Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/OupIRWwB0Xuj7hMBZUyyHGiqydI.roa
File: OupIRWwB0Xuj7hMBZUyyHGiqydI.roa (raw, json)
Hash identifier: b/bPAg3GPfZW/BK9w0rM6YK2Gi5IfFtSj8YAk/jXBaA=
Subject key identifier: 3A:EA:48:45:6C:01:D1:7B:A3:EE:13:01:65:4C:B2:1C:68:AA:C9:D2
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018F80225950CA05C2C41F39F9A10FFF0726
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/OupIRWwB0Xuj7hMBZUyyHGiqydI.roa
Signing time: Thu 16 May 2024 06:41:25 +0000
ROA not before: Thu 16 May 2024 06:41:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 91.123.0.0/24 maxlen: 24
91.123.1.0/24 maxlen: 24
91.123.2.0/24 maxlen: 24
91.123.3.0/24 maxlen: 24
91.123.4.0/24 maxlen: 24
91.123.5.0/24 maxlen: 24
91.123.6.0/24 maxlen: 24
91.123.7.0/24 maxlen: 24
190.106.160.0/24 maxlen: 24
190.106.161.0/24 maxlen: 24
190.106.162.0/24 maxlen: 24
190.106.163.0/24 maxlen: 24
190.106.164.0/24 maxlen: 24
190.106.165.0/24 maxlen: 24
190.106.166.0/24 maxlen: 24
190.106.167.0/24 maxlen: 24
190.106.168.0/24 maxlen: 24
190.106.169.0/24 maxlen: 24
190.106.170.0/24 maxlen: 24
190.106.171.0/24 maxlen: 24
190.106.172.0/24 maxlen: 24
190.106.173.0/24 maxlen: 24
190.106.174.0/24 maxlen: 24
190.106.175.0/24 maxlen: 24
190.106.176.0/24 maxlen: 24
190.106.183.0/24 maxlen: 24
190.106.185.0/24 maxlen: 24
190.106.186.0/24 maxlen: 24
190.106.187.0/24 maxlen: 24
190.106.188.0/24 maxlen: 24
190.106.189.0/24 maxlen: 24
190.106.190.0/24 maxlen: 24
190.106.191.0/24 maxlen: 24
206.195.128.0/24 maxlen: 24
206.195.129.0/24 maxlen: 24
206.195.130.0/24 maxlen: 24
206.195.131.0/24 maxlen: 24
206.195.132.0/24 maxlen: 24
206.195.133.0/24 maxlen: 24
206.195.134.0/24 maxlen: 24
206.195.135.0/24 maxlen: 24
206.195.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 08:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:22:59:50:ca:05:c2:c4:1f:39:f9:a1:0f:ff:07:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: May 16 06:41:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3aea48456c01d17ba3ee1301654cb21c68aac9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b9:6b:43:fd:7a:2a:08:00:d8:a3:1a:58:b2:
9b:b4:a9:d7:4e:e4:27:65:5f:ac:14:cf:59:7e:47:
52:b6:b9:f4:dd:f6:3a:a9:38:c8:6d:6b:3a:0d:60:
3e:43:06:55:84:d1:4e:0c:eb:d6:54:70:80:eb:fc:
5a:7a:eb:0c:c1:c2:bb:3d:7f:a4:26:60:a5:40:3f:
73:ad:cf:6a:b0:a2:db:21:a2:a6:8e:5f:69:ff:39:
81:c2:97:0d:29:ec:94:df:0e:74:a4:d6:7b:a8:80:
06:f2:5f:46:03:57:05:17:b2:a2:4d:1e:3b:bc:84:
e9:a6:21:eb:d7:70:ac:6e:a3:c2:32:f7:01:63:f2:
49:64:ee:06:cc:f7:f2:23:46:e7:ed:80:eb:e2:01:
af:e9:ae:eb:b8:b4:9a:11:fc:67:64:fb:63:65:59:
90:f8:0a:1c:20:3c:a4:1b:ef:13:3f:6d:c1:e7:a8:
27:fe:d4:e1:09:3e:87:29:2e:ca:91:37:07:be:6a:
de:2c:63:0f:34:11:c1:30:76:64:3e:a3:7e:a4:d8:
ef:69:30:92:be:a3:d1:88:ed:c6:6f:48:99:07:88:
07:23:d2:ab:60:a0:bd:ff:23:b1:9c:b9:3f:81:f6:
42:ca:8f:e5:50:48:a6:3f:e9:c1:fc:71:f7:1f:27:
4f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EA:48:45:6C:01:D1:7B:A3:EE:13:01:65:4C:B2:1C:68:AA:C9:D2
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/OupIRWwB0Xuj7hMBZUyyHGiqydI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.0.0/21
190.106.160.0-190.106.176.255
190.106.183.0/24
190.106.185.0-190.106.191.255
206.195.128.0-206.195.136.255
Signature Algorithm: sha256WithRSAEncryption
0f:4e:f1:31:a8:28:cc:4c:1e:84:24:6b:d9:28:e8:a9:76:d3:
56:23:a0:29:a1:88:bf:3a:11:54:39:09:6a:2d:00:78:6a:44:
21:35:09:56:b5:3e:03:93:4a:cc:87:e2:be:7a:96:6b:74:45:
8a:65:40:e9:ce:1a:f6:dc:04:27:d0:61:5a:0d:ca:17:6f:d1:
47:dc:d3:e6:70:46:02:49:f7:6f:0f:8e:ae:65:c2:70:85:b1:
b7:78:a6:05:cd:6c:cc:0a:e4:7f:6c:13:69:8b:51:b7:14:5a:
4c:cc:dd:82:bc:e8:e0:73:3d:c9:2b:34:aa:59:21:7c:8c:f2:
80:10:cf:bb:48:60:24:c3:2c:e9:35:7e:0a:6c:ee:3b:ef:6c:
f0:97:42:c2:47:8d:95:e5:21:4a:46:dd:ee:77:e4:46:9d:80:
60:3a:3a:60:06:97:14:f5:c4:80:39:63:60:b3:14:70:0a:3f:
ed:08:fc:23:9b:51:99:93:d3:61:a1:33:d7:13:95:eb:f4:4c:
c4:35:8c:91:39:03:18:3b:07:05:78:df:cf:fe:bf:c5:14:76:
a9:45:79:14:89:9b:8f:4a:dc:1f:3f:88:c5:97:33:a9:8d:e1:
c2:f4:a6:a3:e4:f0:14:3c:0f:1d:8f:d0:32:2f:1b:1e:0c:23:
b9:8c:8c:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY+AIllQygXCxB85+aEP/wcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjQwNTE2MDY0MTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWVhNDg0NTZjMDFkMTdiYTNlZTEzMDE2NTRjYjIxYzY4YWFjOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1blrQ/16KggA2KMaWLKbtKnXTuQn
ZV+sFM9ZfkdStrn03fY6qTjIbWs6DWA+QwZVhNFODOvWVHCA6/xaeusMwcK7PX+k
JmClQD9zrc9qsKLbIaKmjl9p/zmBwpcNKeyU3w50pNZ7qIAG8l9GA1cFF7KiTR47
vITppiHr13CsbqPCMvcBY/JJZO4GzPfyI0bn7YDr4gGv6a7ruLSaEfxnZPtjZVmQ
+AocIDykG+8TP23B56gn/tThCT6HKS7KkTcHvmreLGMPNBHBMHZkPqN+pNjvaTCS
vqPRiO3Gb0iZB4gHI9KrYKC9/yOxnLk/gfZCyo/lUEimP+nB/HH3HydPawIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDrqSEVsAdF7o+4TAWVMshxoqsnSMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvT3VwSVJXd0IwWHVqN2hNQlpVeXlIR2lxeWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDW3sAMAwD
BAW+aqADBAC+arADBAC+arcwDAMEAL5quQMEBr5qgDAMAwQHzsOAAwQAzsOIMA0G
CSqGSIb3DQEBCwUAA4IBAQAPTvExqCjMTB6EJGvZKOipdtNWI6ApoYi/OhFUOQlq
LQB4akQhNQlWtT4Dk0rMh+K+epZrdEWKZUDpzhr23AQn0GFaDcoXb9FH3NPmcEYC
SfdvD46uZcJwhbG3eKYFzWzMCuR/bBNpi1G3FFpMzN2CvOjgcz3JKzSqWSF8jPKA
EM+7SGAkwyzpNX4KbO4772zwl0LCR42V5SFKRt3ud+RGnYBgOjpgBpcU9cSAOWNg
sxRwCj/tCPwjm1GZk9NhoTPXE5Xr9EzENYyROQMYOwcFeN/P/r/FFHapRXkUiZuP
StwfP4jFlzOpjeHC9Kaj5PAUPA8dj9AyLxseDCO5jIxd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:02 2025 by rpki-client