Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OPpqL26NHh8ZHGMOW0UZRcGd8oM.roa
File: OPpqL26NHh8ZHGMOW0UZRcGd8oM.roa (raw, json)
Hash identifier: fe2lTVTNbfR9jW2UyhawT1k4aoGPl/VOzdqxuJm16DY=
Subject key identifier: 38:FA:6A:2F:6E:8D:1E:1F:19:1C:63:0E:5B:45:19:45:C1:9D:F2:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194282464D48B5844D59E85DFF0048F601A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OPpqL26NHh8ZHGMOW0UZRcGd8oM.roa
Signing time: Thu 02 Jan 2025 17:51:01 +0000
ROA not before: Thu 02 Jan 2025 17:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20911
IP address blocks: 45.90.90.0/23 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.118.0/24 maxlen: 24
87.120.119.0/24 maxlen: 24
87.120.122.0/24 maxlen: 24
87.120.123.0/24 maxlen: 24
87.120.124.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
193.42.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:64:d4:8b:58:44:d5:9e:85:df:f0:04:8f:60:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38fa6a2f6e8d1e1f191c630e5b451945c19df283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f4:c8:b6:2b:c5:06:61:37:50:82:04:21:fb:
ae:c0:ee:8e:c9:64:b0:ee:e1:01:61:96:fe:9a:00:
38:3a:42:ee:07:e1:22:a9:01:2a:89:c9:a7:24:e4:
4d:92:2f:c1:f4:15:7a:a2:fd:32:ef:17:c7:45:4e:
1e:50:29:08:bc:b2:43:dc:18:3e:38:e0:c7:71:53:
9e:fd:a6:91:15:47:38:d1:c2:59:ca:e1:b1:92:36:
72:aa:66:25:7c:0c:cf:7d:bf:ab:97:ed:37:f4:eb:
36:34:50:99:89:33:46:e2:76:b9:81:d3:cf:60:b0:
d2:0c:59:fa:4c:f4:41:04:a5:85:91:e4:78:e9:01:
dd:c3:79:dd:bd:96:d8:65:4e:b4:c0:77:60:4e:68:
8d:5a:da:b2:b9:34:83:aa:e2:90:3c:2a:ff:1a:13:
0e:d7:1a:27:b8:51:e1:23:12:ed:d7:33:52:ec:ae:
76:fb:03:30:62:89:db:68:a7:28:77:38:bf:4e:ee:
16:7c:69:6b:36:c6:48:7c:34:c4:bc:9c:04:65:36:
aa:f6:63:cf:b9:10:cc:1e:6a:62:4b:d5:b4:cd:b9:
c7:ec:fc:36:a6:78:55:29:6b:6f:6c:f9:83:f7:10:
55:81:18:83:5a:74:7e:a2:9b:5b:37:7b:7e:5c:e2:
01:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FA:6A:2F:6E:8D:1E:1F:19:1C:63:0E:5B:45:19:45:C1:9D:F2:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OPpqL26NHh8ZHGMOW0UZRcGd8oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.90.0/23
84.21.174.0/23
87.120.118.0/23
87.120.122.0-87.120.124.255
93.123.26.0/23
193.42.34.0/23
Signature Algorithm: sha256WithRSAEncryption
49:9d:37:85:42:9d:3c:ea:77:41:c6:01:a4:2a:bb:ae:2e:a9:
d5:4c:f4:93:ba:dd:97:82:79:74:0d:c9:05:07:ce:6a:b1:dc:
8b:86:ec:27:fe:b7:54:d2:49:45:06:cd:d4:64:30:b2:d5:68:
43:9e:ef:86:5d:5e:a4:8b:de:7e:d5:4c:51:c2:f5:9c:f5:6b:
c6:02:fc:88:97:26:dc:43:39:ff:34:cf:dc:ea:4a:c1:6d:7b:
e7:98:48:65:e9:eb:17:79:94:f2:d2:ce:76:03:5b:8a:15:65:
cb:70:33:eb:5d:09:1f:28:09:0c:25:34:a1:a6:27:a6:45:cd:
30:bc:e2:62:7b:d1:8c:0f:bd:16:52:b9:95:9c:9b:08:88:12:
5d:b6:d1:67:2b:7f:38:66:61:a7:69:a0:fd:73:b6:25:dd:de:
7b:fb:24:f3:41:6f:f8:1b:30:42:73:fc:84:01:01:3b:8c:9f:
41:eb:20:b5:13:8a:83:f1:77:03:c6:21:b1:53:cf:76:02:c6:
9d:57:09:88:f5:d4:a1:68:94:b7:cc:80:22:bd:d2:94:dd:ff:
04:61:b2:41:55:0a:2a:93:2e:b3:c9:ed:b5:df:c1:f2:b0:24:
c5:4f:78:e3:2f:57:8b:af:c4:14:f1:09:fb:db:fe:f3:37:c7:
11:f9:e4:df
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQoJGTUi1hE1Z6F3/AEj2AaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZhNmEyZjZlOGQxZTFmMTkxYzYzMGU1YjQ1MTk0NWMxOWRmMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfTItivFBmE3UIIEIfuuwO6OyWSw
7uEBYZb+mgA4OkLuB+EiqQEqicmnJORNki/B9BV6ov0y7xfHRU4eUCkIvLJD3Bg+
OODHcVOe/aaRFUc40cJZyuGxkjZyqmYlfAzPfb+rl+039Os2NFCZiTNG4na5gdPP
YLDSDFn6TPRBBKWFkeR46QHdw3ndvZbYZU60wHdgTmiNWtqyuTSDquKQPCr/GhMO
1xonuFHhIxLt1zNS7K52+wMwYonbaKcodzi/Tu4WfGlrNsZIfDTEvJwEZTaq9mPP
uRDMHmpiS9W0zbnH7Pw2pnhVKWtvbPmD9xBVgRiDWnR+optbN3t+XOIB4QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDj6ai9ujR4fGRxjDltFGUXBnfKDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT1BwcUwyNk5IaDhaSEdNT1cwVVpSY0dkOG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBLVpaAwQB
VBWuAwQBV3h2MAwDBAFXeHoDBABXeHwDBAFdexoDBAHBKiIwDQYJKoZIhvcNAQEL
BQADggEBAEmdN4VCnTzqd0HGAaQqu64uqdVM9JO63ZeCeXQNyQUHzmqx3IuG7Cf+
t1TSSUUGzdRkMLLVaEOe74ZdXqSL3n7VTFHC9Zz1a8YC/IiXJtxDOf80z9zqSsFt
e+eYSGXp6xd5lPLSznYDW4oVZctwM+tdCR8oCQwlNKGmJ6ZFzTC84mJ70YwPvRZS
uZWcmwiIEl220WcrfzhmYadpoP1ztiXd3nv7JPNBb/gbMEJz/IQBATuMn0HrILUT
ioPxdwPGIbFTz3YCxp1XCYj11KFolLfMgCK90pTd/wRhskFVCiqTLrPJ7bXfwfKw
JMVPeOMvV4uvxBTxCfvb/vM3xxH55N8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:33:48 2025 by rpki-client