Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/OjG2Qvm1IZL_3NVbnBtq-MUX_JI.roa
File: OjG2Qvm1IZL_3NVbnBtq-MUX_JI.roa (raw, json)
Hash identifier: pHHTNIDmQqEDfwbr+DRuk7JdPEIli2NMWp1/Ge8dUD8=
Subject key identifier: 3A:31:B6:42:F9:B5:21:92:FF:DC:D5:5B:9C:1B:6A:F8:C5:17:FC:92
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01939694BB200415AA20D9BC902E6B58EBB5
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/OjG2Qvm1IZL_3NVbnBtq-MUX_JI.roa
Signing time: Thu 05 Dec 2024 11:29:09 +0000
ROA not before: Thu 05 Dec 2024 11:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201482
IP address blocks: 81.26.156.0/24 maxlen: 24
81.26.159.0/24 maxlen: 24
84.47.132.0/24 maxlen: 24
84.47.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 15:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:94:bb:20:04:15:aa:20:d9:bc:90:2e:6b:58:eb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Dec 5 11:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a31b642f9b52192ffdcd55b9c1b6af8c517fc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:91:10:65:d7:d2:fc:58:ea:e3:b5:b9:62:b3:
41:90:40:6c:4e:0e:55:0c:11:7d:41:3a:0e:c5:b5:
af:42:ed:4a:fd:cf:a4:dd:83:ff:8d:5b:61:54:9b:
e8:e7:4b:aa:18:b5:ce:d9:5a:1a:d3:ea:57:63:5f:
ac:3b:70:aa:7c:9b:e1:da:f2:c0:83:ba:2a:7f:bb:
43:99:6e:36:92:c6:a2:3e:0c:9c:89:af:7d:4b:34:
88:7d:cd:ef:eb:74:fa:6e:f4:15:ed:f1:e9:45:be:
fc:d7:14:06:dd:e1:1b:9e:d6:fa:4a:39:0d:62:67:
a4:82:57:80:b3:33:2a:48:ac:cf:9b:54:08:11:0f:
96:54:7b:58:43:93:bc:07:cc:c1:fa:66:5b:3e:a6:
51:d8:e3:93:23:d7:19:f9:50:76:b4:e2:8b:9f:99:
ad:74:11:27:56:17:e5:56:f4:56:2d:cb:89:75:2f:
d4:7f:34:00:a7:45:b7:23:60:b9:68:ab:74:5a:7f:
86:d2:ee:77:15:a8:fe:5e:dd:a4:ed:98:81:a5:f7:
31:72:08:f4:1f:bb:da:d4:32:a0:86:d4:a3:17:a2:
75:29:4c:81:1a:ea:7e:33:dd:e5:87:8d:78:07:1d:
eb:ea:98:d5:96:49:34:72:dc:6e:29:c9:1b:3d:8c:
66:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:31:B6:42:F9:B5:21:92:FF:DC:D5:5B:9C:1B:6A:F8:C5:17:FC:92
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/OjG2Qvm1IZL_3NVbnBtq-MUX_JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.26.156.0/24
81.26.159.0/24
84.47.132.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:0c:06:21:9e:4c:3c:8a:1c:3c:4b:f1:63:97:63:99:a7:5f:
4b:43:dc:45:dc:c7:2f:14:44:09:f4:52:42:3b:04:8b:55:b0:
70:03:2e:40:1d:19:c7:b0:33:b6:79:2f:31:d4:06:e3:08:75:
82:9a:93:d9:29:5b:48:95:13:8a:dd:56:6b:7b:e4:35:09:4f:
d2:ee:3a:92:8b:26:ff:7b:b4:73:a6:12:7c:37:db:47:94:f4:
2a:a8:3f:49:01:fe:79:4e:41:c2:50:ee:fd:be:1d:72:be:56:
53:4e:43:ac:80:8c:0c:3c:28:d0:91:b3:29:58:40:33:97:70:
31:91:9c:6f:85:c7:5a:85:83:18:6c:93:9e:d3:b0:64:48:e5:
b2:c8:73:98:c1:36:21:64:87:66:2e:41:7d:bb:ee:fb:62:d4:
69:64:35:35:f8:50:a9:14:ed:33:ac:b1:db:80:d5:09:68:13:
ff:e2:c0:6a:e6:55:79:8a:39:ce:74:ee:76:65:aa:2f:69:21:
60:92:a6:8d:4f:41:bc:70:05:bc:d0:ae:a0:46:ec:7c:ee:51:
13:d7:d8:a5:17:bd:9e:ec:6f:45:3a:41:df:31:10:6b:01:40:
1a:51:d9:18:db:ba:4b:a0:22:69:02:1a:31:47:2b:f8:d7:b0:
59:06:e2:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOWlLsgBBWqINm8kC5rWOu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjQxMjA1MTEyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTMxYjY0MmY5YjUyMTkyZmZkY2Q1NWI5YzFiNmFmOGM1MTdmYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5EQZdfS/Fjq47W5YrNBkEBsTg5V
DBF9QToOxbWvQu1K/c+k3YP/jVthVJvo50uqGLXO2Voa0+pXY1+sO3CqfJvh2vLA
g7oqf7tDmW42ksaiPgycia99SzSIfc3v63T6bvQV7fHpRb781xQG3eEbntb6SjkN
YmekgleAszMqSKzPm1QIEQ+WVHtYQ5O8B8zB+mZbPqZR2OOTI9cZ+VB2tOKLn5mt
dBEnVhflVvRWLcuJdS/UfzQAp0W3I2C5aKt0Wn+G0u53Faj+Xt2k7ZiBpfcxcgj0
H7va1DKghtSjF6J1KUyBGup+M93lh414Bx3r6pjVlkk0ctxuKckbPYxmmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoxtkL5tSGS/9zVW5wbavjFF/ySMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvT2pHMlF2bTFJWkxfM05WYm5CdHEtTVVYX0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURqcAwQA
URqfAwQBVC+EMA0GCSqGSIb3DQEBCwUAA4IBAQCgDAYhnkw8ihw8S/Fjl2OZp19L
Q9xF3McvFEQJ9FJCOwSLVbBwAy5AHRnHsDO2eS8x1AbjCHWCmpPZKVtIlROK3VZr
e+Q1CU/S7jqSiyb/e7RzphJ8N9tHlPQqqD9JAf55TkHCUO79vh1yvlZTTkOsgIwM
PCjQkbMpWEAzl3AxkZxvhcdahYMYbJOe07BkSOWyyHOYwTYhZIdmLkF9u+77YtRp
ZDU1+FCpFO0zrLHbgNUJaBP/4sBq5lV5ijnOdO52ZaovaSFgkqaNT0G8cAW80K6g
Rux87lET19ilF72e7G9FOkHfMRBrAUAaUdkY27pLoCJpAhoxRyv417BZBuJ5
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:31:36 2025 by rpki-client