Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/oPXN-O-ZkIzngBFEEOa5yBu5ug4.roa
File: oPXN-O-ZkIzngBFEEOa5yBu5ug4.roa (raw, json)
Hash identifier: YmgA0VkSijBjoWglfTjJmAaywYnZzNxx4n/uvzOOyCY=
Subject key identifier: A0:F5:CD:F8:EF:99:90:8C:E7:80:11:44:10:E6:B9:C8:1B:B9:BA:0E
Certificate issuer: /CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Certificate serial: 01856DC1CA5CE4C6EED562B8995E19BE825D
Authority key identifier: F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/oPXN-O-ZkIzngBFEEOa5yBu5ug4.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206262
IP address blocks: 185.171.60.0/24 maxlen: 24
185.171.60.0/22 maxlen: 22
185.171.62.0/24 maxlen: 24
185.171.61.0/24 maxlen: 24
185.171.63.0/24 maxlen: 24
37.26.64.0/24 maxlen: 24
37.26.64.0/21 maxlen: 21
37.26.71.0/24 maxlen: 24
37.26.70.0/24 maxlen: 24
37.26.66.0/24 maxlen: 24
37.26.65.0/24 maxlen: 24
37.26.67.0/24 maxlen: 24
37.26.69.0/24 maxlen: 24
37.26.68.0/24 maxlen: 24
185.191.164.0/24 maxlen: 24
185.191.164.0/22 maxlen: 22
185.191.166.0/24 maxlen: 24
185.191.165.0/24 maxlen: 24
87.238.208.0/24 maxlen: 24
185.174.208.0/24 maxlen: 24
87.238.208.0/21 maxlen: 21
185.174.208.0/22 maxlen: 22
185.191.167.0/24 maxlen: 24
87.238.210.0/24 maxlen: 24
185.174.210.0/24 maxlen: 24
185.174.211.0/24 maxlen: 24
87.238.209.0/24 maxlen: 24
185.174.209.0/24 maxlen: 24
87.238.212.0/24 maxlen: 24
87.238.213.0/24 maxlen: 24
87.238.211.0/24 maxlen: 24
87.238.215.0/24 maxlen: 24
87.238.214.0/24 maxlen: 24
95.86.41.0/24 maxlen: 24
95.86.40.0/22 maxlen: 22
95.86.40.0/24 maxlen: 24
95.86.43.0/24 maxlen: 24
95.86.42.0/24 maxlen: 24
95.86.57.0/24 maxlen: 24
95.86.56.0/24 maxlen: 24
95.86.56.0/22 maxlen: 24
95.86.58.0/24 maxlen: 24
95.86.59.0/24 maxlen: 24
185.186.81.0/24 maxlen: 24
185.186.80.0/22 maxlen: 22
185.186.80.0/24 maxlen: 24
185.186.83.0/24 maxlen: 24
185.186.82.0/24 maxlen: 24
5.206.232.0/21 maxlen: 21
5.206.232.0/24 maxlen: 24
5.206.233.0/24 maxlen: 24
5.206.234.0/24 maxlen: 24
5.206.236.0/24 maxlen: 24
5.206.235.0/24 maxlen: 24
5.206.238.0/24 maxlen: 24
5.206.237.0/24 maxlen: 24
5.206.239.0/24 maxlen: 24
185.179.28.0/22 maxlen: 22
185.179.29.0/24 maxlen: 24
185.179.28.0/24 maxlen: 24
185.179.30.0/24 maxlen: 24
185.179.31.0/24 maxlen: 24
2a0c:b340::/32 maxlen: 32
2a0c:b342::/32 maxlen: 32
2a0c:b343::/32 maxlen: 32
2a0c:b344::/32 maxlen: 32
2a0c:b340::/29 maxlen: 29
2a0c:b341::/32 maxlen: 32
2a0c:b340::/48 maxlen: 48
2a0c:b340:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ca:5c:e4:c6:ee:d5:62:b8:99:5e:19:be:82:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0f5cdf8ef99908ce780114410e6b9c81bb9ba0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:32:a2:c0:d0:71:95:62:7c:b6:65:32:6c:37:
e4:1c:92:f3:ae:ad:e4:2f:f0:85:6f:37:2c:88:b7:
c3:9f:9c:53:d1:1b:f0:f9:11:a1:a3:51:b9:75:64:
0b:a8:04:16:a9:2c:ef:d5:67:b7:44:00:f6:da:52:
a4:f4:4d:0f:52:a9:ee:2f:23:45:46:a8:5a:8a:6f:
cb:52:19:19:36:f0:04:a5:8f:17:ea:1d:58:ab:c0:
88:28:4d:99:16:4f:b5:77:3a:26:ed:52:6a:8c:97:
17:2a:06:e5:b2:96:b7:b0:72:c4:d6:d7:a7:bf:a8:
70:e7:87:ea:27:02:0a:32:ea:db:86:0e:fe:47:9a:
66:16:56:c8:20:75:c4:48:3c:3d:ec:ae:7d:66:72:
cd:f9:9d:98:6d:fe:21:bc:08:b6:81:e3:c6:bc:8a:
dd:45:09:03:d8:8c:a6:d5:27:02:56:a5:da:72:80:
83:fb:79:1f:5e:4a:29:44:00:50:70:56:05:ec:c1:
8c:98:47:ab:89:25:5c:c6:ec:c2:53:6b:58:83:30:
8a:76:a8:e8:8d:93:0e:f8:88:52:58:b1:b6:ea:3b:
4d:0a:7a:d9:af:a4:18:1a:b1:d0:c9:ec:77:de:0f:
6f:c0:54:ef:1a:15:17:c9:2b:13:49:a8:71:a2:a8:
01:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F5:CD:F8:EF:99:90:8C:E7:80:11:44:10:E6:B9:C8:1B:B9:BA:0E
X509v3 Authority Key Identifier:
keyid:F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/oPXN-O-ZkIzngBFEEOa5yBu5ug4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/9drwuiHpAgJZfuR-CfaHf-I8Kp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.232.0/21
37.26.64.0/21
87.238.208.0/21
95.86.40.0/22
95.86.56.0/22
185.171.60.0/22
185.174.208.0/22
185.179.28.0/22
185.186.80.0/22
185.191.164.0/22
IPv6:
2a0c:b340::/29
Signature Algorithm: sha256WithRSAEncryption
06:2c:46:88:1c:9c:71:9d:13:dc:34:c9:33:53:5f:12:cc:40:
40:c2:fc:d3:d5:f0:d6:9c:61:5d:a0:db:b8:95:00:f2:e6:2f:
c4:75:af:f9:06:a7:91:d4:4e:cc:3f:db:21:a4:be:5c:7a:66:
40:9b:1e:c2:0c:eb:94:25:64:6a:47:73:4d:66:bb:ce:75:cd:
f3:bd:fe:e9:92:29:7c:7f:aa:53:93:15:d9:87:46:aa:03:f8:
2e:ad:8f:e8:7f:f7:d4:28:2b:4a:dd:85:a5:4f:68:da:c1:df:
77:a6:bd:ba:66:c7:da:b5:d5:82:da:72:86:90:c5:74:ff:3f:
cd:5a:af:7c:68:45:93:1b:c4:cd:a0:ed:63:c6:7a:50:51:a8:
b7:53:04:28:94:c5:70:17:70:ca:bc:52:7c:bc:73:16:40:f2:
41:75:7b:62:7b:0c:0f:7a:b8:1f:71:fa:7b:b2:9e:50:02:27:
7b:e4:91:9a:d0:ac:c7:29:49:bc:62:5d:16:c3:de:87:a6:6f:
eb:64:bf:42:32:c2:87:8c:57:da:f1:b8:55:19:a3:cc:6c:d0:
20:25:73:c6:00:4f:4b:60:84:3a:93:82:54:00:52:ed:13:9e:
35:c5:a5:9d:6e:7b:a8:9f:ce:d3:8f:d2:d5:b9:0f:64:b3:0f:
ee:12:de:c4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVtwcpc5Mbu1WK4mV4ZvoJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZGFmMGJhMjFlOTAyMDI1OTdlZTQ3ZTA5ZjY4NzdmZTIz
YzJhOWYwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGY1Y2RmOGVmOTk5MDhjZTc4MDExNDQxMGU2YjljODFiYjliYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTKiwNBxlWJ8tmUybDfkHJLzrq3k
L/CFbzcsiLfDn5xT0Rvw+RGho1G5dWQLqAQWqSzv1We3RAD22lKk9E0PUqnuLyNF
Rqhaim/LUhkZNvAEpY8X6h1Yq8CIKE2ZFk+1dzom7VJqjJcXKgblspa3sHLE1ten
v6hw54fqJwIKMurbhg7+R5pmFlbIIHXESDw97K59ZnLN+Z2Ybf4hvAi2gePGvIrd
RQkD2Iym1ScCVqXacoCD+3kfXkopRABQcFYF7MGMmEeriSVcxuzCU2tYgzCKdqjo
jZMO+IhSWLG26jtNCnrZr6QYGrHQyex33g9vwFTvGhUXySsTSahxoqgBmQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKD1zfjvmZCM54ARRBDmucgbuboOMB8GA1UdIwQY
MBaAFPXa8Loh6QICWX7kfgn2h3/iPCqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODIt
Y2ZlMmE5NjU3YzI2LzEvb1BYTi1PLVprSXpuZ0JGRUVPYTV5QnU1dWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODItY2ZlMmE5NjU3YzI2
LzEvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBc7oAwQD
JRpAAwQDV+7QAwQCX1YoAwQCX1Y4AwQCuas8AwQCua7QAwQCubMcAwQCubpQAwQC
ub+kMA0EAgACMAcDBQMqDLNAMA0GCSqGSIb3DQEBCwUAA4IBAQAGLEaIHJxxnRPc
NMkzU18SzEBAwvzT1fDWnGFdoNu4lQDy5i/Eda/5BqeR1E7MP9shpL5cemZAmx7C
DOuUJWRqR3NNZrvOdc3zvf7pkil8f6pTkxXZh0aqA/gurY/of/fUKCtK3YWlT2ja
wd93pr26ZsfatdWC2nKGkMV0/z/NWq98aEWTG8TNoO1jxnpQUai3UwQolMVwF3DK
vFJ8vHMWQPJBdXtiewwPergfcfp7sp5QAid75JGa0KzHKUm8Yl0Ww96Hpm/rZL9C
MsKHjFfa8bhVGaPMbNAgJXPGAE9LYIQ6k4JUAFLtE541xaWdbnuon87Tj9LVuQ9k
sw/uEt7E
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:53 2024 by rpki-client on console-fra.rpki-client.org