Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/OCERMnUvZyoJPk9wpwS42UgtV-0.roa
File: OCERMnUvZyoJPk9wpwS42UgtV-0.roa (raw, json)
Hash identifier: KqI0Xkx1kItgG+zRsWkI8GPSGI1I0LIY+I5/Ix1N/IU=
Subject key identifier: 38:21:11:32:75:2F:67:2A:09:3E:4F:70:A7:04:B8:D9:48:2D:57:ED
Certificate issuer: /CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Certificate serial: 01856DE6695DA99787FCA9DB95A80747F898
Authority key identifier: BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/OCERMnUvZyoJPk9wpwS42UgtV-0.roa
Signing time: Sun 01 Jan 2023 15:14:54 +0000
ROA not before: Sun 01 Jan 2023 15:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8767
IP address blocks: 82.135.0.0/17 maxlen: 17
46.244.128.0/17 maxlen: 17
212.18.0.0/19 maxlen: 19
62.216.192.0/19 maxlen: 19
185.17.204.0/22 maxlen: 22
213.179.128.0/19 maxlen: 19
80.81.0.0/19 maxlen: 19
212.114.128.0/17 maxlen: 17
62.245.128.0/17 maxlen: 17
93.104.0.0/16 maxlen: 16
212.204.64.0/18 maxlen: 18
212.204.75.0/24 maxlen: 24
188.174.0.0/16 maxlen: 16
83.171.128.0/18 maxlen: 18
88.217.0.0/16 maxlen: 16
2001:a60::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:69:5d:a9:97:87:fc:a9:db:95:a8:07:47:f8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Validity
Not Before: Jan 1 15:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38211132752f672a093e4f70a704b8d9482d57ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:63:02:21:1f:f7:9d:51:33:0b:57:67:43:a6:
da:a0:77:bc:b6:72:6c:01:2d:55:e9:6b:83:f6:2b:
99:a1:33:c4:78:b5:27:0b:5d:f1:00:7e:96:42:7d:
38:7a:d6:ca:e5:15:f6:fa:59:54:b1:64:07:00:c0:
c0:3b:e0:c8:01:7e:f4:b4:8a:a2:5e:8b:f7:62:cc:
2d:43:23:fb:c6:d2:08:fb:91:15:53:1b:1b:48:1b:
6c:b1:54:f9:24:e5:d6:a9:32:89:13:3d:db:fa:8d:
4c:d0:14:e1:ec:f2:3b:a8:ac:90:f6:b5:fa:24:56:
d8:eb:74:05:e5:02:97:7b:b1:da:42:0d:c4:53:ac:
73:04:7a:9d:e3:6a:3a:c0:12:00:e2:e7:aa:55:a0:
de:ed:71:e1:da:19:ed:4f:7e:a7:17:0a:2d:0d:64:
1a:be:55:a1:63:40:4a:ab:33:3b:fa:33:50:eb:cf:
d4:e6:e9:0e:17:9e:61:2b:d9:41:db:b8:d7:77:45:
e7:ae:92:f5:6e:e9:22:c6:7c:7b:dc:6f:eb:07:93:
1c:11:eb:af:aa:87:fd:f7:53:c3:b0:8a:86:ac:3b:
f6:25:6a:99:13:04:66:62:3c:f3:5f:89:36:f9:84:
28:1a:0f:e7:44:52:c1:64:9b:e9:45:52:8a:d6:4f:
04:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:21:11:32:75:2F:67:2A:09:3E:4F:70:A7:04:B8:D9:48:2D:57:ED
X509v3 Authority Key Identifier:
keyid:BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/OCERMnUvZyoJPk9wpwS42UgtV-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.128.0/17
62.216.192.0/19
62.245.128.0/17
80.81.0.0/19
82.135.0.0/17
83.171.128.0/18
88.217.0.0/16
93.104.0.0/16
185.17.204.0/22
