Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/OT7Q8K7yy1rhE-Ck8NGjqV_1o0s.roa
File: OT7Q8K7yy1rhE-Ck8NGjqV_1o0s.roa (raw, json)
Hash identifier: 6Q8YP/hRDqGVeqnKb+KVlwN4Si6WbjsoOqB02z0obxs=
Subject key identifier: 39:3E:D0:F0:AE:F2:CB:5A:E1:13:E0:A4:F0:D1:A3:A9:5F:F5:A3:4B
Certificate issuer: /CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Certificate serial: 01884D3A4645994BB03A9BD757E55A2430F2
Authority key identifier: F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/OT7Q8K7yy1rhE-Ck8NGjqV_1o0s.roa
Signing time: Wed 24 May 2023 10:07:24 +0000
ROA not before: Wed 24 May 2023 10:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210892
IP address blocks: 79.135.124.0/24 maxlen: 24
5.1.45.0/24 maxlen: 24
79.135.126.0/24 maxlen: 24
109.224.223.0/24 maxlen: 24
109.224.232.0/24 maxlen: 24
2a11:2b07:f003::/48 maxlen: 48
2a11:2b07:f000::/48 maxlen: 48
2a11:2b07:f002::/48 maxlen: 48
2a11:2b07:f001::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:3a:46:45:99:4b:b0:3a:9b:d7:57:e5:5a:24:30:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Validity
Not Before: May 24 10:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=393ed0f0aef2cb5ae113e0a4f0d1a3a95ff5a34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:79:1c:70:5d:c2:47:b9:f6:93:07:fa:9a:9a:
36:00:15:87:53:98:09:a5:dd:86:e2:b1:6f:01:24:
1a:be:63:4f:2b:21:81:b5:aa:d0:88:be:fa:6d:ae:
98:54:14:b2:a2:1b:45:35:6b:ef:89:67:6e:2d:a4:
bc:71:a1:99:39:68:f3:a3:93:d7:fa:e4:d9:8d:34:
9c:b5:52:e1:7f:a3:fa:c8:c7:de:41:e6:ff:b7:bb:
60:be:ef:03:6b:64:1a:29:83:a6:00:5e:8a:ba:bc:
e8:60:db:31:c7:5f:a9:68:7d:99:bf:b2:67:8e:39:
f6:43:88:58:8d:0f:5a:7f:3a:a4:f0:43:0f:5b:68:
be:9f:6d:11:29:b5:bd:a9:30:57:af:bc:7d:13:a3:
3b:5e:85:f8:36:f2:66:93:1a:a6:44:87:16:78:f4:
b1:cb:e3:aa:81:02:c0:24:3d:78:04:ad:0b:62:af:
5d:7e:39:60:6d:73:8e:f2:4c:82:80:55:0f:51:93:
d2:43:fb:74:71:e2:0c:13:35:cf:48:26:83:7e:db:
69:a9:8c:74:83:d3:b2:70:3d:a8:6f:69:35:cb:8a:
08:58:4a:a1:e8:a1:97:37:34:e7:0d:8a:4c:e7:8d:
60:0d:ee:59:cc:d3:24:c5:5f:a4:a8:19:eb:23:18:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3E:D0:F0:AE:F2:CB:5A:E1:13:E0:A4:F0:D1:A3:A9:5F:F5:A3:4B
X509v3 Authority Key Identifier:
keyid:F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/OT7Q8K7yy1rhE-Ck8NGjqV_1o0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.45.0/24
79.135.124.0/24
79.135.126.0/24
109.224.223.0/24
109.224.232.0/24
IPv6:
2a11:2b07:f000::/46
