Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/OoMjuZoFa1nqGHB9RD9I7nxzMpg.roa
File: OoMjuZoFa1nqGHB9RD9I7nxzMpg.roa (raw, json)
Hash identifier: iUdtNjbE9JNs4GQbpDxWxXX//bh5zh76/Boo2vnKYJI=
Subject key identifier: 3A:83:23:B9:9A:05:6B:59:EA:18:70:7D:44:3F:48:EE:7C:73:32:98
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 018EEC364F8D20F32D8B9021B075EA7BE291
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/OoMjuZoFa1nqGHB9RD9I7nxzMpg.roa
Signing time: Wed 17 Apr 2024 13:19:26 +0000
ROA not before: Wed 17 Apr 2024 13:19:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8814
IP address blocks: 194.135.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 11:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:36:4f:8d:20:f3:2d:8b:90:21:b0:75:ea:7b:e2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Apr 17 13:19:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a8323b99a056b59ea18707d443f48ee7c733298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b9:b4:48:34:0d:c1:80:e5:fd:56:e9:2d:9b:
3a:cb:40:c3:bc:04:63:97:ca:82:53:1f:1f:af:d5:
fb:64:22:e2:1b:e8:b6:ed:c0:d3:be:d1:0e:8e:f7:
7d:0a:76:47:d0:ca:c0:3c:5f:e2:d5:31:11:55:e4:
35:06:11:3a:9c:db:b5:fa:03:c6:75:7b:b1:b5:c5:
96:4c:06:d0:b0:72:fd:a5:ab:f5:e6:eb:e0:dd:da:
04:33:c0:77:ee:ec:d2:91:86:c3:d5:33:68:7a:07:
f6:53:c8:d3:2a:50:c9:9c:d8:1a:6b:51:c4:6d:08:
01:3f:dd:05:9a:88:3a:99:fe:97:ad:b7:ac:30:ca:
2e:f4:eb:d2:5f:e4:af:59:87:cd:97:79:e5:56:c1:
88:55:2b:a8:89:29:58:3c:af:37:6f:7b:e0:39:28:
4b:26:e7:93:a0:9b:46:b2:b6:bd:0a:9a:2b:17:a8:
d8:e2:56:eb:bf:22:3c:4d:c1:a0:e3:6c:82:fa:85:
16:58:6f:c6:5b:be:9c:2f:7a:8f:c5:1f:0f:7e:ae:
2e:0e:4a:95:f7:b7:3d:a3:a5:32:18:a3:54:fc:25:
87:ad:08:d3:1b:57:0c:82:85:2f:98:14:ff:08:a8:
a3:55:f9:39:a4:80:a4:e6:98:47:ac:0e:b9:fe:34:
d0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:83:23:B9:9A:05:6B:59:EA:18:70:7D:44:3F:48:EE:7C:73:32:98
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/OoMjuZoFa1nqGHB9RD9I7nxzMpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.152.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:28:ab:aa:c7:3d:6a:b3:c2:98:5c:d1:1b:e6:2c:24:66:4f:
d9:2d:b0:96:8d:6a:dc:31:8c:35:f8:74:c0:ef:11:0f:37:56:
0b:97:64:bb:17:59:fa:c3:9b:af:c0:d5:cb:ea:bd:be:56:e1:
32:66:cd:9f:07:f2:99:67:b4:09:ed:44:1f:76:3e:49:63:57:
81:b8:a4:b1:55:da:9e:26:bb:50:c2:d1:d5:a4:bb:9c:06:b2:
ec:6e:2b:46:88:ca:d1:73:b6:c1:17:3d:99:ba:04:00:f7:75:
0b:44:e3:be:fe:5a:c3:8a:38:73:cc:02:5b:e3:4c:ed:9f:95:
e4:ac:1f:94:a1:f5:14:1e:a8:31:6e:f9:4b:0a:50:ac:53:dd:
a3:0b:a8:02:fe:bf:75:3f:72:86:32:8b:a8:92:eb:9c:e1:8f:
aa:5a:15:55:13:60:65:2e:a0:fa:46:78:24:c0:19:27:e5:18:
ea:ad:00:0f:54:b3:dc:43:8e:01:3d:a1:82:c4:18:df:fa:b7:
53:f9:82:0c:cb:3a:1c:48:c3:fa:31:38:9b:22:21:44:d1:56:
a7:b7:28:0c:85:72:26:8a:2b:b7:ed:0f:87:c1:38:f7:5f:7d:
a3:8e:af:c9:d8:97:cf:b6:75:65:dd:e4:27:61:92:cf:2e:ee:
82:92:03:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7sNk+NIPMti5AhsHXqe+KRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjQwNDE3MTMxOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgzMjNiOTlhMDU2YjU5ZWExODcwN2Q0NDNmNDhlZTdjNzMzMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLm0SDQNwYDl/VbpLZs6y0DDvARj
l8qCUx8fr9X7ZCLiG+i27cDTvtEOjvd9CnZH0MrAPF/i1TERVeQ1BhE6nNu1+gPG
dXuxtcWWTAbQsHL9pav15uvg3doEM8B37uzSkYbD1TNoegf2U8jTKlDJnNgaa1HE
bQgBP90Fmog6mf6XrbesMMou9OvSX+SvWYfNl3nlVsGIVSuoiSlYPK83b3vgOShL
JueToJtGsra9CporF6jY4lbrvyI8TcGg42yC+oUWWG/GW76cL3qPxR8Pfq4uDkqV
97c9o6UyGKNU/CWHrQjTG1cMgoUvmBT/CKijVfk5pICk5phHrA65/jTQ/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqDI7maBWtZ6hhwfUQ/SO58czKYMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvT29NanVab0ZhMW5xR0hCOVJEOUk3bnh6TXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwoeYMA0G
CSqGSIb3DQEBCwUAA4IBAQCKKKuqxz1qs8KYXNEb5iwkZk/ZLbCWjWrcMYw1+HTA
7xEPN1YLl2S7F1n6w5uvwNXL6r2+VuEyZs2fB/KZZ7QJ7UQfdj5JY1eBuKSxVdqe
JrtQwtHVpLucBrLsbitGiMrRc7bBFz2ZugQA93ULROO+/lrDijhzzAJb40ztn5Xk
rB+UofUUHqgxbvlLClCsU92jC6gC/r91P3KGMouokuuc4Y+qWhVVE2BlLqD6Rngk
wBkn5RjqrQAPVLPcQ44BPaGCxBjf+rdT+YIMyzocSMP6MTibIiFE0VantygMhXIm
iiu37Q+HwTj3X32jjq/J2JfPtnVl3eQnYZLPLu6CkgN9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:10 2025 by rpki-client