Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/OpaVChLUpaPmQ2PSAnplBT-wMhU.roa
File: OpaVChLUpaPmQ2PSAnplBT-wMhU.roa (raw, json)
Hash identifier: dgAl0TaPn4ycz4alsTeGLNNI1nUlp2iVOKrBrFLnu6w=
Subject key identifier: 3A:96:95:0A:12:D4:A5:A3:E6:43:63:D2:02:7A:65:05:3F:B0:32:15
Certificate issuer: /CN=3ebc9e51baab3c3e6ab699fcb443f007f546c3fb
Certificate serial: 019427B605750050934E59EDC231FE5FBC4A
Authority key identifier: 3E:BC:9E:51:BA:AB:3C:3E:6A:B6:99:FC:B4:43:F0:07:F5:46:C3:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PryeUbqrPD5qtpn8tEPwB_VGw_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/OpaVChLUpaPmQ2PSAnplBT-wMhU.roa
Signing time: Thu 02 Jan 2025 15:50:27 +0000
ROA not before: Thu 02 Jan 2025 15:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1161
IP address blocks: 131.155.0.0/16 maxlen: 16
192.31.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:05:75:00:50:93:4e:59:ed:c2:31:fe:5f:bc:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebc9e51baab3c3e6ab699fcb443f007f546c3fb
Validity
Not Before: Jan 2 15:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a96950a12d4a5a3e64363d2027a65053fb03215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:21:01:74:0b:0c:48:6d:5f:93:38:cf:ca:
e6:d2:0e:71:72:c0:48:ea:5b:f9:a2:fe:af:f6:f3:
9a:1d:51:fe:83:a3:77:4b:a8:4d:5b:b6:75:03:a7:
54:21:02:1a:32:13:f6:a5:ab:48:93:15:2c:85:75:
7b:53:af:22:4e:f5:33:cc:64:f7:73:36:62:ae:4b:
88:d6:1e:be:d3:a2:51:29:df:bc:a4:71:49:ef:5c:
77:5e:db:a4:73:46:72:9d:e2:49:01:81:22:5a:e5:
0f:b5:01:06:2e:46:3e:6c:78:75:d4:4f:fb:98:d1:
11:e0:32:6e:d8:1d:33:90:0d:be:6a:1d:b1:2c:27:
71:db:41:a6:65:9b:01:a7:3d:23:63:a4:bf:64:92:
88:de:7f:df:7a:71:65:11:46:68:c2:13:58:87:5d:
d1:9f:02:95:ec:9f:0f:00:cc:1a:e4:e1:b4:61:0b:
ce:2b:6f:70:64:17:fa:43:23:c1:be:23:90:36:9b:
59:67:34:44:37:c7:1a:a7:5b:8c:07:c5:0f:25:d2:
db:b8:96:e0:f7:b9:b0:95:42:a2:27:be:68:dc:b7:
cc:0e:12:b5:76:9d:ab:b4:0b:d1:ed:4d:d5:91:57:
36:7d:d7:39:c1:d4:33:34:fc:30:a9:d3:67:81:7c:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:95:0A:12:D4:A5:A3:E6:43:63:D2:02:7A:65:05:3F:B0:32:15
X509v3 Authority Key Identifier:
keyid:3E:BC:9E:51:BA:AB:3C:3E:6A:B6:99:FC:B4:43:F0:07:F5:46:C3:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PryeUbqrPD5qtpn8tEPwB_VGw_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/OpaVChLUpaPmQ2PSAnplBT-wMhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/PryeUbqrPD5qtpn8tEPwB_VGw_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.155.0.0/16
192.31.168.0/22
