Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O2hPtSUwRpMYBUUojfOqQ_xJfBA.roa
File: O2hPtSUwRpMYBUUojfOqQ_xJfBA.roa (raw, json)
Hash identifier: QMJYLqulGuh5ewEoCcCPTD9JtV0vmq2TrwTODDTXGmI=
Subject key identifier: 3B:68:4F:B5:25:30:46:93:18:05:45:28:8D:F3:AA:43:FC:49:7C:10
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018930B2C8A356541E8AB75C1E99D590E1AB
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O2hPtSUwRpMYBUUojfOqQ_xJfBA.roa
Signing time: Fri 07 Jul 2023 14:12:50 +0000
ROA not before: Fri 07 Jul 2023 14:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
2.58.54.0/24 maxlen: 24
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
5.180.195.0/24 maxlen: 24
5.180.194.0/24 maxlen: 24
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 14 Aug 2023 10:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:b2:c8:a3:56:54:1e:8a:b7:5c:1e:99:d5:90:e1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jul 7 14:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b684fb525304693180545288df3aa43fc497c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:1b:16:85:e1:92:f2:f6:c4:ae:d9:71:77:
cd:09:30:e9:20:1d:72:ce:a7:96:d5:f5:6f:cc:f0:
35:0b:48:30:d7:54:85:77:73:3c:f0:ab:ff:89:d2:
d4:a5:ff:2e:96:c0:a1:d6:ff:44:3c:a9:01:9d:15:
25:ba:97:91:68:32:11:27:0b:d5:a9:8a:ac:6c:20:
4f:37:72:d4:4b:bc:0b:7c:21:56:7c:01:e5:cc:0d:
89:22:c0:e9:eb:ca:9f:b0:d0:ca:53:be:1a:c8:d6:
af:84:35:dd:fe:58:12:71:95:1b:34:4a:e2:96:4d:
4d:ae:73:41:b4:4c:16:8c:69:f5:b7:dc:44:0a:ee:
23:28:e2:ec:48:c1:f2:9c:6c:6a:22:f9:cc:54:b8:
2f:49:b8:54:de:2e:49:b1:0e:4a:23:2d:b5:0a:20:
cd:d8:ac:c4:2b:5b:7a:4b:01:f4:d1:33:1f:42:9e:
7c:3c:36:ee:fc:6d:f5:64:7b:51:98:69:50:31:b2:
ca:a0:b1:2a:6d:bf:d4:37:a5:74:61:08:de:d3:b3:
6e:26:32:53:c5:67:f6:f9:2c:f3:ee:21:cc:40:1a:
14:e8:be:a3:c9:cd:5f:63:60:14:2a:8f:55:ea:7a:
7c:af:f0:d5:a3:b4:5a:1b:c3:2b:0b:04:f8:c3:1c:
71:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:68:4F:B5:25:30:46:93:18:05:45:28:8D:F3:AA:43:FC:49:7C:10
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O2hPtSUwRpMYBUUojfOqQ_xJfBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0-2.58.54.255
5.180.192.0/22
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
64:16:92:ae:80:a8:52:da:4a:ba:52:05:9f:9a:84:55:f7:fd:
36:87:a6:c4:c5:d6:7a:08:24:d9:ab:6e:76:0a:b6:e8:39:f2:
47:0f:45:f3:95:f6:5d:7f:69:cb:4a:5b:5b:99:92:fb:18:77:
44:58:2f:b9:43:bd:c1:c2:4a:ca:0c:ba:f1:22:ee:e2:40:38:
9c:ae:73:8b:5c:04:41:c7:68:d1:74:7a:4f:40:86:ad:92:17:
1d:b2:12:7b:72:46:85:2c:7b:74:9e:7f:92:ff:c2:9f:7b:2c:
7e:0e:6b:42:31:cf:5f:c2:3a:98:02:7c:9f:1b:e3:ab:ba:d5:
60:1a:2e:e8:81:78:a2:ed:b3:69:7e:9c:97:5e:63:3e:5a:9b:
96:f2:20:0b:ef:e1:66:3b:83:43:85:40:c8:a0:ea:72:9a:5d:
7f:90:04:1f:e1:bb:fb:62:91:c5:a2:46:86:1d:7f:61:b5:59:
ff:21:a5:e1:c4:8e:98:6a:6b:c9:3d:c0:4f:0a:84:bb:da:83:
ca:d0:c4:30:32:23:07:d2:90:7e:ed:d9:50:46:73:75:4f:31:
49:d7:e2:4f:de:f7:e7:ed:74:80:97:b9:fa:e5:bf:58:8d:29:
6f:04:62:0a:6c:81:d2:ef:5a:06:13:10:61:55:19:02:36:b4:
6f:4b:b4:cb
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYkwssijVlQeirdcHpnVkOGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNzA3MTQxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY4NGZiNTI1MzA0NjkzMTgwNTQ1Mjg4ZGYzYWE0M2ZjNDk3YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCMbFoXhkvL2xK7ZcXfNCTDpIB1y
zqeW1fVvzPA1C0gw11SFd3M88Kv/idLUpf8ulsCh1v9EPKkBnRUlupeRaDIRJwvV
qYqsbCBPN3LUS7wLfCFWfAHlzA2JIsDp68qfsNDKU74ayNavhDXd/lgScZUbNEri
lk1NrnNBtEwWjGn1t9xECu4jKOLsSMHynGxqIvnMVLgvSbhU3i5JsQ5KIy21CiDN
2KzEK1t6SwH00TMfQp58PDbu/G31ZHtRmGlQMbLKoLEqbb/UN6V0YQje07NuJjJT
xWf2+Szz7iHMQBoU6L6jyc1fY2AUKo9V6np8r/DVo7RaG8MrCwT4wxxxoQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFDtoT7UlMEaTGAVFKI3zqkP8SXwQMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTzJoUHRTVXdScE1ZQlVVb2pmT3FRX3hKZkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAmBAIAATAgMAwDBAICOjQD
BAACOjYDBAIFtMADBAItVnwDBABe9yswLQQCAAIwJwMHACoA+CYACAMHBCoHb8AA
EAMFACoJ4cADBQMqDIkAAwUDKg7egDANBgkqhkiG9w0BAQsFAAOCAQEAZBaSroCo
UtpKulIFn5qEVff9NoemxMXWeggk2atudgq26DnyRw9F85X2XX9py0pbW5mS+xh3
RFgvuUO9wcJKygy68SLu4kA4nK5zi1wEQcdo0XR6T0CGrZIXHbISe3JGhSx7dJ5/
kv/Cn3ssfg5rQjHPX8I6mAJ8nxvjq7rVYBou6IF4ou2zaX6cl15jPlqblvIgC+/h
ZjuDQ4VAyKDqcppdf5AEH+G7+2KRxaJGhh1/YbVZ/yGl4cSOmGpryT3ATwqEu9qD
ytDEMDIjB9KQfu3ZUEZzdU8xSdfiT9735+10gJe5+uW/WI0pbwRiCmyB0u9aBhMQ
YVUZAja0b0u0yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org