Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/0b06c0-d890-49bd-a29f-f07efac4e2de/1/0MnxjKhUydXvpa_WbCDILZOcr3Q.roa
File: 0MnxjKhUydXvpa_WbCDILZOcr3Q.roa (raw, json)
Hash identifier: QDNcK4wRfSJtYkhezHQR1qr9Jg2FuY/HhFiPSWcRXrM=
Subject key identifier: D0:C9:F1:8C:A8:54:C9:D5:EF:A5:AF:D6:6C:20:C8:2D:93:9C:AF:74
Certificate issuer: /CN=d36e5d70935b8cbc37cf216c446697d4c27a993e
Certificate serial: 0192A832B292D59C28F8BA13105AB7695715
Authority key identifier: D3:6E:5D:70:93:5B:8C:BC:37:CF:21:6C:44:66:97:D4:C2:7A:99:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/025dcJNbjLw3zyFsRGaX1MJ6mT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/0b06c0-d890-49bd-a29f-f07efac4e2de/1/0MnxjKhUydXvpa_WbCDILZOcr3Q.roa
Signing time: Sun 20 Oct 2024 04:32:27 +0000
ROA not before: Sun 20 Oct 2024 04:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49972
IP address blocks: 194.32.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a8:32:b2:92:d5:9c:28:f8:ba:13:10:5a:b7:69:57:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36e5d70935b8cbc37cf216c446697d4c27a993e
Validity
Not Before: Oct 20 04:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0c9f18ca854c9d5efa5afd66c20c82d939caf74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:c8:84:cd:22:c9:7d:d8:db:3b:f2:c9:8e:
5e:22:00:95:7f:9f:50:3a:da:33:21:58:48:32:fe:
ef:78:d5:00:e3:78:30:a0:e3:ea:da:bf:7f:94:e6:
63:19:4d:e3:13:75:0d:64:f0:20:c3:e0:3b:40:12:
7f:3a:b9:43:38:d6:73:38:f2:00:55:a3:b5:6b:a7:
8a:39:49:ac:a8:34:a9:64:37:ab:e8:47:b1:28:18:
d1:ed:ac:52:3c:32:9a:bd:71:af:0b:fd:47:73:28:
82:b9:9e:d0:0d:ff:55:83:2e:19:9a:ff:9d:b6:ab:
f8:cf:2e:b0:d6:ba:01:bc:a3:45:55:3c:af:74:9e:
02:1e:3f:3a:b7:e4:db:f6:d6:8a:cb:2e:98:6a:e3:
13:3d:f3:9a:13:17:8e:00:1a:d4:a5:e4:81:65:1e:
32:f5:a1:70:f8:ef:eb:a2:8c:5e:fc:56:52:89:f1:
36:52:b4:4e:17:65:88:10:ce:2f:29:54:20:36:6b:
c8:32:7e:52:79:72:db:7e:8c:f7:f7:8e:d3:b0:41:
f2:16:fb:05:16:23:f7:a9:77:12:9c:92:0e:0d:e9:
55:57:eb:c4:ea:60:e7:5c:72:bf:8d:fd:4d:93:5e:
51:1b:05:77:5b:9c:f1:d0:83:c1:b4:64:77:cd:d7:
5b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C9:F1:8C:A8:54:C9:D5:EF:A5:AF:D6:6C:20:C8:2D:93:9C:AF:74
X509v3 Authority Key Identifier:
keyid:D3:6E:5D:70:93:5B:8C:BC:37:CF:21:6C:44:66:97:D4:C2:7A:99:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/025dcJNbjLw3zyFsRGaX1MJ6mT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0b06c0-d890-49bd-a29f-f07efac4e2de/1/0MnxjKhUydXvpa_WbCDILZOcr3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0b06c0-d890-49bd-a29f-f07efac4e2de/1/025dcJNbjLw3zyFsRGaX1MJ6mT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:03:e2:fb:99:be:db:29:54:30:fc:89:a5:39:8b:f4:15:50:
