Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmKSYFqKd7DKe-KGvLDJBw8zPNQ.roa
File: OmKSYFqKd7DKe-KGvLDJBw8zPNQ.roa (raw, json)
Hash identifier: /5Nglo+7bi/DYkAkTWCnK4CCAXmdTB7HVO7EYR/lUmA=
Subject key identifier: 3A:62:92:60:5A:8A:77:B0:CA:7B:E2:86:BC:B0:C9:07:0F:33:3C:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01955B194FF33444F9C9C386A245F471DEB4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmKSYFqKd7DKe-KGvLDJBw8zPNQ.roa
Signing time: Mon 03 Mar 2025 08:22:20 +0000
ROA not before: Mon 03 Mar 2025 08:22:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47436
IP address blocks: 93.123.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 13:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:19:4f:f3:34:44:f9:c9:c3:86:a2:45:f4:71:de:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 3 08:22:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a6292605a8a77b0ca7be286bcb0c9070f333cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:17:93:9f:95:cc:46:fb:b3:ef:97:b7:8c:e1:
57:46:e3:d3:13:c7:8c:5a:95:e1:dc:ad:ab:df:f2:
6d:fa:35:9b:f7:24:3e:d0:04:30:83:e8:a2:64:85:
58:7b:c0:d2:f5:a6:1a:0f:4a:94:a9:1c:17:cc:43:
d3:3d:56:5c:c8:42:d4:eb:ea:e9:71:47:53:be:36:
16:0d:ad:0c:48:82:1d:64:ee:c5:1a:8e:e8:eb:8c:
6d:ea:b9:9f:d5:cb:2b:a2:56:cb:0a:57:28:ba:aa:
85:3f:37:df:cb:8f:fd:63:3d:24:62:c4:21:35:02:
55:0a:91:c6:26:af:04:a3:f5:af:b3:c7:d0:55:56:
5a:e1:74:51:eb:16:a6:40:e9:90:89:a0:b4:e3:39:
91:e2:d0:67:86:59:63:d7:d8:75:fb:9c:e4:20:18:
54:69:37:96:d8:0e:6c:99:0e:27:6f:6f:c0:88:c0:
c7:1c:0f:d0:49:b4:c1:28:0d:53:c7:3a:89:5d:3c:
93:2b:1e:e8:3c:3e:2d:25:99:72:51:4e:b3:da:69:
15:9e:a9:aa:50:22:94:c4:0d:a8:05:b9:97:4c:a2:
c1:7b:ff:9c:49:26:38:95:8a:15:da:c8:8a:dc:27:
79:bb:20:1e:40:d9:75:72:00:42:c3:e5:94:54:16:
56:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:62:92:60:5A:8A:77:B0:CA:7B:E2:86:BC:B0:C9:07:0F:33:3C:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmKSYFqKd7DKe-KGvLDJBw8zPNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.24.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:82:8a:b3:8a:36:4c:fa:ef:77:72:62:49:3f:9d:42:e2:c2:
86:48:c3:86:18:5d:f5:a7:b4:53:7d:2f:60:92:ea:47:57:f2:
1b:ab:84:f3:fc:3c:b0:5d:15:e3:c8:b1:f4:b0:e2:92:c8:11:
55:e2:ac:4b:24:5e:95:1c:ca:be:f6:a2:3c:6e:a3:8c:52:cf:
94:e3:fd:8c:df:e5:18:4b:39:93:89:42:a7:07:6b:df:0b:24:
64:03:a9:01:41:24:1d:d8:77:a6:3f:00:3a:a2:be:93:d1:2a:
06:7f:f8:ec:9b:b6:95:83:bb:4c:45:a5:51:20:1b:15:76:b3:
be:70:bb:16:50:50:f6:a0:24:b8:9d:df:02:f0:ab:4d:05:90:
51:b7:04:5a:63:8b:da:3c:ee:1d:aa:94:80:18:d0:05:e6:09:
c9:f0:34:f9:92:b5:79:cf:4e:96:20:85:07:2e:ec:2d:60:4c:
50:50:f5:87:fa:20:64:80:96:0e:1e:45:e0:d6:ea:23:44:84:
39:90:c5:80:bf:20:e3:c7:91:0f:25:78:5b:94:c8:e7:30:c2:
02:c4:44:d7:85:e2:67:7f:0b:3e:91:c9:6f:72:56:c0:bb:ca:
6f:f8:55:7a:00:53:1d:37:15:a4:ba:db:e4:91:a6:02:d4:86:
f5:56:c0:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVbGU/zNET5ycOGokX0cd60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzAzMDgyMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYyOTI2MDVhOGE3N2IwY2E3YmUyODZiY2IwYzkwNzBmMzMzY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsReTn5XMRvuz75e3jOFXRuPTE8eM
WpXh3K2r3/Jt+jWb9yQ+0AQwg+iiZIVYe8DS9aYaD0qUqRwXzEPTPVZcyELU6+rp
cUdTvjYWDa0MSIIdZO7FGo7o64xt6rmf1csrolbLClcouqqFPzffy4/9Yz0kYsQh
NQJVCpHGJq8Eo/Wvs8fQVVZa4XRR6xamQOmQiaC04zmR4tBnhllj19h1+5zkIBhU
aTeW2A5smQ4nb2/AiMDHHA/QSbTBKA1TxzqJXTyTKx7oPD4tJZlyUU6z2mkVnqmq
UCKUxA2oBbmXTKLBe/+cSSY4lYoV2siK3Cd5uyAeQNl1cgBCw+WUVBZWVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpikmBainewynvihrywyQcPMzzUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT21LU1lGcUtkN0RLZS1LR3ZMREpCdzh6UE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXsYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbgoqzijZM+u93cmJJP51C4sKGSMOGGF31p7RTfS9g
kupHV/Ibq4Tz/DywXRXjyLH0sOKSyBFV4qxLJF6VHMq+9qI8bqOMUs+U4/2M3+UY
SzmTiUKnB2vfCyRkA6kBQSQd2HemPwA6or6T0SoGf/jsm7aVg7tMRaVRIBsVdrO+
cLsWUFD2oCS4nd8C8KtNBZBRtwRaY4vaPO4dqpSAGNAF5gnJ8DT5krV5z06WIIUH
LuwtYExQUPWH+iBkgJYOHkXg1uojRIQ5kMWAvyDjx5EPJXhblMjnMMICxETXheJn
fws+kclvclbAu8pv+FV6AFMdNxWkutvkkaYC1Ib1VsDh
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:28:41 2025 by rpki-client