Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/OOjse1a4Wt9OWkkqq1AU5Wz77SA.roa
File: OOjse1a4Wt9OWkkqq1AU5Wz77SA.roa (raw, json)
Hash identifier: SmFBtOipE3KYLhSPCuneXPack69eoPlSqIDjA1dteI4=
Subject key identifier: 38:E8:EC:7B:56:B8:5A:DF:4E:5A:49:2A:AB:50:14:E5:6C:FB:ED:20
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0191C80D072966D07477BCF6127ACFE5ECDB
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/OOjse1a4Wt9OWkkqq1AU5Wz77SA.roa
Signing time: Fri 06 Sep 2024 15:56:22 +0000
ROA not before: Fri 06 Sep 2024 15:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
176.97.120.0/23 maxlen: 23
176.97.125.0/24 maxlen: 24
176.97.126.0/23 maxlen: 23
176.97.126.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.206.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.212.0/24 maxlen: 24
195.66.213.0/24 maxlen: 24
195.160.220.0/22 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Sep 2024 14:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:0d:07:29:66:d0:74:77:bc:f6:12:7a:cf:e5:ec:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Sep 6 15:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e8ec7b56b85adf4e5a492aab5014e56cfbed20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:36:d0:09:f8:45:fd:ec:13:6f:27:6e:f6:
16:d3:e0:74:2d:30:ab:4d:97:8e:07:55:ff:25:5c:
7c:30:87:fe:ad:4c:ea:7d:ae:c3:8f:2e:e9:cb:8a:
99:2f:f1:99:4d:60:f2:54:e4:62:99:86:8b:8b:69:
0f:d2:65:26:3a:31:8c:77:4d:99:bd:e4:49:4f:09:
e5:dc:13:4d:8b:dc:09:25:54:ea:58:c8:8b:b5:dc:
74:03:dd:2f:7f:ce:dd:3b:03:f9:67:61:42:bd:39:
a6:fa:e1:7b:47:24:26:b2:28:ab:60:9a:29:ce:9c:
d9:dd:0b:95:ff:fa:eb:29:bc:20:e5:9a:fc:39:9d:
03:97:bc:f8:6d:b5:02:52:25:b7:71:80:65:e7:aa:
36:51:20:f6:03:e7:89:86:71:d9:20:47:25:f9:ef:
62:08:ca:a8:a0:10:14:96:fe:58:4e:9a:d3:b4:83:
c8:cc:6a:d7:a5:36:53:d6:8d:af:40:5d:e4:19:21:
94:6e:6d:37:2c:b8:ed:77:a9:99:36:a2:14:b9:db:
86:ef:fc:2e:6a:38:74:9f:90:63:ef:91:f8:d4:db:
3d:9f:d1:93:75:a4:b8:55:fd:35:e9:78:74:98:9a:
f0:cb:05:5a:fb:22:f5:e6:88:63:c7:b8:f0:e1:d6:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E8:EC:7B:56:B8:5A:DF:4E:5A:49:2A:AB:50:14:E5:6C:FB:ED:20
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/OOjse1a4Wt9OWkkqq1AU5Wz77SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
176.97.120.0/23
176.97.125.0-176.97.127.255
185.254.199.0/24
194.42.206.0/23
195.26.86.0/23
195.66.212.0/23
195.160.220.0/22
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
5e:96:7d:a1:dd:f0:d4:3f:48:77:11:57:75:d3:ca:06:61:78:
31:97:d6:e4:aa:66:72:82:e0:e0:1d:3c:39:83:64:72:06:cf:
33:d9:58:7c:da:d1:3f:11:94:1c:07:4a:c4:66:61:59:80:4c:
d3:37:74:9b:c6:6a:d3:da:6c:b2:3c:05:42:66:dd:94:b3:81:
e7:ce:61:89:7a:63:c2:d2:1d:9b:a1:b6:bd:af:18:80:37:b1:
68:13:be:92:3e:51:52:d8:4e:c1:49:52:c7:86:c7:b3:11:34:
e5:3b:2d:a4:1c:3f:e2:61:b4:4b:5b:98:a7:f6:69:6d:b3:a9:
85:76:57:c3:86:7f:1d:52:f2:fd:9e:0a:52:4b:6f:e7:30:b1:
11:8e:e9:d5:9b:af:6a:4b:bd:d8:12:6a:a8:70:a3:64:01:57:
c5:57:db:03:80:d4:7b:0e:be:14:22:13:d4:cd:4a:28:af:96:
98:0e:d7:c4:46:75:f1:00:ac:b4:13:64:2b:c2:4a:8d:0a:de:
d5:a6:f4:f5:5a:ef:bd:b1:fe:1b:ce:81:c4:1e:ad:b2:89:a6:
55:77:be:c8:a3:cf:1a:2f:24:ed:96:1c:98:7e:fa:18:d1:e1:
0b:18:96:47:f7:1b:93:b8:97:58:44:3c:f1:fd:dc:bc:0a:e7:
da:34:4c:f8
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZHIDQcpZtB0d7z2EnrP5ezbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwOTA2MTU1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU4ZWM3YjU2Yjg1YWRmNGU1YTQ5MmFhYjUwMTRlNTZjZmJlZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTc20An4Rf3sE28nbvYW0+B0LTCr
TZeOB1X/JVx8MIf+rUzqfa7Djy7py4qZL/GZTWDyVORimYaLi2kP0mUmOjGMd02Z
veRJTwnl3BNNi9wJJVTqWMiLtdx0A90vf87dOwP5Z2FCvTmm+uF7RyQmsiirYJop
zpzZ3QuV//rrKbwg5Zr8OZ0Dl7z4bbUCUiW3cYBl56o2USD2A+eJhnHZIEcl+e9i
CMqooBAUlv5YTprTtIPIzGrXpTZT1o2vQF3kGSGUbm03LLjtd6mZNqIUuduG7/wu
ajh0n5Bj75H41Ns9n9GTdaS4Vf016Xh0mJrwywVa+yL15ohjx7jw4dbO+wIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFDjo7HtWuFrfTlpJKqtQFOVs++0gMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvT09qc2UxYTRXdDlPV2trcXExQVU1V3o3N1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQALQs4AwQA
LQs7AwQBLYauAwQCW96sAwQBW+rGAwQBsGF4MAwDBACwYX0DBAewYQADBAC5/scD
BAHCKs4DBAHDGlYDBAHDQtQDBALDoNwwDQQCAAIwBwMFACoJLcEwDQYJKoZIhvcN
AQELBQADggEBAF6WfaHd8NQ/SHcRV3XTygZheDGX1uSqZnKC4OAdPDmDZHIGzzPZ
WHza0T8RlBwHSsRmYVmATNM3dJvGatPabLI8BUJm3ZSzgefOYYl6Y8LSHZuhtr2v
GIA3sWgTvpI+UVLYTsFJUseGx7MRNOU7LaQcP+JhtEtbmKf2aW2zqYV2V8OGfx1S
8v2eClJLb+cwsRGO6dWbr2pLvdgSaqhwo2QBV8VX2wOA1HsOvhQiE9TNSiivlpgO
18RGdfEArLQTZCvCSo0K3tWm9PVa772x/hvOgcQerbKJplV3vsijzxovJO2WHJh+
+hjR4QsYlkf3G5O4l1hEPPH93LwK59o0TPg=
-----END CERTIFICATE-----
Generated at Mon Sep 30 20:13:08 2024 by rpki-client on console-ams.rpki-client.org