Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Oj6ijcS3Ta-SitDVjGIuFVCeJA4.roa
File: Oj6ijcS3Ta-SitDVjGIuFVCeJA4.roa (raw, json)
Hash identifier: FIYPF1thOUlb/Ua2U/zG5daN3N22enP4GHFNbdWtL0g=
Subject key identifier: 3A:3E:A2:8D:C4:B7:4D:AF:92:8A:D0:D5:8C:62:2E:15:50:9E:24:0E
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 01897D91B0EF7A7A668670C71DDC29696924
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Oj6ijcS3Ta-SitDVjGIuFVCeJA4.roa
Signing time: Sat 22 Jul 2023 12:27:27 +0000
ROA not before: Sat 22 Jul 2023 12:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48715
IP address blocks: 78.110.120.0/22 maxlen: 24
185.36.228.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.104.0/24 maxlen: 24
185.141.104.0/22 maxlen: 22
185.141.107.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.173.129.0/24 maxlen: 24
185.173.130.0/24 maxlen: 24
195.211.44.0/24 maxlen: 24
195.211.44.0/22 maxlen: 22
195.211.47.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.169.0/24 maxlen: 24
185.213.195.0/24 maxlen: 24
152.89.44.0/24 maxlen: 24
152.89.44.0/22 maxlen: 22
152.89.47.0/24 maxlen: 24
185.170.8.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.45.0/24 maxlen: 24
185.58.240.0/22 maxlen: 24
185.51.200.0/22 maxlen: 22
185.51.200.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.112.150.0/23 maxlen: 23
185.112.150.0/24 maxlen: 24
185.206.231.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.112.149.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.130.0/23 maxlen: 23
88.135.38.0/24 maxlen: 24
88.135.36.0/22 maxlen: 22
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.132.0/22 maxlen: 22
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.252.200.0/24 maxlen: 24
185.235.245.0/24 maxlen: 24
188.209.152.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
188.209.153.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.128.136.0/22 maxlen: 22
185.128.137.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
2a0a:5e80::/48 maxlen: 48
2a0a:5e80::/64 maxlen: 64
2a0a:5e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Aug 2023 06:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7d:91:b0:ef:7a:7a:66:86:70:c7:1d:dc:29:69:69:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jul 22 12:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3ea28dc4b74daf928ad0d58c622e15509e240e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:be:8d:c8:b8:fa:0a:07:ff:e1:da:1f:30:f7:
58:a5:84:0e:13:f3:c3:d6:13:3c:45:5d:25:8b:1d:
8f:1e:fb:df:9a:18:70:3d:0d:b4:49:e8:a9:f7:46:
23:86:f5:46:3c:0a:46:fb:a8:de:ce:5a:9a:1e:11:
a3:28:6f:28:9d:5b:be:04:c5:80:b0:92:e7:19:1e:
58:5e:d3:a9:26:40:7b:15:d5:ab:5d:f3:50:9e:65:
9f:9c:8b:d9:7f:0e:87:c6:15:01:5b:ff:ee:cd:1f:
8a:ec:4f:ee:8f:df:9c:59:cd:9a:85:48:5e:ce:34:
8c:f4:a2:d5:25:b8:f3:1f:60:f6:05:0a:aa:20:97:
c7:e1:84:bb:f9:4f:be:de:91:86:d8:24:97:1c:ce:
fc:ad:db:fb:a4:5f:45:5c:ba:ec:2a:01:36:a1:a9:
1d:13:0a:90:6d:6d:51:df:fd:d1:02:7a:ea:80:04:
bb:d5:50:bd:36:d2:f2:68:b2:de:ef:3b:7e:e4:08:
1e:4c:c6:23:5f:7d:44:75:1c:e1:7f:6f:be:74:f0:
66:64:52:a3:78:66:da:5f:84:54:61:68:e9:e9:49:
05:d3:d9:df:10:35:92:d6:65:8e:9c:19:d5:23:1a:
ae:14:b2:d3:96:a0:db:95:63:95:42:f1:34:49:e4:
5f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3E:A2:8D:C4:B7:4D:AF:92:8A:D0:D5:8C:62:2E:15:50:9E:24:0E
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Oj6ijcS3Ta-SitDVjGIuFVCeJA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/22
88.135.36.0/22
91.236.168.0/23
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.149.0-185.112.151.255
185.121.130.0/23
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.206.231.0/24
185.213.195.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
195.110.38.0/23
195.211.44.0/22
IPv6:
2a0a:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
05:58:f5:ed:24:a7:90:72:9d:91:70:98:c4:35:a6:cd:c4:a8:
b3:99:8b:af:b8:7c:84:e3:49:08:e3:d8:4a:59:c8:4b:d8:5a:
4f:f8:77:3c:ce:14:05:93:ed:f2:1f:48:c8:99:b9:cc:40:cd:
66:6f:e9:fa:60:94:2f:c8:51:a4:a5:2a:78:f3:fc:45:08:64:
76:bf:b4:0c:6f:ae:b5:06:dc:df:6b:fb:08:9c:39:0a:ba:40:
a0:f7:94:25:d7:b6:42:e0:86:27:5e:32:e4:9b:19:b3:bb:05:
d0:d4:35:c4:9a:dd:db:f1:35:48:8f:9b:cc:f0:58:65:1d:0a:
a7:48:86:5d:21:4a:fa:51:dd:66:1f:04:b0:86:19:f1:e3:f1:
b4:58:61:b6:de:4f:a3:38:52:7b:1c:d0:8d:19:d3:9d:77:29:
72:72:86:47:0c:b4:21:34:30:af:34:95:f1:16:b2:de:1d:81:
26:b8:c2:76:d4:5d:5c:49:03:c2:3b:e3:ff:f9:f3:e9:fb:b1:
14:36:60:a2:ca:fc:c5:fd:0f:f3:43:91:0b:0a:cc:0f:a7:68:
bc:df:16:0c:f8:12:2c:e0:81:04:01:a4:65:96:c6:7b:95:fa:
bd:53:38:c3:99:1f:f7:18:74:39:c2:7d:5a:47:fa:e1:f8:db:
04:8f:d0:6a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYl9kbDvenpmhnDHHdwpaWkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjMwNzIyMTIyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTNlYTI4ZGM0Yjc0ZGFmOTI4YWQwZDU4YzYyMmUxNTUwOWUyNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL6NyLj6Cgf/4dofMPdYpYQOE/PD
1hM8RV0lix2PHvvfmhhwPQ20Seip90YjhvVGPApG+6jezlqaHhGjKG8onVu+BMWA
sJLnGR5YXtOpJkB7FdWrXfNQnmWfnIvZfw6HxhUBW//uzR+K7E/uj9+cWc2ahUhe
zjSM9KLVJbjzH2D2BQqqIJfH4YS7+U++3pGG2CSXHM78rdv7pF9FXLrsKgE2oakd
EwqQbW1R3/3RAnrqgAS71VC9NtLyaLLe7zt+5AgeTMYjX31EdRzhf2++dPBmZFKj
eGbaX4RUYWjp6UkF09nfEDWS1mWOnBnVIxquFLLTlqDblWOVQvE0SeRfXwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFDo+oo3Et02vkorQ1YxiLhVQniQOMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvT2o2aWpjUzNUYS1TaXREVmpHSXVGVkNlSkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAJO
bngDBAJYhyQDBAFb7KgDBAKYWSwDBAK5EtQDBAC5JOQDBAK5M8gDBAK5OvAwDAME
ALlwlQMEA7lwkAMEAbl5ggMEArmAiAMEArmNaAMEArmNhAMEALmqCDAMAwQAua2B
AwQAua2CAwQAuc7nAwQAudXDAwQAuev1AwQAufzIAwQBvNGYAwQBw24mAwQCw9Ms
MA0EAgACMAcDBQMqCl6AMA0GCSqGSIb3DQEBCwUAA4IBAQAFWPXtJKeQcp2RcJjE
NabNxKizmYuvuHyE40kI49hKWchL2FpP+Hc8zhQFk+3yH0jImbnMQM1mb+n6YJQv
yFGkpSp48/xFCGR2v7QMb661Btzfa/sInDkKukCg95Ql17ZC4IYnXjLkmxmzuwXQ
1DXEmt3b8TVIj5vM8FhlHQqnSIZdIUr6Ud1mHwSwhhnx4/G0WGG23k+jOFJ7HNCN
GdOddylycoZHDLQhNDCvNJXxFrLeHYEmuMJ21F1cSQPCO+P/+fPp+7EUNmCiyvzF
/Q/zQ5ELCswPp2i83xYM+BIs4IEEAaRllsZ7lfq9UzjDmR/3GHQ5wn1aR/rh+NsE
j9Bq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:22 2024 by rpki-client on console-fra.rpki-client.org