Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/ONn43CPUE4oj0C6QZmdmC2IbcY4.roa
File: ONn43CPUE4oj0C6QZmdmC2IbcY4.roa (raw, json)
Hash identifier: xDuxR1xSims4Rxste6sU+a/zoLsXwm+UwoEIOCSvwag=
Subject key identifier: 38:D9:F8:DC:23:D4:13:8A:23:D0:2E:90:66:67:66:0B:62:1B:71:8E
Certificate issuer: /CN=8f38f859e5e67662ae09990f384fa86c932710ab
Certificate serial: 01905818308E0E2F97011863AD8FD33DC3B3
Authority key identifier: 8F:38:F8:59:E5:E6:76:62:AE:09:99:0F:38:4F:A8:6C:93:27:10:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzj4WeXmdmKuCZkPOE-obJMnEKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/ONn43CPUE4oj0C6QZmdmC2IbcY4.roa
Signing time: Thu 27 Jun 2024 05:08:18 +0000
ROA not before: Thu 27 Jun 2024 05:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204907
IP address blocks: 185.33.156.0/24 maxlen: 24
185.33.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:18:30:8e:0e:2f:97:01:18:63:ad:8f:d3:3d:c3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f38f859e5e67662ae09990f384fa86c932710ab
Validity
Not Before: Jun 27 05:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38d9f8dc23d4138a23d02e906667660b621b718e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:10:cb:cb:46:6d:a6:33:95:d7:3a:e4:8f:
6e:53:b2:73:c4:26:72:be:5d:20:02:8c:ba:df:80:
76:c1:06:41:d3:4b:ad:fd:6f:a3:a0:2f:3e:24:54:
97:8a:ad:a7:16:ce:01:06:a7:78:dc:3b:5a:dd:48:
9b:2d:7a:25:8c:b2:42:0c:fc:f2:54:c0:15:74:f4:
7b:29:44:03:5f:bb:80:5f:d8:e8:1b:67:8a:44:6b:
9c:c2:f9:b5:62:c2:fe:4a:69:8a:74:47:09:2b:e3:
6f:89:28:25:df:86:2a:ee:25:67:65:09:83:75:5e:
66:0c:05:1c:18:80:73:1b:3b:35:ae:a6:c4:96:37:
6c:2b:b1:c0:df:29:fa:67:bf:b6:27:47:7d:4e:40:
a3:0d:60:f5:c9:b6:33:f1:f8:5a:75:6f:50:78:96:
5d:94:98:f3:cd:f7:e2:a4:ef:e6:b8:75:7d:12:df:
13:e0:ca:bd:6a:ac:ab:3a:ca:90:34:20:e1:c2:e9:
c5:53:80:07:34:24:65:90:2e:ba:dc:54:ef:c0:9b:
e7:8e:9b:d9:83:05:91:41:0b:78:b8:af:00:d5:53:
ef:f4:70:76:26:c0:45:81:e5:93:69:9b:75:5f:cb:
ad:9d:55:ae:b0:18:3b:5e:0e:63:6d:78:ae:19:40:
46:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D9:F8:DC:23:D4:13:8A:23:D0:2E:90:66:67:66:0B:62:1B:71:8E
X509v3 Authority Key Identifier:
keyid:8F:38:F8:59:E5:E6:76:62:AE:09:99:0F:38:4F:A8:6C:93:27:10:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzj4WeXmdmKuCZkPOE-obJMnEKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/ONn43CPUE4oj0C6QZmdmC2IbcY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1ca47c-b087-46ef-a051-ab0bc52a1883/1/jzj4WeXmdmKuCZkPOE-obJMnEKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.156.0/24
