Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/0OiHMEoODaglH2piDNs43HD_DTA.roa
File: 0OiHMEoODaglH2piDNs43HD_DTA.roa (raw, json)
Hash identifier: nmiHh4LnosZp9xNDhf28YCBjscaOe+Oer/aAI6fnkBI=
Subject key identifier: D0:E8:87:30:4A:0E:0D:A8:25:1F:6A:62:0C:DB:38:DC:70:FF:0D:30
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019425FD4E8AD6B5652621B9D2A5697917BD
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/0OiHMEoODaglH2piDNs43HD_DTA.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210805
IP address blocks: 79.135.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4e:8a:d6:b5:65:26:21:b9:d2:a5:69:79:17:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0e887304a0e0da8251f6a620cdb38dc70ff0d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:72:94:c3:53:da:6a:4b:9d:ac:1e:86:9f:
26:21:24:5b:e5:3b:90:91:4e:79:d8:f2:cf:39:fa:
0d:64:a4:fb:b6:75:1c:8d:6e:05:6d:f7:b7:cd:f2:
fa:ab:45:11:4e:9f:45:63:74:66:d0:7f:76:01:e2:
cb:94:a7:71:3e:fa:85:4b:1a:d7:ea:5f:63:5d:d6:
d9:fc:ac:0c:b7:65:e5:60:d3:7f:1e:b4:55:44:37:
54:90:fe:58:70:74:a7:08:a0:6f:10:27:14:fe:7c:
1e:08:b0:24:cf:a0:2e:f8:f4:d6:f9:76:6d:44:7e:
2e:a8:e5:b7:9b:01:2c:b9:a3:58:9f:15:5d:49:9d:
31:74:d5:fb:fd:79:a0:e0:cf:53:81:b6:5a:0c:59:
c6:07:98:c8:4b:ff:54:d4:d7:86:35:7a:68:ff:58:
2b:59:70:01:7a:08:0f:b7:7b:3e:07:ba:82:4a:92:
fa:35:fb:19:db:e4:d8:ec:a8:9c:8f:0b:c9:da:47:
06:9f:f6:1e:9e:db:3f:7f:79:2e:74:37:52:1c:a0:
0f:03:2c:05:77:fa:1b:a5:4f:8b:4d:07:08:9d:cc:
0f:44:cc:0b:03:62:1b:91:f6:62:bc:d6:29:68:e7:
da:28:24:33:fd:1a:0a:83:57:3e:26:57:01:73:d8:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E8:87:30:4A:0E:0D:A8:25:1F:6A:62:0C:DB:38:DC:70:FF:0D:30
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/0OiHMEoODaglH2piDNs43HD_DTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.102.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:25:b1:24:d2:3c:26:03:50:7b:6d:d6:20:05:7b:55:1b:8b:
2d:2d:26:02:7e:f1:e1:69:9a:c2:89:27:98:05:5b:ba:d7:c3:
31:cc:62:06:55:66:c7:08:23:4d:25:14:df:af:33:7a:89:be:
6d:83:71:89:f6:60:0c:81:b8:68:cd:5c:e1:8d:fe:b1:a3:12:
5c:a7:79:c0:59:a0:3e:96:a6:b6:8b:ca:79:b9:81:d6:a2:22:
fc:de:30:bb:be:6a:81:d2:b3:15:7a:0e:b9:8e:2c:c0:13:24:
15:46:c5:34:e5:eb:f7:b9:d8:4d:da:f9:17:26:6f:fd:0c:18:
96:ea:94:d1:ef:a6:1c:9b:9b:81:43:75:6d:12:1f:14:14:35:
53:c3:91:a9:6c:b4:4b:e2:e2:38:25:b4:40:1f:b0:ac:06:84:
fa:92:b4:46:81:f3:27:11:8c:24:4d:83:e3:26:11:ba:2a:32:
6b:ef:d4:89:b6:6e:5a:6a:3e:a5:d0:06:1b:d4:66:7e:9b:01:
e4:a7:dd:d2:1c:93:9f:b9:fa:46:65:9d:35:4f:2a:a3:1e:ee:
8b:14:70:01:8c:60:69:a5:d8:1b:0c:40:09:50:cc:c3:d0:63:
22:63:6e:19:ef:ad:ce:77:5f:92:d2:ca:a0:91:21:7b:45:53:
15:07:cd:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/U6K1rVlJiG50qVpeRe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU4ODczMDRhMGUwZGE4MjUxZjZhNjIwY2RiMzhkYzcwZmYwZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEJylMNT2mpLnawehp8mISRb5TuQ
kU552PLPOfoNZKT7tnUcjW4Fbfe3zfL6q0URTp9FY3Rm0H92AeLLlKdxPvqFSxrX
6l9jXdbZ/KwMt2XlYNN/HrRVRDdUkP5YcHSnCKBvECcU/nweCLAkz6Au+PTW+XZt
RH4uqOW3mwEsuaNYnxVdSZ0xdNX7/Xmg4M9TgbZaDFnGB5jIS/9U1NeGNXpo/1gr
WXABeggPt3s+B7qCSpL6NfsZ2+TY7KicjwvJ2kcGn/Yents/f3kudDdSHKAPAywF
d/obpU+LTQcIncwPRMwLA2IbkfZivNYpaOfaKCQz/RoKg1c+JlcBc9iKSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDohzBKDg2oJR9qYgzbONxw/w0wMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvME9pSE1Fb09EYWdsSDJwaUROczQzSERfRFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBT4dmMA0G
CSqGSIb3DQEBCwUAA4IBAQAbJbEk0jwmA1B7bdYgBXtVG4stLSYCfvHhaZrCiSeY
BVu618MxzGIGVWbHCCNNJRTfrzN6ib5tg3GJ9mAMgbhozVzhjf6xoxJcp3nAWaA+
lqa2i8p5uYHWoiL83jC7vmqB0rMVeg65jizAEyQVRsU05ev3udhN2vkXJm/9DBiW
6pTR76Ycm5uBQ3VtEh8UFDVTw5GpbLRL4uI4JbRAH7CsBoT6krRGgfMnEYwkTYPj
JhG6KjJr79SJtm5aaj6l0AYb1GZ+mwHkp93SHJOfufpGZZ01TyqjHu6LFHABjGBp
pdgbDEAJUMzD0GMiY24Z763Od1+S0sqgkSF7RVMVB81n
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:07 2025 by rpki-client