Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/OjZamWJQiz_EqWj7ke4nIF20xNc.roa
File: OjZamWJQiz_EqWj7ke4nIF20xNc.roa (raw, json)
Hash identifier: cd47LjI2NKd4/ajo9XzHzOIp286FiLUyGNmgsioE39Q=
Subject key identifier: 3A:36:5A:99:62:50:8B:3F:C4:A9:68:FB:91:EE:27:20:5D:B4:C4:D7
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 018CC64B6DDC8EAC082D5F35C1808578C3E6
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/OjZamWJQiz_EqWj7ke4nIF20xNc.roa
Signing time: Mon 01 Jan 2024 18:31:21 +0000
ROA not before: Mon 01 Jan 2024 18:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21500
IP address blocks: 92.118.136.0/22 maxlen: 22
81.17.130.0/24 maxlen: 24
195.69.184.0/22 maxlen: 24
85.90.200.0/22 maxlen: 22
81.17.142.0/24 maxlen: 24
81.17.140.0/24 maxlen: 24
195.234.220.0/22 maxlen: 22
92.118.224.0/24 maxlen: 24
92.118.225.0/24 maxlen: 24
92.118.226.0/24 maxlen: 24
2a06:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jan 2024 11:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6d:dc:8e:ac:08:2d:5f:35:c1:80:85:78:c3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Jan 1 18:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a365a9962508b3fc4a968fb91ee27205db4c4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:4b:b2:a5:5e:8c:4f:65:69:9a:ad:f7:71:
fe:11:cf:39:6b:4d:18:d8:4c:d0:8a:7d:37:dd:a5:
26:d5:88:55:11:b1:63:94:de:38:45:0d:1a:e8:2b:
f6:85:c9:52:21:c2:dc:b2:0f:eb:22:de:8c:dd:62:
12:0c:c2:98:4b:57:08:f0:2c:44:69:18:ca:88:25:
e4:ac:3d:d1:9c:79:56:6e:08:51:0f:1b:4c:3b:ba:
f1:73:7a:c3:31:39:bd:05:cf:75:01:b3:f9:1c:ee:
61:bb:1e:b0:2f:13:a0:16:61:ce:d0:31:c0:60:8d:
9f:b0:17:01:fd:c2:80:8b:9c:62:37:80:c5:4d:4d:
ba:ad:a8:72:4a:52:f6:3b:5a:52:f4:d4:0c:a3:9a:
aa:8f:5d:cf:f9:14:44:e1:c6:06:85:4e:ee:cb:b2:
aa:b3:7e:b8:00:8d:2d:a9:f8:0c:96:96:bd:3c:a8:
e1:fd:4a:9f:29:c7:44:68:2b:31:30:78:b3:e5:a6:
3d:6a:a7:f3:46:6a:29:85:40:fc:47:33:cf:1c:42:
ee:46:89:65:c8:7b:55:4a:f9:9a:de:c5:88:12:2f:
38:4d:10:d8:37:d3:95:2b:13:a3:b1:ae:04:59:a5:
4e:0d:7a:24:50:78:1b:cc:34:48:bf:fa:3f:72:77:
bb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:36:5A:99:62:50:8B:3F:C4:A9:68:FB:91:EE:27:20:5D:B4:C4:D7
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/OjZamWJQiz_EqWj7ke4nIF20xNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.130.0/24
81.17.140.0/24
81.17.142.0/24
85.90.200.0/22
92.118.136.0/22
92.118.224.0-92.118.226.255
195.69.184.0/22
195.234.220.0/22
IPv6:
2a06:6200::/29
