Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/O0FaQjCRQ0JIK5OOQar3mtWT8MA.roa
File: O0FaQjCRQ0JIK5OOQar3mtWT8MA.roa (raw, json)
Hash identifier: 54YmmN1D7Hg2VdkdbKMfGbX1y+vNrZ2lhYDbBxjjQUU=
Subject key identifier: 3B:41:5A:42:30:91:43:42:48:2B:93:8E:41:AA:F7:9A:D5:93:F0:C0
Certificate issuer: /CN=042ac382689687b60fce5ce9db887b21d68a6abc
Certificate serial: 018CC9BC6D21201BEFDCC3479DF33F9A18AF
Authority key identifier: 04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/O0FaQjCRQ0JIK5OOQar3mtWT8MA.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 185.226.92.0/24 maxlen: 24
185.226.95.0/24 maxlen: 24
185.226.94.0/24 maxlen: 24
185.226.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6d:21:20:1b:ef:dc:c3:47:9d:f3:3f:9a:18:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042ac382689687b60fce5ce9db887b21d68a6abc
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b415a4230914342482b938e41aaf79ad593f0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:e2:fe:b1:4a:d3:72:59:6d:a0:2c:5e:d1:
ea:ee:f2:5a:3a:28:c2:9e:1d:3d:e9:32:0b:bc:11:
52:12:11:60:24:81:32:e7:aa:3d:6a:d4:a0:ce:fd:
51:30:52:e0:58:ed:f9:29:43:f6:89:1c:ff:f8:8c:
49:ff:3a:f2:2f:01:bb:4f:d5:0a:e4:55:38:89:fb:
1c:b7:61:88:b3:1e:57:c5:80:f6:85:37:f9:3b:8a:
71:e2:7c:69:a8:93:e8:88:c0:0f:d7:c3:19:38:76:
ac:b8:3d:91:d6:eb:58:4c:ca:7e:3f:33:c3:70:04:
25:4d:bd:8a:99:01:f7:91:a3:e9:df:e8:30:8c:9a:
9a:69:48:08:6b:79:35:2c:d7:8d:d3:6d:27:f3:4a:
d4:48:07:b1:90:78:2c:40:14:68:f2:79:28:90:7e:
c3:97:3e:dc:e3:cb:4f:40:af:19:ec:84:7a:bd:34:
11:04:38:86:32:5b:15:36:7c:43:60:cf:8b:dd:bb:
a8:96:76:a0:7c:fb:e9:0b:39:1b:49:6e:3a:45:97:
c4:7c:53:c0:3b:d0:a2:1f:9e:ea:6a:11:0b:eb:4e:
fc:93:fa:ce:1d:2d:ad:4d:81:b7:ba:9f:80:1d:7b:
8c:0c:8a:35:ba:7d:59:13:4f:26:00:4d:3c:ce:41:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:41:5A:42:30:91:43:42:48:2B:93:8E:41:AA:F7:9A:D5:93:F0:C0
X509v3 Authority Key Identifier:
keyid:04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/O0FaQjCRQ0JIK5OOQar3mtWT8MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.92.0/22
Signature Algorithm: sha256WithRSAEncryption
10:12:dd:11:f9:47:6c:a6:d8:4c:b2:b5:33:cc:6e:6a:96:a5:
59:e5:22:2b:83:41:e3:b9:dd:8e:3b:01:ff:94:9f:10:f9:13:
56:5f:fa:d2:a1:23:f3:1d:76:9d:72:41:b4:62:e2:be:4d:7e:
5a:ca:91:ec:45:53:ee:79:f3:9d:63:71:65:35:8b:61:cf:fa:
96:94:8c:d4:a1:ac:38:7e:a2:c7:12:4b:e0:6d:e8:a0:c8:d9:
09:1c:25:69:90:53:f0:3a:b5:86:c9:9a:96:55:ae:f7:54:99:
2b:a0:20:0f:8e:8c:ae:26:97:12:3c:dd:c8:dc:11:33:b3:66:
70:0d:ba:ad:e9:8b:2f:90:f0:e5:fe:9d:ae:b4:f9:ba:1a:1c:
4b:f4:f3:49:97:d6:ad:01:d5:6e:61:2f:31:f6:33:96:2e:b2:
57:c4:68:01:b2:fa:76:8a:11:39:ed:7c:93:73:8f:cb:b2:2e:
f8:45:b6:b4:71:45:a2:3c:46:ca:e3:6e:95:42:89:bf:32:37:
f3:11:33:87:63:a4:ff:bf:45:aa:d0:29:fc:5d:ad:e9:9b:e9:
f4:cd:c7:77:c4:da:5f:be:b4:e5:93:bd:07:15:eb:38:bc:e2:
28:e3:00:4a:0f:e4:65:9f:38:7b:f5:3a:1c:69:36:86:f8:f5:
7c:b0:92:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvG0hIBvv3MNHnfM/mhivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmFjMzgyNjg5Njg3YjYwZmNlNWNlOWRiODg3YjIxZDY4
YTZhYmMwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQxNWE0MjMwOTE0MzQyNDgyYjkzOGU0MWFhZjc5YWQ1OTNmMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdji/rFK03JZbaAsXtHq7vJaOijC
nh096TILvBFSEhFgJIEy56o9atSgzv1RMFLgWO35KUP2iRz/+IxJ/zryLwG7T9UK
5FU4ifsct2GIsx5XxYD2hTf5O4px4nxpqJPoiMAP18MZOHasuD2R1utYTMp+PzPD
cAQlTb2KmQH3kaPp3+gwjJqaaUgIa3k1LNeN020n80rUSAexkHgsQBRo8nkokH7D
lz7c48tPQK8Z7IR6vTQRBDiGMlsVNnxDYM+L3buolnagfPvpCzkbSW46RZfEfFPA
O9CiH57qahEL6078k/rOHS2tTYG3up+AHXuMDIo1un1ZE08mAE08zkEBDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtBWkIwkUNCSCuTjkGq95rVk/DAMB8GA1UdIwQY
MBaAFAQqw4Joloe2D85c6duIeyHWimq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUt
NzBiYzY2ODkzZTVjLzEvTzBGYVFqQ1JRMEpJSzVPT1FhcjNtdFdUOE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUtNzBiYzY2ODkzZTVj
LzEvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueJcMA0G
CSqGSIb3DQEBCwUAA4IBAQAQEt0R+UdspthMsrUzzG5qlqVZ5SIrg0Hjud2OOwH/
lJ8Q+RNWX/rSoSPzHXadckG0YuK+TX5aypHsRVPuefOdY3FlNYthz/qWlIzUoaw4
fqLHEkvgbeigyNkJHCVpkFPwOrWGyZqWVa73VJkroCAPjoyuJpcSPN3I3BEzs2Zw
Dbqt6YsvkPDl/p2utPm6GhxL9PNJl9atAdVuYS8x9jOWLrJXxGgBsvp2ihE57XyT
c4/Lsi74Rba0cUWiPEbK426VQom/MjfzETOHY6T/v0Wq0Cn8Xa3pm+n0zcd3xNpf
vrTlk70HFes4vOIo4wBKD+Rlnzh79TocaTaG+PV8sJKO
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:59:03 2025 by rpki-client