Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/OhD6PDYC3Sq9NzIu9fCmvaR5ls8.roa
File: OhD6PDYC3Sq9NzIu9fCmvaR5ls8.roa (raw, json)
Hash identifier: F0/7xhOBhsoksL6tbj+v802POK5+g2/n9VIP49iXAXs=
Subject key identifier: 3A:10:FA:3C:36:02:DD:2A:BD:37:32:2E:F5:F0:A6:BD:A4:79:96:CF
Certificate issuer: /CN=98cd3ebd65ed3d9aae079a0e24d7132d9a71aab8
Certificate serial: 01920BF575613A696C19EE95FFB6C8F58A04
Authority key identifier: 98:CD:3E:BD:65:ED:3D:9A:AE:07:9A:0E:24:D7:13:2D:9A:71:AA:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mM0-vWXtPZquB5oOJNcTLZpxqrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/OhD6PDYC3Sq9NzIu9fCmvaR5ls8.roa
Signing time: Thu 19 Sep 2024 20:24:48 +0000
ROA not before: Thu 19 Sep 2024 20:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25220
IP address blocks: 62.102.192.0/19 maxlen: 24
82.145.192.0/20 maxlen: 24
85.197.96.0/21 maxlen: 24
85.197.104.0/21 maxlen: 24
185.56.228.0/22 maxlen: 24
193.106.16.0/22 maxlen: 24
193.254.212.0/23 maxlen: 24
195.135.224.0/22 maxlen: 24
2001:4b38::/32 maxlen: 48
2001:4b39::/32 maxlen: 48
2001:4b3a::/32 maxlen: 48
2001:4b3b::/32 maxlen: 48
2a00:9e00::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Sep 2024 11:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0b:f5:75:61:3a:69:6c:19:ee:95:ff:b6:c8:f5:8a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98cd3ebd65ed3d9aae079a0e24d7132d9a71aab8
Validity
Not Before: Sep 19 20:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a10fa3c3602dd2abd37322ef5f0a6bda47996cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5e:f0:9e:44:f4:db:3a:29:e4:65:82:73:8a:
29:54:8d:ad:b4:6d:62:7c:63:10:42:3b:4f:b4:1e:
1a:49:9d:5a:0d:11:63:56:50:09:7e:c8:6c:6d:87:
65:57:44:91:38:05:22:10:c1:f7:15:e4:a5:32:ae:
9e:b4:43:79:e0:49:77:a1:57:cb:c1:60:bf:32:9b:
95:3c:d4:86:9e:02:71:24:d7:77:ff:8e:ae:fe:3b:
50:96:37:99:16:b4:76:e1:c9:12:2a:bb:6f:49:c0:
bd:3f:b7:b0:1a:77:c4:ea:fe:9c:38:db:c6:6f:4b:
1c:67:d9:09:92:8e:2a:c5:63:b1:9f:ba:24:17:3f:
de:3c:b9:8a:e6:e0:6c:84:80:36:2a:ce:29:ac:21:
cc:21:92:2d:ab:e1:42:8d:b0:e2:28:6b:5b:5e:9a:
72:5e:78:8f:38:6e:b1:b8:58:f0:64:19:94:7f:4f:
91:8e:5f:66:65:ff:a7:d3:a2:7e:d2:23:83:1c:b3:
63:da:69:cd:7c:56:de:d4:5e:d1:32:f8:ec:6f:ce:
34:53:91:95:f1:a0:07:a4:9c:19:26:2e:20:47:26:
3f:ca:5d:10:99:49:ca:9f:b4:6d:8b:ed:75:86:3b:
bd:87:16:fe:18:7d:70:17:a7:41:cf:8c:4c:71:43:
d3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:10:FA:3C:36:02:DD:2A:BD:37:32:2E:F5:F0:A6:BD:A4:79:96:CF
X509v3 Authority Key Identifier:
keyid:98:CD:3E:BD:65:ED:3D:9A:AE:07:9A:0E:24:D7:13:2D:9A:71:AA:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mM0-vWXtPZquB5oOJNcTLZpxqrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/OhD6PDYC3Sq9NzIu9fCmvaR5ls8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ccc645-5323-4b20-b475-f37705361cf8/1/mM0-vWXtPZquB5oOJNcTLZpxqrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.192.0/19
