Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/mowZ8DxcVHkFmPhK2Zsz4lh0JXs.roa
File: mowZ8DxcVHkFmPhK2Zsz4lh0JXs.roa (raw, json)
Hash identifier: g+KAMpEjIn3iF7HtLFAUiVEVRePLphDgoClvwiik3LY=
Subject key identifier: 9A:8C:19:F0:3C:5C:54:79:05:98:F8:4A:D9:9B:33:E2:58:74:25:7B
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01931FE520E2C06CA0425E7EF30342E72652
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/mowZ8DxcVHkFmPhK2Zsz4lh0JXs.roa
Signing time: Tue 12 Nov 2024 10:22:10 +0000
ROA not before: Tue 12 Nov 2024 10:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 16:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:e5:20:e2:c0:6c:a0:42:5e:7e:f3:03:42:e7:26:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Nov 12 10:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a8c19f03c5c54790598f84ad99b33e25874257b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cb:d1:2c:52:26:26:81:47:a3:e9:96:5b:4a:
5b:bc:9a:4a:9f:74:e4:d3:e6:47:4e:33:2b:dd:b8:
00:9f:79:2c:ae:f2:94:0a:63:8b:2d:66:01:51:e2:
be:4c:72:43:b4:c3:a6:0f:86:d1:bc:1d:3e:2d:90:
08:91:6c:41:86:23:ef:30:11:1e:77:fd:bb:7c:e9:
34:83:15:7f:c8:55:d1:74:65:fa:11:db:9a:aa:f0:
ca:b3:34:c1:8f:94:ef:1e:b9:7a:76:c5:69:1a:ec:
c8:02:10:ee:ba:79:f6:5c:cd:e0:c2:5d:fe:a0:b0:
31:68:a4:c8:94:4a:37:d5:de:3c:6a:62:5c:3e:53:
c8:06:c7:71:89:53:eb:2a:e4:4e:89:fa:01:ec:35:
16:35:6a:e3:59:b9:21:76:38:0c:25:41:df:c1:4f:
27:67:57:6c:67:28:58:bf:7b:c3:b1:3a:83:85:c8:
2e:19:30:f5:e2:f7:44:49:62:e2:0b:1c:e4:2a:f3:
ff:ff:46:a1:80:b1:bd:27:93:19:0f:b7:da:bc:c7:
1b:35:dd:5d:ce:86:e4:1a:66:a0:f1:5a:da:70:b6:
32:b1:4d:02:95:81:85:fa:bf:40:42:d2:ac:02:19:
56:02:08:ee:24:7e:2f:20:44:b2:b6:bc:6a:7e:d7:
a0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8C:19:F0:3C:5C:54:79:05:98:F8:4A:D9:9B:33:E2:58:74:25:7B
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/mowZ8DxcVHkFmPhK2Zsz4lh0JXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
78.143.252.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
81:d2:10:07:4f:0a:b6:a6:db:74:13:78:1b:90:ac:f0:99:fb:
01:c3:b9:41:e2:03:4e:19:ff:6a:64:e8:da:86:6c:83:fb:b4:
bf:6c:27:d7:01:d3:1d:08:d3:37:cc:df:67:9e:fb:68:82:bf:
7b:1f:5c:7a:8e:d1:11:5d:f0:c6:66:26:84:f8:43:a1:33:c2:
e5:e4:3e:c3:29:d9:da:39:62:c1:8d:a9:63:72:a0:90:32:23:
f1:a8:dd:35:c5:58:61:b3:74:04:1f:a6:20:ea:5d:69:9d:18:
3b:8a:8a:97:a3:fc:da:33:c0:68:9d:e1:45:ba:fd:90:a7:4c:
16:b6:09:67:56:04:17:82:38:3b:0f:2d:dd:14:e0:05:69:13:
42:12:5c:73:78:a2:6d:79:55:80:28:46:45:d3:58:3b:7d:ef:
34:5c:23:0b:8f:0d:47:d9:7e:a2:01:15:c0:0c:12:8a:91:d8:
46:28:9a:06:1d:ca:b0:8e:88:6e:a4:0f:12:ca:8b:ec:06:0b:
e2:a7:8d:3d:29:37:03:be:69:ae:44:94:12:f3:6c:69:7e:24:
af:89:e7:34:03:31:2b:3c:cf:b9:58:85:11:43:ca:d7:b0:84:
79:f6:01:6d:94:c9:63:92:4a:ee:ea:34:eb:55:27:0e:4f:9b:
07:1b:ac:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMf5SDiwGygQl5+8wNC5yZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQxMTEyMTAyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThjMTlmMDNjNWM1NDc5MDU5OGY4NGFkOTliMzNlMjU4NzQyNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMvRLFImJoFHo+mWW0pbvJpKn3Tk
0+ZHTjMr3bgAn3ksrvKUCmOLLWYBUeK+THJDtMOmD4bRvB0+LZAIkWxBhiPvMBEe
d/27fOk0gxV/yFXRdGX6EduaqvDKszTBj5TvHrl6dsVpGuzIAhDuunn2XM3gwl3+
oLAxaKTIlEo31d48amJcPlPIBsdxiVPrKuROifoB7DUWNWrjWbkhdjgMJUHfwU8n
Z1dsZyhYv3vDsTqDhcguGTD14vdESWLiCxzkKvP//0ahgLG9J5MZD7favMcbNd1d
zobkGmag8VracLYysU0ClYGF+r9AQtKsAhlWAgjuJH4vIESytrxqftegLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJqMGfA8XFR5BZj4StmbM+JYdCV7MB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvbW93WjhEeGNWSGtGbVBoSzJac3o0bGgwSlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCbAwQB
To/8AwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCB0hAHTwq2ptt0E3gbkKzwmfsB
w7lB4gNOGf9qZOjahmyD+7S/bCfXAdMdCNM3zN9nnvtogr97H1x6jtERXfDGZiaE
+EOhM8Ll5D7DKdnaOWLBjaljcqCQMiPxqN01xVhhs3QEH6Yg6l1pnRg7ioqXo/za
M8BoneFFuv2Qp0wWtglnVgQXgjg7Dy3dFOAFaRNCElxzeKJteVWAKEZF01g7fe80
XCMLjw1H2X6iARXADBKKkdhGKJoGHcqwjohupA8SyovsBgvip409KTcDvmmuRJQS
82xpfiSviec0AzErPM+5WIURQ8rXsIR59gFtlMljkkru6jTrVScOT5sHG6wk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:55 2025 by rpki-client