f0:64:9a:a5:65:ff:c8:1c:0d:24:d4:91:50:86:2d:eb:d6:1c:
ff:02:5e:78:27:82:26:29:77:b6:a8:f2:02:54:a3:77:86:05:
ce:74:ad:01:ca:c5:77:87:cb:d1:37:f7:4e:ab:b4:95:a0:61:
3a:f7:89:17:c5:e7:42:e4:d9:c9:5a:c6:88:c5:e8:21:d7:1b:
86:3d:fa:90:60:3a:8b:a5:2e:19:d4:50:61:95:27:d2:68:5a:
37:47:c7:26:08:04:37:c4:64:7d:b5:5f:24:f0:f1:8b:fc:48:
4b:e6:39:a9:66:6f:bd:44:15:1b:65:b0:4d:80:99:c7:3b:35:
b6:72:c4:ea:e8:e1:60:b7:f8:19:21:19:67:7d:ec:b5:2e:cb:
9d:fe:72:7c:f5:f2:f8:a5:7f:a0:05:6a:3b:7b:c9:c1:6e:9b:
aa:4d:11:74:b5:64:48:2f:6b:91:4d:a5:83:0e:44:c2:9d:18:
e5:ba:11:bf:bc:d9:55:c3:a3:0b:87:44:3f:e8:d1:29:02:48:
e7:ac:65:61:bc:83:4a:ac:f2:65:6c:39:1a:e3:91:e4:39:5c:
be:dc:f7:01:1b:a8:df:e3:54:a0:b6:2a:94:14:d2:ca:66:ec:
3c:a9:1d:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKoMrKS1Zwo+LoTEFq3aVcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmU1ZDcwOTM1YjhjYmMzN2NmMjE2YzQ0NjY5N2Q0YzI3
YTk5M2UwHhcNMjQxMDIwMDQzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM5ZjE4Y2E4NTRjOWQ1ZWZhNWFmZDY2YzIwYzgyZDkzOWNhZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR7IhM0iyX3Y2zvyyY5eIgCVf59Q
OtozIVhIMv7veNUA43gwoOPq2r9/lOZjGU3jE3UNZPAgw+A7QBJ/OrlDONZzOPIA
VaO1a6eKOUmsqDSpZDer6EexKBjR7axSPDKavXGvC/1HcyiCuZ7QDf9Vgy4Zmv+d
tqv4zy6w1roBvKNFVTyvdJ4CHj86t+Tb9taKyy6YauMTPfOaExeOABrUpeSBZR4y
9aFw+O/rooxe/FZSifE2UrROF2WIEM4vKVQgNmvIMn5SeXLbfoz3947TsEHyFvsF
FiP3qXcSnJIODelVV+vE6mDnXHK/jf1Nk15RGwV3W5zx0IPBtGR3zddb3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDJ8YyoVMnV76Wv1mwgyC2TnK90MB8GA1UdIwQY
MBaAFNNuXXCTW4y8N88hbERml9TCepk+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDI1ZGNKTmJqTHczenlGc1JHYVgxTUo2bVQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wYjA2YzAtZDg5MC00OWJkLWEyOWYt
ZjA3ZWZhYzRlMmRlLzEvME1ueGpLaFV5ZFh2cGFfV2JDRElMWk9jcjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8wYjA2YzAtZDg5MC00OWJkLWEyOWYtZjA3ZWZhYzRlMmRl
LzEvMDI1ZGNKTmJqTHczenlGc1JHYVgxTUo2bVQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiDRMA0G
CSqGSIb3DQEBCwUAA4IBAQCKA+L7mb7bKVQw/ImlOYv0FVDwZJqlZf/IHA0k1JFQ
hi3r1hz/Al54J4ImKXe2qPICVKN3hgXOdK0BysV3h8vRN/dOq7SVoGE694kXxedC
5NnJWsaIxegh1xuGPfqQYDqLpS4Z1FBhlSfSaFo3R8cmCAQ3xGR9tV8k8PGL/EhL
5jmpZm+9RBUbZbBNgJnHOzW2csTq6OFgt/gZIRlnfey1Lsud/nJ89fL4pX+gBWo7
e8nBbpuqTRF0tWRIL2uRTaWDDkTCnRjluhG/vNlVw6MLh0Q/6NEpAkjnrGVhvINK
rPJlbDka45HkOVy+3PcBG6jf41SgtiqUFNLKZuw8qR1t
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:05 2025 by rpki-client