Signature Algorithm: sha256WithRSAEncryption
83:a7:5e:e6:51:78:01:a7:09:4c:1a:40:a4:47:cd:a6:c4:c1:
4a:d0:f1:e7:1b:f7:ae:74:cf:99:42:59:e6:c5:ee:68:88:8a:
98:d9:c6:42:31:3c:03:3b:3f:2b:db:c2:e6:82:9b:4b:39:f7:
2d:fc:ab:e6:ff:98:8a:f9:db:14:72:6f:63:8c:ea:24:27:fb:
41:80:12:ea:c7:9c:cb:8f:69:41:a7:b9:48:0c:3c:c4:1e:55:
f3:08:7b:09:4d:dd:cc:f1:a5:05:ad:6b:64:d1:20:a8:2e:b5:
0c:59:48:c9:7a:77:38:fd:4c:c6:46:a7:92:58:2a:ed:25:a5:
59:eb:d9:24:63:0d:3a:7b:0a:c7:79:47:b7:eb:d2:4e:d1:24:
34:cd:0a:12:d6:15:ec:12:69:6b:c2:1f:ab:25:bc:9a:53:cb:
15:d0:fd:2f:7e:e0:a5:06:fc:31:39:d5:38:d2:c1:d1:ae:c0:
c3:a6:9f:95:ca:ea:95:06:2f:1d:db:47:c3:36:9a:8b:a0:63:
c6:16:66:85:fc:50:49:25:a6:e8:be:6b:7a:98:ea:8a:83:cb:
e6:7f:26:ea:2f:18:a0:54:22:46:5d:39:b1:4a:5f:6d:4d:40:
4c:e8:f1:94:73:85:e2:ec:95:69:b8:cd:37:f2:9f:12:b0:bb:
ab:d7:3b:06
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYhNOkZFmUuwOpvXV+VaJDDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZDU5M2IxYzg3YjgxNzM5ZWM0MTkxMDI5NWJmMzg1ZjJj
OWE5OTIwHhcNMjMwNTI0MTAwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNlZDBmMGFlZjJjYjVhZTExM2UwYTRmMGQxYTNhOTVmZjVhMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3kccF3CR7n2kwf6mpo2ABWHU5gJ
pd2G4rFvASQavmNPKyGBtarQiL76ba6YVBSyohtFNWvviWduLaS8caGZOWjzo5PX
+uTZjTSctVLhf6P6yMfeQeb/t7tgvu8Da2QaKYOmAF6KurzoYNsxx1+paH2Zv7Jn
jjn2Q4hYjQ9afzqk8EMPW2i+n20RKbW9qTBXr7x9E6M7XoX4NvJmkxqmRIcWePSx
y+OqgQLAJD14BK0LYq9dfjlgbXOO8kyCgFUPUZPSQ/t0ceIMEzXPSCaDfttpqYx0
g9OycD2ob2k1y4oIWEqh6KGXNzTnDYpM541gDe5ZzNMkxV+kqBnrIxiqFQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDk+0PCu8sta4RPgpPDRo6lf9aNLMB8GA1UdIwQY
MBaAFPLVk7HIe4FznsQZEClb84XyyamSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTIt
OWI4ZDY4ZWU4N2ZjLzEvT1Q3UThLN3l5MXJoRS1DazhOR2pxVl8xbzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTItOWI4ZDY4ZWU4N2Zj
LzEvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQABQEtAwQA
T4d8AwQAT4d+AwQAbeDfAwQAbeDoMA8EAgACMAkDBwIqESsH8AAwDQYJKoZIhvcN
AQELBQADggEBAIOnXuZReAGnCUwaQKRHzabEwUrQ8ecb9650z5lCWebF7miIipjZ
xkIxPAM7PyvbwuaCm0s59y38q+b/mIr52xRyb2OM6iQn+0GAEurHnMuPaUGnuUgM
PMQeVfMIewlN3czxpQWta2TRIKgutQxZSMl6dzj9TMZGp5JYKu0lpVnr2SRjDTp7
Csd5R7fr0k7RJDTNChLWFewSaWvCH6slvJpTyxXQ/S9+4KUG/DE51TjSwdGuwMOm
n5XK6pUGLx3bR8M2mougY8YWZoX8UEklpui+a3qY6oqDy+Z/JuovGKBUIkZdObFK
X21NQEzo8ZRzheLslWm4zTfynxKwu6vXOwY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:55 2023 by rpki-client on console-ams.rpki-client.org