Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/OesmGC3bxOTv2dvPbZsjZdEzyzQ.roa
File: OesmGC3bxOTv2dvPbZsjZdEzyzQ.roa (raw, json)
Hash identifier: TOC8LbExGwbj6pEyTMkbq8guip/dQnll4LUhIF9P4/4=
Subject key identifier: 39:EB:26:18:2D:DB:C4:E4:EF:D9:DB:CF:6D:9B:23:65:D1:33:CB:34
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 0185723A154A057BE0D0EF63269190B978AD
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/OesmGC3bxOTv2dvPbZsjZdEzyzQ.roa
Signing time: Mon 02 Jan 2023 11:24:47 +0000
ROA not before: Mon 02 Jan 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43700
IP address blocks: 185.246.242.0/23 maxlen: 23
31.172.224.0/23 maxlen: 23
31.172.224.0/22 maxlen: 22
31.172.226.0/23 maxlen: 23
185.252.204.0/23 maxlen: 23
185.252.204.0/22 maxlen: 22
185.252.206.0/23 maxlen: 23
185.246.240.0/22 maxlen: 22
185.246.240.0/23 maxlen: 23
185.252.108.0/22 maxlen: 22
185.252.108.0/23 maxlen: 23
185.252.110.0/23 maxlen: 23
45.84.244.0/23 maxlen: 23
45.84.244.0/22 maxlen: 22
95.215.140.0/23 maxlen: 23
95.215.140.0/22 maxlen: 22
95.215.142.0/23 maxlen: 23
78.158.0.0/19 maxlen: 19
78.158.0.0/20 maxlen: 20
91.200.252.0/22 maxlen: 22
91.200.252.0/23 maxlen: 23
91.200.254.0/23 maxlen: 23
78.158.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:15:4a:05:7b:e0:d0:ef:63:26:91:90:b9:78:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39eb26182ddbc4e4efd9dbcf6d9b2365d133cb34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cf:6b:5f:40:c6:74:3f:6c:aa:6f:72:c1:e0:
a7:43:2f:3c:0f:c0:cd:35:5a:30:7f:96:55:c6:2c:
e1:bd:1a:0d:8a:9b:ee:03:c6:b9:8f:d0:d1:3d:ee:
ed:b1:9e:c8:28:a4:22:91:a7:b6:8a:42:d2:2b:1b:
17:63:cf:5e:24:ba:bf:e3:6f:14:97:93:92:87:ff:
40:21:0e:ef:56:0d:c6:89:ca:9f:80:89:6f:2f:e2:
66:99:46:a0:83:8e:bd:d4:0e:61:e5:75:71:e1:87:
78:14:fb:bb:bc:9d:85:ea:0a:af:ef:17:16:06:01:
16:76:58:d3:db:d5:3e:2a:c6:48:ae:63:16:74:78:
b2:ce:cb:a2:d8:10:1f:57:41:5b:1f:21:ab:10:64:
ee:44:b1:fc:59:23:6a:f0:26:44:40:a7:04:93:3e:
ec:0e:35:73:c1:a2:cd:85:53:af:38:b1:d7:19:d4:
68:5a:12:1c:9d:b8:de:00:c0:59:c6:f8:2b:cf:84:
e9:3d:7f:a9:b2:44:e7:46:06:af:d2:29:63:7e:78:
94:5a:1c:5e:e0:53:71:11:3b:e8:72:e9:95:87:b0:
11:29:17:4f:aa:36:3e:d4:36:2b:be:a6:7b:3b:50:
54:2c:94:3f:d5:6d:8d:23:0e:cf:0f:4e:24:8f:51:
01:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EB:26:18:2D:DB:C4:E4:EF:D9:DB:CF:6D:9B:23:65:D1:33:CB:34
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/OesmGC3bxOTv2dvPbZsjZdEzyzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.224.0/22