185.33.158.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:89:17:f1:aa:ca:04:fe:53:b5:d0:08:0e:d3:c1:e3:6d:fc:
28:49:1b:7d:58:b1:d8:c3:af:fd:47:f3:74:47:fb:97:81:27:
44:61:67:95:2d:34:56:86:80:7b:a7:0e:49:72:4f:f5:94:2e:
c7:c5:31:07:5c:fe:36:4b:2e:b2:17:0b:2f:36:65:ea:86:71:
5d:18:24:8e:fd:cd:8f:34:aa:ef:11:76:8a:40:a7:25:cd:89:
00:d5:0e:8a:9d:b5:d3:79:b3:f2:c4:52:3c:3c:2d:79:21:75:
0a:af:0f:3a:3f:b8:a2:c4:8a:64:90:6b:e7:db:9b:d2:94:ac:
0b:1d:f6:62:52:8e:00:3b:f8:a6:24:40:f2:72:b5:8a:0a:da:
67:08:51:d0:e6:a4:84:ea:18:3c:0f:1f:34:1f:90:a3:28:3c:
1b:33:cd:39:13:1e:3e:8c:c7:ab:62:18:76:16:35:17:54:e7:
65:90:db:bc:3b:53:c5:96:79:b8:a8:38:da:d6:c3:9f:ff:1a:
34:d3:14:f2:58:8f:d5:96:b7:ad:a8:68:df:88:f0:b5:4d:60:
87:ad:c5:67:31:dd:1f:f7:6b:17:9f:9d:f3:b9:22:e3:2e:47:
57:63:fe:74:e2:a4:33:9d:ec:66:6f:48:ca:4a:66:4c:f6:a1:
59:45:0d:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBYGDCODi+XARhjrY/TPcOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzhmODU5ZTVlNjc2NjJhZTA5OTkwZjM4NGZhODZjOTMy
NzEwYWIwHhcNMjQwNjI3MDUwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ5ZjhkYzIzZDQxMzhhMjNkMDJlOTA2NjY3NjYwYjYyMWI3MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLEQy8tGbaYzldc65I9uU7JzxCZy
vl0gAoy634B2wQZB00ut/W+joC8+JFSXiq2nFs4BBqd43Dta3UibLXoljLJCDPzy
VMAVdPR7KUQDX7uAX9joG2eKRGucwvm1YsL+SmmKdEcJK+NviSgl34Yq7iVnZQmD
dV5mDAUcGIBzGzs1rqbEljdsK7HA3yn6Z7+2J0d9TkCjDWD1ybYz8fhadW9QeJZd
lJjzzffipO/muHV9Et8T4Mq9aqyrOsqQNCDhwunFU4AHNCRlkC663FTvwJvnjpvZ
gwWRQQt4uK8A1VPv9HB2JsBFgeWTaZt1X8utnVWusBg7Xg5jbXiuGUBGIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDjZ+Nwj1BOKI9AukGZnZgtiG3GOMB8GA1UdIwQY
MBaAFI84+Fnl5nZirgmZDzhPqGyTJxCrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpqNFdlWG1kbUt1Q1prUE9FLW9iSk1uRUtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8xY2E0N2MtYjA4Ny00NmVmLWEwNTEt
YWIwYmM1MmExODgzLzEvT05uNDNDUFVFNG9qMEM2UVptZG1DMkliY1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8xY2E0N2MtYjA4Ny00NmVmLWEwNTEtYWIwYmM1MmExODgz
LzEvanpqNFdlWG1kbUt1Q1prUE9FLW9iSk1uRUtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSGcAwQA
uSGeMA0GCSqGSIb3DQEBCwUAA4IBAQAtiRfxqsoE/lO10AgO08HjbfwoSRt9WLHY
w6/9R/N0R/uXgSdEYWeVLTRWhoB7pw5Jck/1lC7HxTEHXP42Sy6yFwsvNmXqhnFd
GCSO/c2PNKrvEXaKQKclzYkA1Q6KnbXTebPyxFI8PC15IXUKrw86P7iixIpkkGvn
25vSlKwLHfZiUo4AO/imJEDycrWKCtpnCFHQ5qSE6hg8Dx80H5CjKDwbM805Ex4+
jMerYhh2FjUXVOdlkNu8O1PFlnm4qDja1sOf/xo00xTyWI/VlretqGjfiPC1TWCH
rcVnMd0f92sXn53zuSLjLkdXY/504qQznexmb0jKSmZM9qFZRQ2y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client