Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O0wDbRu2QbSRes6v9GRj20MSCNg.roa
File: O0wDbRu2QbSRes6v9GRj20MSCNg.roa (raw, json)
Hash identifier: k2tzhk+l7tui/KFJSxwiZfCHRMMaaeedeXt7EkQJ0nY=
Subject key identifier: 3B:4C:03:6D:1B:B6:41:B4:91:7A:CE:AF:F4:64:63:DB:43:12:08:D8
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0193784CF686D6E900B9A0D52CFE466FBF1E
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O0wDbRu2QbSRes6v9GRj20MSCNg.roa
Signing time: Fri 29 Nov 2024 14:22:09 +0000
ROA not before: Fri 29 Nov 2024 14:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
85.158.108.0/24 maxlen: 24
85.158.109.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:4c:f6:86:d6:e9:00:b9:a0:d5:2c:fe:46:6f:bf:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Nov 29 14:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b4c036d1bb641b4917aceaff46463db431208d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:88:dc:39:d1:3e:bf:b4:37:de:9f:0f:7e:
97:25:1e:06:9e:f1:21:cb:75:63:d5:ae:b5:52:64:
bb:1b:1f:21:23:be:62:76:14:d3:d3:b1:fb:68:99:
12:06:cd:46:11:86:dc:ee:30:68:7f:41:3d:25:c3:
c8:1e:b8:ef:31:0e:cb:ec:ee:b8:89:89:a5:9b:4d:
a5:93:28:09:50:8d:d3:c0:89:3b:c4:02:3e:91:14:
24:61:af:b6:f3:e6:1c:42:23:d8:21:4e:64:fb:7a:
f5:5b:13:22:60:b7:1c:9b:e3:12:07:5d:6e:b0:e1:
4a:14:63:a3:0b:c7:6d:66:31:77:bc:83:11:6c:0a:
73:a4:52:ed:ca:17:6a:be:89:b2:71:b0:86:12:63:
00:50:ee:dc:ce:24:44:45:3e:b4:2a:cc:3d:f2:57:
04:cb:c8:d4:7b:f5:5b:49:a3:5d:e9:44:52:ba:86:
7b:54:f8:50:4b:fb:6f:e0:3b:a9:3e:f6:fa:a2:2c:
29:a5:2b:45:c4:6c:62:a3:06:0e:68:03:a6:5f:27:
5d:31:f9:6d:b8:1c:60:73:00:28:1e:c5:eb:de:28:
1d:2e:25:ca:67:a2:3f:8f:56:dc:75:8e:10:1c:54:
c8:24:54:e1:60:db:df:e3:6b:a1:92:8a:5c:24:84:
b2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4C:03:6D:1B:B6:41:B4:91:7A:CE:AF:F4:64:63:DB:43:12:08:D8
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O0wDbRu2QbSRes6v9GRj20MSCNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
85.158.108.0/23
89.150.40.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
193.42.36.0/24
193.42.39.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9a:ab:99:b3:44:b2:70:c7:ae:c6:49:01:67:98:82:65:6a:82:
76:cb:40:ec:4f:d5:c8:8c:a1:aa:5c:5b:de:47:37:9b:80:71:
55:10:20:de:37:51:fd:92:9a:a6:6e:78:51:67:2e:b5:48:dd:
8e:8e:a3:a1:25:d9:dc:ab:6f:68:b1:1b:54:40:1c:64:e8:97:
3b:a7:a5:7a:e8:30:93:b1:b9:6e:84:14:ed:2b:dc:64:47:2e:
74:5b:56:be:ec:c3:f4:fa:b4:62:a3:4c:13:3b:92:d2:70:2c:
f1:65:0d:32:83:6c:87:98:dc:f0:87:f3:fe:ec:3a:8b:12:5e:
26:00:9a:2b:6e:a9:7c:33:64:b0:00:d5:d5:c3:ad:c2:92:a0:
f5:58:2c:0f:88:d1:30:e8:48:92:cd:8d:95:9d:3a:2a:bd:0b:
a0:aa:75:3d:66:54:be:3e:e0:97:24:dd:f3:e2:f6:55:b2:25:
56:7b:bf:b9:13:c5:ea:fe:cb:99:64:8b:81:9d:d8:5b:66:49:
a1:45:b6:d6:f7:09:ec:61:ed:99:3f:19:57:7b:30:50:b7:03:
75:11:cb:52:4c:75:fe:55:a9:93:e1:03:dc:50:95:7d:ae:f8:
18:05:8b:74:1a:9b:44:29:13:94:2b:e6:a9:e1:a6:0f:d9:0b:
e0:e9:13:72
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZN4TPaG1ukAuaDVLP5Gb78eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQxMTI5MTQyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRjMDM2ZDFiYjY0MWI0OTE3YWNlYWZmNDY0NjNkYjQzMTIwOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT+I3DnRPr+0N96fD36XJR4GnvEh
y3Vj1a61UmS7Gx8hI75idhTT07H7aJkSBs1GEYbc7jBof0E9JcPIHrjvMQ7L7O64
iYmlm02lkygJUI3TwIk7xAI+kRQkYa+28+YcQiPYIU5k+3r1WxMiYLccm+MSB11u
sOFKFGOjC8dtZjF3vIMRbApzpFLtyhdqvomycbCGEmMAUO7cziRERT60Ksw98lcE
y8jUe/VbSaNd6URSuoZ7VPhQS/tv4DupPvb6oiwppStFxGxiowYOaAOmXyddMflt
uBxgcwAoHsXr3igdLiXKZ6I/j1bcdY4QHFTIJFThYNvf42uhkopcJISygwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFDtMA20btkG0kXrOr/RkY9tDEgjYMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvTzB3RGJSdTJRYlNSZXM2djlHUmoyME1TQ05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgaMEAgABMIGcAwQB
BZX4AwQBBZX+MAwDBAJNU8QDBABNU8YDBAFPjaQDBAFPja4DBAFVnmwDBABZligD
BABZljADBABZljkDBABbwRIDBAC5KFYDBAK5UDQDBAG5UXIwDAMEBrlowAMEALlo
wgMEArl1WAMEALl7ZgMEALmuhQMEALmuhzAMAwQAueuJAwQAueuKAwQAwSokAwQA
wSonAwQAw1+bMFIEAgACMEwDBwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMH
ACoBhkAACQMHACoBhkAACgMHACoBhkAADzASAwcAKgGGQAARAwcBKgGGQAAUMA0G
CSqGSIb3DQEBCwUAA4IBAQCaq5mzRLJwx67GSQFnmIJlaoJ2y0DsT9XIjKGqXFve
RzebgHFVECDeN1H9kpqmbnhRZy61SN2OjqOhJdncq29osRtUQBxk6Jc7p6V66DCT
sbluhBTtK9xkRy50W1a+7MP0+rRio0wTO5LScCzxZQ0yg2yHmNzwh/P+7DqLEl4m
AJorbql8M2SwANXVw63CkqD1WCwPiNEw6EiSzY2VnToqvQugqnU9ZlS+PuCXJN3z
4vZVsiVWe7+5E8Xq/suZZIuBndhbZkmhRbbW9wnsYe2ZPxlXezBQtwN1EctSTHX+
VamT4QPcUJV9rvgYBYt0GptEKROUK+ap4aYP2Qvg6RNy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:44 2025 by rpki-client