45.84.244.0/22
78.158.0.0/19
91.200.252.0/22
95.215.140.0/22
185.246.240.0/22
185.252.108.0/22
185.252.204.0/22
Signature Algorithm: sha256WithRSAEncryption
39:ea:82:3e:2d:71:57:d2:39:5b:7e:be:59:cf:b3:08:ef:b6:
1d:a5:7b:fe:95:3a:19:38:e5:1c:17:3a:a6:c7:8b:79:22:16:
7e:9e:54:11:67:17:66:71:15:7b:fc:69:ff:7c:05:05:3b:7f:
95:e1:dc:7c:db:45:05:50:30:1d:cf:a2:f9:6f:9c:ec:26:3a:
89:6d:42:92:39:fc:2b:19:24:0d:8e:cf:77:67:94:a7:f1:9a:
87:cd:c6:a0:b9:26:7a:67:77:77:e6:8f:80:8b:69:d9:17:f0:
5d:ba:77:31:3c:b6:d9:7c:14:f7:b7:15:45:90:02:67:79:4a:
28:48:f5:8c:97:35:05:e3:e9:63:eb:7a:ca:72:2e:22:6f:8b:
e5:e3:fe:ec:a8:2d:ea:1b:d8:9d:a2:fe:ce:14:bd:ff:34:32:
c2:e5:82:60:57:29:dc:c8:cf:8b:4e:77:1d:11:57:a9:93:1f:
ce:7e:c6:0b:36:a1:6c:31:30:6b:de:91:88:7f:64:34:90:31:
9a:d3:60:7b:8a:a4:de:7c:d6:5b:db:70:31:39:ae:44:26:b0:
b3:bc:c4:29:ae:2b:b5:8a:19:68:f6:00:e0:9f:d6:ad:69:6a:
30:fe:a1:74:ab:ed:20:ec:a4:cf:92:46:87:f8:c5:4a:1c:aa:
56:b2:92:88
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVyOhVKBXvg0O9jJpGQuXitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjMwMTAyMTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWViMjYxODJkZGJjNGU0ZWZkOWRiY2Y2ZDliMjM2NWQxMzNjYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm89rX0DGdD9sqm9yweCnQy88D8DN
NVowf5ZVxizhvRoNipvuA8a5j9DRPe7tsZ7IKKQikae2ikLSKxsXY89eJLq/428U
l5OSh/9AIQ7vVg3GicqfgIlvL+JmmUagg4691A5h5XVx4Yd4FPu7vJ2F6gqv7xcW
BgEWdljT29U+KsZIrmMWdHiyzsui2BAfV0FbHyGrEGTuRLH8WSNq8CZEQKcEkz7s
DjVzwaLNhVOvOLHXGdRoWhIcnbjeAMBZxvgrz4TpPX+pskTnRgav0iljfniUWhxe
4FNxETvocumVh7ARKRdPqjY+1DYrvqZ7O1BULJQ/1W2NIw7PD04kj1EBQQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDnrJhgt28Tk79nbz22bI2XRM8s0MB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvT2VzbUdDM2J4T1R2MmR2UGJac2paZEV6eXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCH6zgAwQC
LVT0AwQFTp4AAwQCW8j8AwQCX9eMAwQCufbwAwQCufxsAwQCufzMMA0GCSqGSIb3
DQEBCwUAA4IBAQA56oI+LXFX0jlbfr5Zz7MI77YdpXv+lToZOOUcFzqmx4t5IhZ+
nlQRZxdmcRV7/Gn/fAUFO3+V4dx820UFUDAdz6L5b5zsJjqJbUKSOfwrGSQNjs93
Z5Sn8ZqHzcaguSZ6Z3d35o+Ai2nZF/BduncxPLbZfBT3txVFkAJneUooSPWMlzUF
4+lj63rKci4ib4vl4/7sqC3qG9idov7OFL3/NDLC5YJgVyncyM+LTncdEVepkx/O
fsYLNqFsMTBr3pGIf2Q0kDGa02B7iqTefNZb23AxOa5EJrCzvMQpriu1ihlo9gDg
n9ataWow/qF0q+0g7KTPkkaH+MVKHKpWspKI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:29 2024 by rpki-client on console-ams.rpki-client.org