Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/otsFOU8UUYUVtDReQkMhkSy2ja0.roa
File: otsFOU8UUYUVtDReQkMhkSy2ja0.roa (raw, json)
Hash identifier: u6ZLbA92mOkRVnehX9WKL9PIgM9YQZKIMzxUlFe79qk=
Subject key identifier: A2:DB:05:39:4F:14:51:85:15:B4:34:5E:42:43:21:91:2C:B6:8D:AD
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018CC80245DF1E97B198CF78979262886ACB
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/otsFOU8UUYUVtDReQkMhkSy2ja0.roa
Signing time: Tue 02 Jan 2024 02:30:41 +0000
ROA not before: Tue 02 Jan 2024 02:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44395
IP address blocks: 109.75.40.0/21 maxlen: 24
46.162.192.0/18 maxlen: 24
46.36.112.0/20 maxlen: 24
178.78.160.0/20 maxlen: 24
212.34.224.0/19 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.208.0/20 maxlen: 24
212.34.232.0/21 maxlen: 24
178.78.176.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
188.115.192.0/18 maxlen: 24
37.157.220.0/22 maxlen: 24
81.16.0.0/20 maxlen: 24
185.86.195.0/24 maxlen: 24
82.199.192.0/20 maxlen: 24
109.75.36.0/22 maxlen: 24
178.78.128.0/19 maxlen: 24
109.75.34.0/23 maxlen: 24
178.78.128.0/18 maxlen: 24
141.136.64.0/19 maxlen: 24
212.34.240.0/21 maxlen: 24
46.162.240.0/20 maxlen: 24
212.34.240.0/20 maxlen: 24
37.252.64.0/19 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.140.0/22 maxlen: 24
185.59.68.0/22 maxlen: 24
5.77.128.0/17 maxlen: 24
46.241.128.0/17 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:45:df:1e:97:b1:98:cf:78:97:92:62:88:6a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Jan 2 02:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2db05394f14518515b4345e424321912cb68dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1a:fe:25:6d:f8:01:8a:bd:06:0a:d8:e2:b9:
39:e7:ec:a0:0f:e6:14:11:10:cd:d4:fa:a9:26:f1:
dd:96:d3:79:c2:64:26:47:a4:0d:8b:fe:b3:6d:ed:
45:a5:7a:ef:b1:d3:81:d3:be:c3:12:cc:2b:74:52:
99:4f:2e:97:99:5d:dd:d9:63:8b:18:29:b7:34:6c:
c1:c3:98:3b:f8:e5:fd:cf:29:f7:b6:5b:a2:03:bb:
b6:b5:a3:bd:41:d6:a3:78:e1:bb:3f:5b:00:ed:fc:
8d:03:a8:e0:bb:dd:d3:8c:a7:59:17:83:d0:0e:59:
bb:ad:b8:4a:f1:f7:f1:d0:f2:d1:cc:85:0b:a6:5e:
5d:72:e3:f7:e2:e0:cf:43:d4:a9:f7:1b:3b:15:10:
93:ff:02:95:ad:b8:78:24:a3:dd:23:fd:30:0f:d1:
c8:61:a8:19:c1:84:fe:ba:b7:2b:d2:b9:8b:ff:f9:
55:fc:ab:10:1c:0b:2b:ea:af:db:12:0a:12:5a:21:
f9:42:95:5b:0f:16:f6:60:57:ff:31:be:1d:ab:9b:
eb:33:b5:cc:72:c9:61:66:6c:8d:3f:60:b1:2e:83:
34:4c:0f:c2:e3:06:67:09:9f:0e:fc:36:a7:ed:34:
5a:79:d4:ab:66:5e:65:43:0b:a6:f5:78:1b:b1:d2:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DB:05:39:4F:14:51:85:15:B4:34:5E:42:43:21:91:2C:B6:8D:AD
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/otsFOU8UUYUVtDReQkMhkSy2ja0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
b4:34:11:79:53:d6:c0:32:43:25:db:3b:cd:d4:51:5a:60:77:
aa:51:48:12:8d:51:d7:19:66:0f:66:af:2f:b1:a1:9b:3f:bb:
2d:58:56:2c:b3:b9:d0:3c:41:8f:90:26:9f:22:b7:7b:96:6f:
53:77:73:c0:1e:e0:ac:76:58:2b:a5:63:25:36:77:93:ec:9a:
aa:60:16:ec:a0:0c:c6:a1:0f:52:b8:7b:a0:7d:fd:38:4b:75:
20:12:15:44:47:2a:05:d2:0b:a7:40:03:0c:a8:bd:03:87:8f:
51:3b:e7:53:89:ed:9a:a2:41:10:df:aa:a8:27:c7:e9:25:fe:
5c:b6:66:dd:c5:3d:62:ac:93:e4:db:9f:f6:28:ac:0b:55:72:
e9:19:df:db:c7:d9:42:f4:d3:6e:6e:44:b5:f3:64:fe:c4:9f:
f2:22:e1:c5:58:2a:ef:ec:ba:4e:53:5f:32:db:b7:cb:c5:1d:
7e:d9:96:4f:22:11:d5:72:64:20:e8:a3:2b:42:01:7d:f5:6d:
75:e9:b3:4d:0d:34:e2:0c:f0:7c:1a:a6:29:bc:dd:19:2d:28:
77:87:f1:01:b5:d6:4c:e5:10:83:88:88:38:8c:7a:61:13:46:
ae:4e:11:d9:32:9c:74:b2:66:e2:eb:6a:5e:8c:69:53:77:c8:
1d:60:be:6f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYzIAkXfHpexmM94l5JiiGrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjQwMTAyMDIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRiMDUzOTRmMTQ1MTg1MTViNDM0NWU0MjQzMjE5MTJjYjY4ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxr+JW34AYq9BgrY4rk55+ygD+YU
ERDN1PqpJvHdltN5wmQmR6QNi/6zbe1FpXrvsdOB077DEswrdFKZTy6XmV3d2WOL
GCm3NGzBw5g7+OX9zyn3tluiA7u2taO9QdajeOG7P1sA7fyNA6jgu93TjKdZF4PQ
Dlm7rbhK8ffx0PLRzIULpl5dcuP34uDPQ9Sp9xs7FRCT/wKVrbh4JKPdI/0wD9HI
YagZwYT+urcr0rmL//lV/KsQHAsr6q/bEgoSWiH5QpVbDxb2YFf/Mb4dq5vrM7XM
cslhZmyNP2CxLoM0TA/C4wZnCZ8O/Dan7TRaedSrZl5lQwum9XgbsdKjNwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFKLbBTlPFFGFFbQ0XkJDIZEsto2tMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvb3RzRk9VOFVVWVVWdERSZVFrTWhrU3kyamEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBuBAIAATBoAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEADBAayToADBAK5O0QDBAC5VsMDBAa8c8ADBAXU
IuAwGwQCAAIwFQMFAyoAzEADBQAqAUoAAwUAKgMQgDANBgkqhkiG9w0BAQsFAAOC
AQEAtDQReVPWwDJDJds7zdRRWmB3qlFIEo1R1xlmD2avL7Ghmz+7LVhWLLO50DxB
j5AmnyK3e5ZvU3dzwB7grHZYK6VjJTZ3k+yaqmAW7KAMxqEPUrh7oH39OEt1IBIV
REcqBdILp0ADDKi9A4ePUTvnU4ntmqJBEN+qqCfH6SX+XLZm3cU9YqyT5Nuf9iis
C1Vy6Rnf28fZQvTTbm5EtfNk/sSf8iLhxVgq7+y6TlNfMtu3y8UdftmWTyIR1XJk
IOijK0IBffVtdemzTQ004gzwfBqmKbzdGS0od4fxAbXWTOUQg4iIOIx6YRNGrk4R
2TKcdLJm4utqXoxpU3fIHWC+bw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:06:42 2024 by rpki-client on console-fra.rpki-client.org