Signature Algorithm: sha256WithRSAEncryption
7a:30:98:a0:9a:10:1d:e2:62:ed:f8:e9:49:48:9a:70:e7:af:
99:48:ab:f6:b8:09:a2:7c:4d:df:4c:e5:0b:81:90:08:f0:3d:
7d:55:c5:51:66:16:d8:a8:61:53:ea:13:76:c2:28:aa:8b:a7:
28:ac:f1:8c:76:bc:2d:e5:a4:61:57:55:c7:23:f7:26:6c:73:
da:69:ab:65:0e:2c:0c:52:a4:5a:c5:b8:95:7b:71:79:f9:bf:
9a:cd:77:bc:30:88:43:1e:00:ab:5e:48:60:85:e7:4a:4d:44:
19:f9:83:3c:98:c4:55:9a:fe:c4:09:58:04:40:ca:ba:e7:c4:
df:e2:e4:42:a8:90:17:8f:b2:a0:41:a6:b5:c8:50:c8:31:9d:
76:ab:06:83:cb:54:85:1a:bc:19:dd:a4:45:13:07:79:ff:b6:
2c:3d:41:be:9a:ff:7c:32:ea:c1:c9:10:8b:0e:cf:71:b6:e8:
cb:29:aa:dd:5a:3c:cc:3a:d5:5d:97:e5:94:60:4c:04:39:66:
f0:5b:a6:35:06:36:05:f5:35:f5:97:28:a7:5f:11:af:ec:41:
4c:96:55:e0:31:19:bd:b4:7e:ae:13:66:bc:25:a9:2d:4f:c0:
c6:d0:fb:52:b6:7f:9e:c0:e5:c5:cf:9e:d4:c5:ba:19:f6:d9:
d3:a3:36:e5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzGS23cjqwILV81wYCFeMPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTc0YzI4NzhkNmI1MzYxMzliODk1ZjA4YzljNmRiMThl
MTJhOWIwHhcNMjQwMTAxMTgzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM2NWE5OTYyNTA4YjNmYzRhOTY4ZmI5MWVlMjcyMDVkYjRjNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd9LsqVejE9laZqt93H+Ec85a00Y
2EzQin033aUm1YhVEbFjlN44RQ0a6Cv2hclSIcLcsg/rIt6M3WISDMKYS1cI8CxE
aRjKiCXkrD3RnHlWbghRDxtMO7rxc3rDMTm9Bc91AbP5HO5hux6wLxOgFmHO0DHA
YI2fsBcB/cKAi5xiN4DFTU26rahySlL2O1pS9NQMo5qqj13P+RRE4cYGhU7uy7Kq
s364AI0tqfgMlpa9PKjh/UqfKcdEaCsxMHiz5aY9aqfzRmophUD8RzPPHELuRoll
yHtVSvma3sWIEi84TRDYN9OVKxOjsa4EWaVODXokUHgbzDRIv/o/cne7PQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDo2WpliUIs/xKlo+5HuJyBdtMTXMB8GA1UdIwQY
MBaAFOBXTCh41rU2E5uJXwjJxtsY4SqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUt
NDQ2MDE5OTY2YTE5LzEvT2paYW1XSlFpel9FcVdqN2tlNG5JRjIweE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUtNDQ2MDE5OTY2YTE5
LzEvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAURGCAwQA
URGMAwQAURGOAwQCVVrIAwQCXHaIMAwDBAVcduADBABcduIDBALDRbgDBALD6tww
DQQCAAIwBwMFAyoGYgAwDQYJKoZIhvcNAQELBQADggEBAHowmKCaEB3iYu346UlI
mnDnr5lIq/a4CaJ8Td9M5QuBkAjwPX1VxVFmFtioYVPqE3bCKKqLpyis8Yx2vC3l
pGFXVccj9yZsc9ppq2UOLAxSpFrFuJV7cXn5v5rNd7wwiEMeAKteSGCF50pNRBn5
gzyYxFWa/sQJWARAyrrnxN/i5EKokBePsqBBprXIUMgxnXarBoPLVIUavBndpEUT
B3n/tiw9Qb6a/3wy6sHJEIsOz3G26Mspqt1aPMw61V2X5ZRgTAQ5ZvBbpjUGNgX1
NfWXKKdfEa/sQUyWVeAxGb20fq4TZrwlqS1PwMbQ+1K2f57A5cXPntTFuhn22dOj
NuU=
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:16 2024 by rpki-client on console.sobornost.net