Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oP8N1lZBMsNeyzpibBDicqBEizU.roa
File: oP8N1lZBMsNeyzpibBDicqBEizU.roa (raw, json)
Hash identifier: iWxFjHSQMho/haxpx772IiEwAPk3CT8LOZ2aE9e2YYQ=
Subject key identifier: A0:FF:0D:D6:56:41:32:C3:5E:CB:3A:62:6C:10:E2:72:A0:44:8B:35
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C9202131C150ACE68C1BF0001C5F28CC0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oP8N1lZBMsNeyzpibBDicqBEizU.roa
Signing time: Fri 22 Dec 2023 14:50:58 +0000
ROA not before: Fri 22 Dec 2023 14:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.240.0/22 maxlen: 22
178.210.238.0/23 maxlen: 23
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
178.210.244.0/22 maxlen: 22
178.210.251.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:02:13:1c:15:0a:ce:68:c1:bf:00:01:c5:f2:8c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 22 14:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0ff0dd6564132c35ecb3a626c10e272a0448b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:26:f1:97:74:4d:fa:59:16:04:a2:ad:85:93:
dc:50:ce:2a:34:b6:7a:e4:4d:1d:00:ec:d1:36:45:
7f:82:62:14:8f:c2:6c:90:c4:f5:58:e7:74:6b:6d:
66:11:e4:0d:90:ec:17:f3:60:26:c2:02:c1:51:04:
d0:3b:4d:fa:59:23:2d:58:90:79:12:ac:b3:e6:41:
c9:b3:90:42:d4:ed:aa:3c:49:d3:fa:95:ed:12:3a:
c7:2c:5f:bd:00:a9:e2:fd:d0:eb:2d:65:a1:6d:b4:
17:2b:e7:d3:ff:2d:ab:cb:f4:79:e4:5a:59:3d:95:
c7:3d:24:22:54:8d:48:9a:da:0a:15:79:7b:44:e1:
57:c0:57:c2:2e:f6:83:46:68:4b:6e:53:35:a7:b6:
b0:c3:55:3c:de:ce:32:2c:81:05:d0:6f:1d:a9:08:
c2:76:c7:d7:e2:ec:6b:44:9c:de:2c:c1:3d:2e:66:
d2:b9:ff:f1:4e:b8:49:a2:a0:07:d1:b0:1a:38:3f:
8e:34:ba:59:0a:64:e9:94:c3:87:dd:95:ec:0a:ce:
56:d6:d8:63:f9:2a:f6:bc:9c:f5:c6:93:95:14:36:
e3:79:03:6b:62:91:74:87:be:c2:8b:9e:ef:f4:dc:
b9:96:79:b5:aa:18:51:64:42:50:7a:d2:fe:23:fe:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FF:0D:D6:56:41:32:C3:5E:CB:3A:62:6C:10:E2:72:A0:44:8B:35
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/oP8N1lZBMsNeyzpibBDicqBEizU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
178.210.224.0/23
178.210.238.0-178.210.251.255
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
23:13:2a:a9:cb:e2:1c:c2:f1:d1:55:80:34:9c:0a:e6:18:3c:
de:23:5a:a9:8d:f6:fb:e2:61:31:47:d7:32:38:db:89:56:1a:
04:2a:b8:87:f5:e0:89:ae:78:65:9c:88:3d:54:d2:04:4a:51:
40:00:d8:61:bd:0c:cc:8d:d9:6c:09:bb:f4:be:a8:be:44:4f:
21:5b:14:15:3b:46:b2:f1:46:a4:a4:50:34:08:e0:5d:42:80:
8b:21:01:3b:11:ca:83:28:c4:d6:84:26:2b:dd:be:ec:60:fd:
61:95:52:3b:33:3c:87:ad:82:dc:36:c4:cb:e9:f3:a4:e2:6d:
c1:ff:69:4f:a8:e8:86:8d:48:87:e9:a4:14:82:59:31:61:d0:
d2:24:e7:d4:e3:1d:61:ad:f8:18:3d:ed:f7:40:5f:3a:7a:a0:
ba:b9:c7:ca:3c:24:4d:82:c1:6d:fc:13:fd:b8:e6:09:c1:18:
0a:99:09:cd:07:dd:f9:bc:18:43:13:0f:59:86:4b:a4:8e:27:
db:30:de:ab:6e:59:33:aa:d1:3e:14:2d:e8:aa:81:71:90:be:
7f:3f:2a:10:bb:b0:b4:59:40:f4:e6:e9:d6:69:59:e1:9d:51:
a6:ca:32:e4:f4:eb:7c:bd:88:51:66:bd:7f:fe:11:58:03:ae:
57:66:85:89
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYySAhMcFQrOaMG/AAHF8ozAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjIyMTQ1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZmMGRkNjU2NDEzMmMzNWVjYjNhNjI2YzEwZTI3MmEwNDQ4YjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCbxl3RN+lkWBKKthZPcUM4qNLZ6
5E0dAOzRNkV/gmIUj8JskMT1WOd0a21mEeQNkOwX82AmwgLBUQTQO036WSMtWJB5
Eqyz5kHJs5BC1O2qPEnT+pXtEjrHLF+9AKni/dDrLWWhbbQXK+fT/y2ry/R55FpZ
PZXHPSQiVI1ImtoKFXl7ROFXwFfCLvaDRmhLblM1p7aww1U83s4yLIEF0G8dqQjC
dsfX4uxrRJzeLME9LmbSuf/xTrhJoqAH0bAaOD+ONLpZCmTplMOH3ZXsCs5W1thj
+Sr2vJz1xpOVFDbjeQNrYpF0h77Ci57v9Ny5lnm1qhhRZEJQetL+I/6c5wIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFKD/DdZWQTLDXss6YmwQ4nKgRIs1MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvb1A4TjFsWkJNc05leXpwaWJCRGljcUJFaXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFjRwQME
AFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAbLS4DAMAwQBstLuAwQCstL4
AwQDsvjIAwQAwYp9MA0EAgACMAcDBQMqAB9AMA0GCSqGSIb3DQEBCwUAA4IBAQAj
Eyqpy+IcwvHRVYA0nArmGDzeI1qpjfb74mExR9cyONuJVhoEKriH9eCJrnhlnIg9
VNIESlFAANhhvQzMjdlsCbv0vqi+RE8hWxQVO0ay8UakpFA0COBdQoCLIQE7EcqD
KMTWhCYr3b7sYP1hlVI7MzyHrYLcNsTL6fOk4m3B/2lPqOiGjUiH6aQUglkxYdDS
JOfU4x1hrfgYPe33QF86eqC6ucfKPCRNgsFt/BP9uOYJwRgKmQnNB935vBhDEw9Z
hkukjifbMN6rblkzqtE+FC3oqoFxkL5/PyoQu7C0WUD05unWaVnhnVGmyjLk9Ot8
vYhRZr1//hFYA65XZoWJ
-----END CERTIFICATE-----
Generated at Thu Dec 28 18:50:30 2023 by rpki-client on console-ams.rpki-client.org