Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/oCoaa-e-k-jSnut2zdcdXxswgW4.roa
File: oCoaa-e-k-jSnut2zdcdXxswgW4.roa (raw, json)
Hash identifier: sEP/UQbas16cCr8xDTDonbXUhhj4Opb/0KaOTPityDA=
Subject key identifier: A0:2A:1A:6B:E7:BE:93:E8:D2:9E:EB:76:CD:D7:1D:5F:1B:30:81:6E
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0194C78F04ED81E0C294E2515EB5865A6194
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/oCoaa-e-k-jSnut2zdcdXxswgW4.roa
Signing time: Sun 02 Feb 2025 16:47:06 +0000
ROA not before: Sun 02 Feb 2025 16:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Feb 2025 11:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c7:8f:04:ed:81:e0:c2:94:e2:51:5e:b5:86:5a:61:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Feb 2 16:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a02a1a6be7be93e8d29eeb76cdd71d5f1b30816e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:14:a9:a9:a4:7b:79:6e:92:db:e5:74:e6:5c:
26:09:5e:60:37:e8:8e:4d:95:32:01:36:01:5e:62:
3c:80:46:7a:09:0e:8b:e1:9d:56:39:46:2b:d5:80:
23:e3:53:34:23:d3:bf:a2:b3:48:44:4f:fc:4a:4d:
d9:05:d7:98:e7:07:27:23:e6:6b:cb:ea:6d:a4:ca:
9b:b5:db:0e:a5:31:39:70:b0:1f:0b:b6:45:a4:44:
80:59:e5:25:ed:64:c0:03:3d:2f:83:dc:46:21:6b:
09:a4:1c:ea:22:06:3d:06:bf:eb:31:6b:6b:09:e1:
c6:2c:cc:51:c8:61:05:dc:27:33:3b:23:c0:ac:c7:
dd:12:a7:29:92:b8:95:2b:5e:d9:3a:8f:ed:00:70:
7a:13:0b:5f:b4:41:c2:2c:12:2d:ac:14:14:ea:3d:
f8:dd:c5:50:62:97:c5:9f:3b:78:56:fa:70:e9:06:
a8:09:5c:8d:23:77:27:ae:1e:29:55:8b:b6:03:f5:
5d:a7:58:a8:62:05:71:c1:17:c9:41:33:dd:65:60:
d5:83:8c:64:36:fa:14:1e:e3:3e:2b:b2:c9:b4:e2:
ca:d0:95:0f:f0:ca:78:72:cc:8d:c6:00:ed:86:04:
91:20:41:28:51:33:14:44:b8:c7:a9:fe:0f:df:94:
7a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2A:1A:6B:E7:BE:93:E8:D2:9E:EB:76:CD:D7:1D:5F:1B:30:81:6E
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/oCoaa-e-k-jSnut2zdcdXxswgW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/24
213.254.179.0/24
IPv6:
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
b9:81:cc:b6:5a:aa:75:e8:72:bf:19:67:e1:c5:e8:6a:af:4a:
5c:3e:c9:59:af:d2:1e:37:c7:38:4e:ac:35:72:e4:5f:98:79:
af:e7:40:1f:5b:ba:30:75:61:06:d4:01:e4:00:69:78:3f:37:
eb:93:6d:7e:bf:29:f1:8a:c8:94:15:b6:1b:13:a9:98:83:b3:
6e:c0:5f:76:1f:dc:6f:f2:99:f8:68:9e:38:f3:b6:74:d1:f3:
39:0b:44:69:da:fd:23:75:28:92:a9:c7:64:3c:7e:b7:19:1c:
4a:05:41:72:94:42:4c:f1:19:38:de:ca:22:99:fb:de:b3:3f:
d8:29:15:32:b2:12:02:42:8a:45:ba:23:f6:0d:f6:b5:7d:27:
91:a8:cb:99:13:f2:33:e3:7e:e7:40:2d:65:49:90:1f:93:65:
99:87:b5:4a:d4:ef:e4:4e:d2:c7:85:74:1b:47:44:ab:81:84:
c1:3a:9c:83:5c:9c:7a:7e:64:41:cb:19:e9:eb:21:d7:45:1a:
c9:9f:d2:f9:39:01:14:b3:47:01:46:fe:4f:2b:5d:f2:8d:d9:
51:c7:c2:9a:86:82:12:56:ec:aa:41:04:d8:cd:e9:f1:cf:98:
33:cf:8a:1c:4f:8a:7d:47:7c:c7:48:42:05:c9:00:dd:3f:1c:
20:cf:4c:bd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZTHjwTtgeDClOJRXrWGWmGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMjAyMTY0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJhMWE2YmU3YmU5M2U4ZDI5ZWViNzZjZGQ3MWQ1ZjFiMzA4MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRSpqaR7eW6S2+V05lwmCV5gN+iO
TZUyATYBXmI8gEZ6CQ6L4Z1WOUYr1YAj41M0I9O/orNIRE/8Sk3ZBdeY5wcnI+Zr
y+ptpMqbtdsOpTE5cLAfC7ZFpESAWeUl7WTAAz0vg9xGIWsJpBzqIgY9Br/rMWtr
CeHGLMxRyGEF3CczOyPArMfdEqcpkriVK17ZOo/tAHB6EwtftEHCLBItrBQU6j34
3cVQYpfFnzt4Vvpw6QaoCVyNI3cnrh4pVYu2A/Vdp1ioYgVxwRfJQTPdZWDVg4xk
NvoUHuM+K7LJtOLK0JUP8Mp4csyNxgDthgSRIEEoUTMURLjHqf4P35R6VwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKAqGmvnvpPo0p7rds3XHV8bMIFuMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvb0NvYWEtZS1rLWpTbnV0MnpkY2RYeHN3Z1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAAjsWAwQA
1GiMAwQA1f6zMA8EAgACMAkDBwAqAelHAAAwDQYJKoZIhvcNAQELBQADggEBALmB
zLZaqnXocr8ZZ+HF6GqvSlw+yVmv0h43xzhOrDVy5F+Yea/nQB9bujB1YQbUAeQA
aXg/N+uTbX6/KfGKyJQVthsTqZiDs27AX3Yf3G/ymfhonjjztnTR8zkLRGna/SN1
KJKpx2Q8frcZHEoFQXKUQkzxGTjeyiKZ+96zP9gpFTKyEgJCikW6I/YN9rV9J5Go
y5kT8jPjfudALWVJkB+TZZmHtUrU7+RO0seFdBtHRKuBhME6nINcnHp+ZEHLGenr
IddFGsmf0vk5ARSzRwFG/k8rXfKN2VHHwpqGghJW7KpBBNjN6fHPmDPPihxPin1H
fMdIQgXJAN0/HCDPTL0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:00:05 2025 by rpki-client