Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Og5XGcdInqqqLIcer_iqnSru53k.roa
File: Og5XGcdInqqqLIcer_iqnSru53k.roa (raw, json)
Hash identifier: Qibfon/FBtvfq13BOpWmq+T4P07C7pgB1cQlwym36h0=
Subject key identifier: 3A:0E:57:19:C7:48:9E:AA:AA:2C:87:1E:AF:F8:AA:9D:2A:EE:E7:79
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018CCA2A014ECBA00FFEF86A20F4C7A4AFB9
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Og5XGcdInqqqLIcer_iqnSru53k.roa
Signing time: Tue 02 Jan 2024 12:33:19 +0000
ROA not before: Tue 02 Jan 2024 12:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.224.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:01:4e:cb:a0:0f:fe:f8:6a:20:f4:c7:a4:af:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 2 12:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a0e5719c7489eaaaa2c871eaff8aa9d2aeee779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:2c:41:cc:6e:53:79:aa:14:7f:3c:b2:6d:
46:d4:bc:73:0c:3e:89:d8:f1:ff:d0:43:dd:24:0d:
da:f1:89:91:bc:80:cc:84:97:b3:38:d3:89:1d:b7:
d7:23:bc:b7:3b:ea:7a:5f:6a:1e:ee:95:18:9c:89:
b6:13:f0:2a:8d:e0:e8:1a:5f:cb:86:8f:82:a9:67:
ee:03:18:07:78:d2:69:d7:c1:48:b4:1c:78:7a:0a:
82:ff:c9:4c:3c:34:fe:40:cd:36:d9:ef:d2:f4:1f:
7c:20:ca:24:d9:4f:69:45:f0:d7:20:2b:ce:9a:98:
1b:df:c5:d2:22:bb:5b:31:cc:8c:01:0c:c1:d8:d2:
a6:74:2a:52:53:87:ff:3b:d7:18:5f:e5:f4:51:19:
3f:d8:4b:0a:82:0d:ae:8e:0a:93:b2:05:10:f0:ad:
ec:44:ce:98:bb:23:5a:0d:f4:d1:87:0f:c5:bb:12:
7b:e6:e6:2f:c6:91:e1:ff:5c:e5:b0:8f:02:73:96:
eb:d8:2f:4f:61:e0:eb:b0:ce:c7:a1:61:8e:a7:0a:
f9:17:65:c1:7e:16:0b:ce:ff:00:e7:64:0a:3f:9a:
98:20:f5:c8:61:09:13:16:44:b7:03:39:6f:6b:3f:
60:bb:f9:96:de:68:69:af:2e:77:e5:cc:69:3f:ec:
09:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0E:57:19:C7:48:9E:AA:AA:2C:87:1E:AF:F8:AA:9D:2A:EE:E7:79
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Og5XGcdInqqqLIcer_iqnSru53k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.224.0/24
192.250.239.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b0:79:6b:65:5b:d9:dd:2d:0d:70:69:0c:d4:72:89:80:8d:
ff:c3:85:8d:4e:49:40:2c:f4:19:b4:f6:24:96:42:36:ab:ac:
bf:b7:69:9c:6c:69:a0:96:d8:a0:51:78:04:cc:0c:18:87:b5:
53:f0:2d:f6:59:d6:06:42:bd:d2:53:af:66:98:e8:64:8c:cf:
32:05:88:4b:61:ac:e1:27:10:89:c8:eb:d4:7d:94:53:0f:0f:
b8:f2:55:ac:65:ac:5a:5c:a9:43:08:04:69:e3:b1:9a:cc:f5:
cb:7a:2a:e9:0c:97:e4:dc:46:e0:72:07:75:ea:11:38:fe:c7:
fb:b2:29:23:5d:d8:55:84:f5:18:e3:0a:fe:4c:8c:6c:20:97:
51:4f:ec:57:91:ab:ba:6a:d3:22:33:d8:d0:b2:d6:ed:95:1a:
6f:3b:dd:18:e7:c9:c1:06:5a:e5:7d:c4:1d:8d:94:36:ba:ea:
09:0c:2a:9b:02:f7:a6:10:a2:68:19:ec:97:da:bd:6e:f9:d6:
5a:30:90:01:b3:55:f3:35:22:df:01:c0:08:e1:62:b6:f4:f4:
30:fd:fe:87:cc:9b:cc:7f:87:28:45:de:99:2e:35:31:5e:3a:
0d:59:dd:3f:b0:10:a9:5e:e8:e4:56:4c:52:fb:bc:b2:60:e8:
3f:b5:8d:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKgFOy6AP/vhqIPTHpK+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMTAyMTIzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBlNTcxOWM3NDg5ZWFhYWEyYzg3MWVhZmY4YWE5ZDJhZWVlNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTcsQcxuU3mqFH88sm1G1LxzDD6J
2PH/0EPdJA3a8YmRvIDMhJezONOJHbfXI7y3O+p6X2oe7pUYnIm2E/AqjeDoGl/L
ho+CqWfuAxgHeNJp18FItBx4egqC/8lMPDT+QM022e/S9B98IMok2U9pRfDXICvO
mpgb38XSIrtbMcyMAQzB2NKmdCpSU4f/O9cYX+X0URk/2EsKgg2ujgqTsgUQ8K3s
RM6YuyNaDfTRhw/FuxJ75uYvxpHh/1zlsI8Cc5br2C9PYeDrsM7HoWGOpwr5F2XB
fhYLzv8A52QKP5qYIPXIYQkTFkS3Azlvaz9gu/mW3mhpry535cxpP+wJYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoOVxnHSJ6qqiyHHq/4qp0q7ud5MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvT2c1WEdjZElucXFxTEljZXJfaXFuU3J1NTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATV9xAwQA
wPrgAwQAwPrvMA0GCSqGSIb3DQEBCwUAA4IBAQABsHlrZVvZ3S0NcGkM1HKJgI3/
w4WNTklALPQZtPYklkI2q6y/t2mcbGmgltigUXgEzAwYh7VT8C32WdYGQr3SU69m
mOhkjM8yBYhLYazhJxCJyOvUfZRTDw+48lWsZaxaXKlDCARp47GazPXLeirpDJfk
3Ebgcgd16hE4/sf7sikjXdhVhPUY4wr+TIxsIJdRT+xXkau6atMiM9jQstbtlRpv
O90Y58nBBlrlfcQdjZQ2uuoJDCqbAvemEKJoGeyX2r1u+dZaMJABs1XzNSLfAcAI
4WK29PQw/f6HzJvMf4coRd6ZLjUxXjoNWd0/sBCpXujkVkxS+7yyYOg/tY2H
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:38 2025 by rpki-client