBCwUAA4IBAQCRLmLAaJP9KuhyUXIHE7mwDByINVMpA/ixQYJJ32P8RU9X
PvH+EeV7VHpp5LX9zjowmyTvJEzqKXQI1mlQcrLWMndQd2R9VyGrbVRmeDISsJ37
sekDdQJTyM1O1XBrtex3x1RFhgnO4Rr3fzsFgcgyh/UfX4yg0ulk7XX1UBo82fi2
NVT2S7hr0KmRm6Yo7xejMs3Su5D3OJNGoaf/4jvgU/XamyAQlIjUPcCzGo5JFoES
a2vD4A3dG4dviejwhblkBFET6Sra2BHudXlgDG/H5bajD75K70bzfckN12FKWbLQ
vhGG5scDNf01hq3n1rYm5B/bZESK907bYMU40f52
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org