Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/oosNVQLwAqIVfmWTy8jULh11rQs.roa
File: oosNVQLwAqIVfmWTy8jULh11rQs.roa (raw, json)
Hash identifier: wFWcOmXZYyb0gjl3mXkq/zqvTZ9yI8lxvmOPx+6QnP4=
Subject key identifier: A2:8B:0D:55:02:F0:02:A2:15:7E:65:93:CB:C8:D4:2E:1D:75:AD:0B
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 018CC64B3D59D9ECD4D6A58D747EB7402080
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/oosNVQLwAqIVfmWTy8jULh11rQs.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5486
IP address blocks: 81.5.0.0/21 maxlen: 21
81.5.16.0/21 maxlen: 21
2001:40a8:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3d:59:d9:ec:d4:d6:a5:8d:74:7e:b7:40:20:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a28b0d5502f002a2157e6593cbc8d42e1d75ad0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2a:d8:f8:fe:9e:e5:55:2d:54:03:65:a1:80:
c4:6a:e7:83:73:35:22:98:a3:91:5d:d9:77:8e:7b:
0e:36:ed:e5:cf:fa:9e:80:be:dd:5f:f7:d4:7c:9e:
b1:2a:3e:7b:9f:e0:33:5e:fb:00:0c:55:f4:92:26:
ef:d5:fa:0a:36:4c:96:2d:52:50:9f:97:79:dc:4c:
f2:c8:8c:ef:db:2d:4d:47:a1:19:13:b7:d6:b8:52:
e1:b1:a2:8e:73:be:41:0a:50:e3:9e:d5:b3:ab:08:
08:62:3d:e2:d9:4c:d1:c5:6d:d8:1b:f2:c6:73:10:
05:0e:f4:44:f3:62:a3:0c:0a:cb:8f:a1:9b:87:f8:
29:85:20:7a:24:8d:34:9b:f5:7f:72:17:a0:93:95:
b1:c5:ad:43:d5:77:3a:03:ec:28:cd:4b:d1:c8:5b:
ec:52:4b:26:5a:da:33:b9:a1:47:dd:70:b6:c3:3e:
a1:a5:71:6d:43:24:8d:2c:69:58:16:d1:53:24:d6:
0c:a1:d5:43:2d:a2:bb:12:04:0a:ca:1b:6f:38:ab:
4c:12:21:ea:74:c0:72:95:0b:96:5e:84:1c:f0:be:
97:48:07:14:6c:2b:96:39:d6:b5:fa:55:b9:f0:e6:
c1:27:d5:6c:8e:0a:e6:3f:92:54:72:88:39:cd:5d:
56:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8B:0D:55:02:F0:02:A2:15:7E:65:93:CB:C8:D4:2E:1D:75:AD:0B
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/oosNVQLwAqIVfmWTy8jULh11rQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.0.0/21
81.5.16.0/21
IPv6:
2001:40a8:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:2d:18:fa:65:14:02:c7:4d:c7:d5:ab:3a:b6:6f:ee:6c:59:
c6:07:59:3f:f9:6a:9f:6d:89:91:1e:b0:7e:d0:21:ef:d7:d2:
c8:87:79:61:04:28:f4:56:93:1e:71:64:bb:8a:4c:cc:05:93:
51:b4:86:53:85:2b:99:60:89:b1:e6:17:8a:7c:3b:f9:1e:48:
77:41:17:73:9b:09:bf:60:93:81:a5:3f:2e:9b:22:91:3b:ae:
3a:77:1b:17:1b:34:eb:b5:75:dc:49:35:49:35:6c:08:d7:9f:
13:9f:2e:62:69:d6:b8:05:8e:54:19:eb:b0:68:42:b4:08:9e:
dd:22:0b:e8:bd:70:25:94:59:e6:3c:cf:09:84:d7:b7:98:68:
ed:15:da:0b:45:47:55:38:5d:db:6d:91:d3:95:25:4a:70:4f:
79:85:fb:f6:75:dc:ae:19:ab:bc:2e:6b:15:18:e0:dc:9f:23:
da:e5:53:5d:7f:fc:50:06:bb:b4:21:34:09:22:e7:7a:57:c8:
44:3f:79:1f:03:db:18:db:ba:e2:f5:35:ff:0a:37:ef:5e:3a:
4c:81:da:53:1e:4f:74:1f:6a:3e:79:8e:0f:ed:57:3e:68:b1:
fc:6a:be:ed:ff:02:00:eb:22:e3:ab:8c:08:5d:ab:30:f1:e8:
f6:01:63:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGSz1Z2ezU1qWNdH63QCCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjhiMGQ1NTAyZjAwMmEyMTU3ZTY1OTNjYmM4ZDQyZTFkNzVhZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhirY+P6e5VUtVANloYDEaueDczUi
mKORXdl3jnsONu3lz/qegL7dX/fUfJ6xKj57n+AzXvsADFX0kibv1foKNkyWLVJQ
n5d53EzyyIzv2y1NR6EZE7fWuFLhsaKOc75BClDjntWzqwgIYj3i2UzRxW3YG/LG
cxAFDvRE82KjDArLj6Gbh/gphSB6JI00m/V/chegk5Wxxa1D1Xc6A+wozUvRyFvs
UksmWtozuaFH3XC2wz6hpXFtQySNLGlYFtFTJNYModVDLaK7EgQKyhtvOKtMEiHq
dMBylQuWXoQc8L6XSAcUbCuWOda1+lW58ObBJ9VsjgrmP5JUcog5zV1W0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKKLDVUC8AKiFX5lk8vI1C4dda0LMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL29vc05WUUx3QXFJVmZtV1R5OGpVTGgxMXJRcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBANRBQAD
BANRBRAwDgQCAAIwCAMGACABQKggMA0GCSqGSIb3DQEBCwUAA4IBAQB/LRj6ZRQC
x03H1as6tm/ubFnGB1k/+WqfbYmRHrB+0CHv19LIh3lhBCj0VpMecWS7ikzMBZNR
tIZThSuZYImx5heKfDv5Hkh3QRdzmwm/YJOBpT8umyKRO646dxsXGzTrtXXcSTVJ
NWwI158Tny5iada4BY5UGeuwaEK0CJ7dIgvovXAllFnmPM8JhNe3mGjtFdoLRUdV
OF3bbZHTlSVKcE95hfv2ddyuGau8LmsVGODcnyPa5VNdf/xQBru0ITQJIud6V8hE
P3kfA9sY27ri9TX/CjfvXjpMgdpTHk90H2o+eY4P7Vc+aLH8ar7t/wIA6yLjq4wI
Xasw8ej2AWPb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:45 2025 by rpki-client