82.145.192.0/20
85.197.96.0/20
185.56.228.0/22
193.106.16.0/22
193.254.212.0/23
195.135.224.0/22
IPv6:
2001:4b38::/30
2a00:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
91:61:27:df:0f:e0:05:1c:f4:73:7a:aa:c5:bb:1c:b1:0c:2a:
a4:50:ed:50:da:06:ab:37:ff:bf:e6:f4:b5:e1:6c:03:e1:ab:
49:55:f9:8d:d7:e6:97:76:29:18:80:d3:76:f7:0e:9d:64:2c:
c8:89:c0:37:82:e2:a6:35:ea:3c:8f:a9:ab:de:dd:37:3b:ae:
c6:8f:85:db:67:39:40:f4:b7:a8:25:c7:dd:1b:74:f0:e2:62:
c6:e5:fb:8d:a3:7f:96:15:bc:5d:1e:f8:10:40:95:dc:27:aa:
0c:c3:cf:e8:be:70:83:bd:f3:19:e6:f1:b2:2c:62:d8:3e:14:
1f:66:8f:74:62:7f:51:cd:19:df:19:75:d3:f7:6e:ea:7e:c3:
fc:02:23:7f:82:9c:44:83:87:24:ff:60:61:21:c0:7c:f3:b5:
e5:3c:e3:71:59:62:ac:ba:00:82:f0:68:09:63:32:49:0d:ea:
69:22:16:38:50:6e:9f:70:93:58:85:bb:38:63:ba:77:96:69:
24:e3:fc:c9:3d:d7:c1:c9:fd:3b:ef:68:0f:ec:53:b8:ad:16:
f5:db:93:3d:73:3f:55:6a:76:17:47:83:c5:4c:8b:4e:3d:7a:
9e:bd:29:0a:c6:9e:e9:94:4a:b3:b3:df:86:73:d8:80:e7:10:
b1:1e:f7:0c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZIL9XVhOmlsGe6V/7bI9YoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4Y2QzZWJkNjVlZDNkOWFhZTA3OWEwZTI0ZDcxMzJkOWE3
MWFhYjgwHhcNMjQwOTE5MjAyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTEwZmEzYzM2MDJkZDJhYmQzNzMyMmVmNWYwYTZiZGE0Nzk5NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF7wnkT02zop5GWCc4opVI2ttG1i
fGMQQjtPtB4aSZ1aDRFjVlAJfshsbYdlV0SROAUiEMH3FeSlMq6etEN54El3oVfL
wWC/MpuVPNSGngJxJNd3/46u/jtQljeZFrR24ckSKrtvScC9P7ewGnfE6v6cONvG
b0scZ9kJko4qxWOxn7okFz/ePLmK5uBshIA2Ks4prCHMIZItq+FCjbDiKGtbXppy
XniPOG6xuFjwZBmUf0+Rjl9mZf+n06J+0iODHLNj2mnNfFbe1F7RMvjsb840U5GV
8aAHpJwZJi4gRyY/yl0QmUnKn7Rti+11hju9hxb+GH1wF6dBz4xMcUPTqwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDoQ+jw2At0qvTcyLvXwpr2keZbPMB8GA1UdIwQY
MBaAFJjNPr1l7T2argeaDiTXEy2acaq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU0wLXZXWHRQWnF1QjVvT0pOY1RMWnB4cXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9jY2M2NDUtNTMyMy00YjIwLWI0NzUt
ZjM3NzA1MzYxY2Y4LzEvT2hENlBEWUMzU3E5TnpJdTlmQ212YVI1bHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9jY2M2NDUtNTMyMy00YjIwLWI0NzUtZjM3NzA1MzYxY2Y4
LzEvbU0wLXZXWHRQWnF1QjVvT0pOY1RMWnB4cXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFPmbAAwQE
UpHAAwQEVcVgAwQCuTjkAwQCwWoQAwQBwf7UAwQCw4fgMBQEAgACMA4DBQIgAUs4
AwUAKgCeADANBgkqhkiG9w0BAQsFAAOCAQEAkWEn3w/gBRz0c3qqxbscsQwqpFDt
UNoGqzf/v+b0teFsA+GrSVX5jdfml3YpGIDTdvcOnWQsyInAN4LipjXqPI+pq97d
Nzuuxo+F22c5QPS3qCXH3Rt08OJixuX7jaN/lhW8XR74EECV3CeqDMPP6L5wg73z
Gebxsixi2D4UH2aPdGJ/Uc0Z3xl10/du6n7D/AIjf4KcRIOHJP9gYSHAfPO15Tzj
cVlirLoAgvBoCWMySQ3qaSIWOFBun3CTWIW7OGO6d5ZpJOP8yT3Xwcn9O+9oD+xT
uK0W9duTPXM/VWp2F0eDxUyLTj16nr0pCsae6ZRKs7PfhnPYgOcQsR73DA==
-----END CERTIFICATE-----
Generated at Sun Sep 22 13:41:08 2024 by rpki-client on console-fra.rpki-client.org