Signature Algorithm: sha256WithRSAEncryption
93:ba:76:df:0b:22:73:55:3e:65:7f:07:6e:85:39:03:3c:c7:
80:7d:0a:b7:c2:20:60:00:58:d5:84:5c:7f:69:5d:e3:fa:fd:
b5:f5:08:5e:0c:28:8e:67:59:50:6d:bb:57:4c:ea:b1:86:ca:
f5:70:72:de:8c:2a:c2:54:6d:b4:f4:3e:b9:51:d5:b7:ac:f2:
43:eb:ef:0a:2c:ee:49:19:09:90:a8:61:77:b0:81:dd:ca:ae:
b0:96:dd:55:ca:65:97:99:74:b7:db:d7:b4:2b:62:82:e6:74:
6f:05:34:44:39:2f:bd:6c:7f:15:9e:58:30:5e:51:3b:ee:62:
07:b0:8b:df:5a:2c:a7:9e:a8:07:6b:27:48:e2:2d:63:18:de:
38:46:07:9a:cf:54:78:2a:7f:b7:49:9f:4b:9e:69:5b:b0:13:
22:de:b3:12:72:94:08:8d:10:4c:2f:cd:cc:94:56:52:6f:74:
dd:97:73:c5:3c:4e:11:3f:f1:f4:c1:47:91:5b:62:f3:0f:0d:
a6:67:d0:50:cb:5a:7a:a8:0d:a9:f7:7b:ff:40:2d:0a:4a:fe:
7e:df:c7:18:2a:57:9a:5f:cc:08:e5:1c:a4:45:b9:a0:95:62:
88:ae:7e:db:ef:b8:89:be:09:75:7d:08:ac:32:9b:59:42:bf:
de:7b:6d:4e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQntgV1AFCTTlntwjH+X7xKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmM5ZTUxYmFhYjNjM2U2YWI2OTlmY2I0NDNmMDA3ZjU0
NmMzZmIwHhcNMjUwMTAyMTU1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2OTUwYTEyZDRhNWEzZTY0MzYzZDIwMjdhNjUwNTNmYjAzMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpghAXQLDEhtX5M4z8rm0g5xcsBI
6lv5ov6v9vOaHVH+g6N3S6hNW7Z1A6dUIQIaMhP2patIkxUshXV7U68iTvUzzGT3
czZirkuI1h6+06JRKd+8pHFJ71x3Xtukc0ZyneJJAYEiWuUPtQEGLkY+bHh11E/7
mNER4DJu2B0zkA2+ah2xLCdx20GmZZsBpz0jY6S/ZJKI3n/fenFlEUZowhNYh13R
nwKV7J8PAMwa5OG0YQvOK29wZBf6QyPBviOQNptZZzREN8cap1uMB8UPJdLbuJbg
97mwlUKiJ75o3LfMDhK1dp2rtAvR7U3VkVc2fdc5wdQzNPwwqdNngXzVxwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFDqWlQoS1KWj5kNj0gJ6ZQU/sDIVMB8GA1UdIwQY
MBaAFD68nlG6qzw+araZ/LRD8Af1RsP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5ZVVicXJQRDVxdHBuOHRFUHdCX1ZHd19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC81NGMxZDEtMzYzYi00NWJhLTg5Mjct
OTY4OWZiZjZmNmVlLzEvT3BhVkNoTFVwYVBtUTJQU0FucGxCVC13TWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC81NGMxZDEtMzYzYi00NWJhLTg5MjctOTY4OWZiZjZmNmVl
LzEvUHJ5ZVVicXJQRDVxdHBuOHRFUHdCX1ZHd19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAg5sDBALA
H6gwDQYJKoZIhvcNAQELBQADggEBAJO6dt8LInNVPmV/B26FOQM8x4B9CrfCIGAA
WNWEXH9pXeP6/bX1CF4MKI5nWVBtu1dM6rGGyvVwct6MKsJUbbT0PrlR1bes8kPr
7wos7kkZCZCoYXewgd3KrrCW3VXKZZeZdLfb17QrYoLmdG8FNEQ5L71sfxWeWDBe
UTvuYgewi99aLKeeqAdrJ0jiLWMY3jhGB5rPVHgqf7dJn0ueaVuwEyLesxJylAiN
EEwvzcyUVlJvdN2Xc8U8ThE/8fTBR5FbYvMPDaZn0FDLWnqoDan3e/9ALQpK/n7f
xxgqV5pfzAjlHKRFuaCVYoiuftvvuIm+CXV9CKwym1lCv957bU4=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:35:15 2025 by rpki-client