188.174.0.0/16
212.18.0.0/19
212.114.128.0/17
212.204.64.0/18
213.179.128.0/19
IPv6:
2001:a60::/29
Signature Algorithm: sha256WithRSAEncryption
2c:d5:c3:c6:3b:98:2c:cc:54:68:c1:1a:92:69:08:17:d9:a8:
80:aa:7c:4a:e3:1e:ca:82:57:0e:bf:11:2e:cd:17:b7:27:7f:
67:7a:2f:f7:67:39:d6:2f:2c:1e:b6:1c:7b:b9:55:e0:4d:07:
81:71:a6:bf:0d:a9:48:c0:ba:2e:6c:8d:5f:be:d8:1a:3d:5a:
0a:18:e0:8e:57:b5:bb:cb:02:19:9c:e2:da:7b:f7:56:06:3d:
47:0b:1a:00:4d:17:7c:09:45:c5:7e:3d:14:0b:9f:b2:6a:16:
aa:64:ca:2f:34:20:33:a8:73:2d:39:83:17:1c:30:cb:06:86:
ec:6c:4d:61:0a:bb:01:4f:48:36:3c:49:e2:69:0e:e7:27:cd:
c9:73:16:c5:a3:cd:e3:87:51:f7:eb:04:f8:c8:95:d0:39:28:
4d:38:8f:9f:9e:c0:bd:f7:74:3b:3c:6f:75:7b:5e:fa:be:21:
5c:63:b3:59:82:22:2a:e7:f8:73:1f:10:5c:0a:ef:ce:1f:64:
13:49:c3:ac:7b:51:8e:93:6b:0c:d8:e7:83:e8:92:64:b4:49:
1b:b0:0e:f4:7d:24:e8:3e:15:0f:ee:3a:df:c2:f6:1b:fe:90:
ee:78:75:50:03:40:45:4b:47:ba:9d:70:00:cb:3f:67:3b:6c:
d4:c4:c6:75
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVt5mldqZeH/KnblagHR/iYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGUyZjVhYzdjYmU2MjExN2RhNDc4YWMwYzAyN2FkNmQ4
NDNjNTYwHhcNMjMwMTAxMTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODIxMTEzMjc1MmY2NzJhMDkzZTRmNzBhNzA0YjhkOTQ4MmQ1N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGMCIR/3nVEzC1dnQ6baoHe8tnJs
AS1V6WuD9iuZoTPEeLUnC13xAH6WQn04etbK5RX2+llUsWQHAMDAO+DIAX70tIqi
Xov3YswtQyP7xtII+5EVUxsbSBtssVT5JOXWqTKJEz3b+o1M0BTh7PI7qKyQ9rX6
JFbY63QF5QKXe7HaQg3EU6xzBHqd42o6wBIA4ueqVaDe7XHh2hntT36nFwotDWQa
vlWhY0BKqzM7+jNQ68/U5ukOF55hK9lB27jXd0XnrpL1bukixnx73G/rB5McEeuv
qof991PDsIqGrDv2JWqZEwRmYjzzX4k2+YQoGg/nRFLBZJvpRVKK1k8E2wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDghETJ1L2cqCT5PcKcEuNlILVftMB8GA1UdIwQY
MBaAFLuOL1rHy+YhF9pHisDAJ61thDxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjIt
M2I5ZGIwNWQyMzg0LzEvT0NFUk1uVXZaeW9KUGs5d3B3UzQyVWd0Vi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjItM2I5ZGIwNWQyMzg0
LzEvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwQHLvSAAwQF
PtjAAwQHPvWAAwQFUFEAAwQHUocAAwQGU6uAAwMAWNkDAwBdaAMEArkRzAMDALyu
AwQF1BIAAwQH1HKAAwQG1MxAAwQF1bOAMA0EAgACMAcDBQMgAQpgMA0GCSqGSIb3
DQEBCwUAA4IBAQAs1cPGO5gszFRowRqSaQgX2aiAqnxK4x7KglcOvxEuzRe3J39n
ei/3ZznWLywethx7uVXgTQeBcaa/DalIwLoubI1fvtgaPVoKGOCOV7W7ywIZnOLa
e/dWBj1HCxoATRd8CUXFfj0UC5+yahaqZMovNCAzqHMtOYMXHDDLBobsbE1hCrsB
T0g2PEniaQ7nJ83JcxbFo83jh1H36wT4yJXQOShNOI+fnsC993Q7PG91e176viFc
Y7NZgiIq5/hzHxBcCu/OH2QTScOse1GOk2sM2OeD6JJktEkbsA70fSToPhUP7jrf
wvYb/pDueHVQA0BFS0e6nXAAyz9nO2zUxMZ1
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:11 2024 by rpki-client on console.sobornost.net