Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/ow2J9ct_RxkgurvFW9yaq2qFcAA.roa
File: ow2J9ct_RxkgurvFW9yaq2qFcAA.roa (raw, json)
Hash identifier: UKy3LugJeOt/dvpFjO1PirEiMcpqKudYcaaJ5WoMsC0=
Subject key identifier: A3:0D:89:F5:CB:7F:47:19:20:BA:BB:C5:5B:DC:9A:AB:6A:85:70:00
Certificate issuer: /CN=7a867d2c1a2905d54321f01a710b21ed7abd857d
Certificate serial: 018CC500085DFA08661F261751FEAF19C77D
Authority key identifier: 7A:86:7D:2C:1A:29:05:D5:43:21:F0:1A:71:0B:21:ED:7A:BD:85:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eoZ9LBopBdVDIfAacQsh7Xq9hX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/ow2J9ct_RxkgurvFW9yaq2qFcAA.roa
Signing time: Mon 01 Jan 2024 12:29:22 +0000
ROA not before: Mon 01 Jan 2024 12:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44219
IP address blocks: 194.39.144.0/23 maxlen: 23
194.39.146.0/23 maxlen: 23
94.247.184.0/23 maxlen: 23
94.247.186.0/23 maxlen: 23
178.249.218.0/23 maxlen: 23
94.247.188.0/22 maxlen: 22
178.249.216.0/23 maxlen: 23
178.249.220.0/22 maxlen: 22
2a00:1cb0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:08:5d:fa:08:66:1f:26:17:51:fe:af:19:c7:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a867d2c1a2905d54321f01a710b21ed7abd857d
Validity
Not Before: Jan 1 12:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30d89f5cb7f471920babbc55bdc9aab6a857000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:07:d2:4f:96:12:17:47:4a:c5:c1:09:bb:ba:
c1:1d:55:fe:d4:ca:83:54:73:e2:fb:3a:4a:6a:1f:
c1:77:ea:e6:5d:e4:0a:c7:ab:3b:ad:be:16:eb:d3:
cf:4a:de:f7:3c:ef:40:a5:4e:e1:82:72:31:8f:b2:
fb:24:d9:8b:2f:ea:ce:aa:02:fd:ed:1c:87:21:c3:
d9:e5:7a:2f:70:79:be:cd:1f:3a:27:29:60:97:0d:
9d:fc:5b:d2:42:d8:a8:7b:78:0f:c4:5c:27:42:dc:
1c:96:f4:1c:a5:96:6e:d8:45:76:2c:d8:92:41:97:
49:31:1e:e6:0d:ed:6c:21:b8:43:2b:1e:0e:93:7d:
47:c2:36:24:3a:b0:e8:85:19:db:2d:3d:a8:02:57:
c4:5a:11:ea:d6:2f:37:ff:2b:7e:97:21:1d:87:9e:
e1:ae:75:12:e6:0c:2b:07:36:e4:13:6c:bd:2d:09:
d0:0b:d0:2a:4d:1b:a9:64:4c:ac:1b:12:4a:a4:8b:
dc:0d:cb:e3:43:d3:bb:b7:7a:30:ff:de:ac:7c:3e:
5b:3e:27:5c:dc:47:6e:04:d9:b4:59:3b:3c:51:2f:
af:f0:1b:58:58:a6:33:f6:60:b3:46:f7:36:d5:e8:
81:69:49:bc:c8:59:bb:0a:3f:fc:e0:4b:29:63:74:
94:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0D:89:F5:CB:7F:47:19:20:BA:BB:C5:5B:DC:9A:AB:6A:85:70:00
X509v3 Authority Key Identifier:
keyid:7A:86:7D:2C:1A:29:05:D5:43:21:F0:1A:71:0B:21:ED:7A:BD:85:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eoZ9LBopBdVDIfAacQsh7Xq9hX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/ow2J9ct_RxkgurvFW9yaq2qFcAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/2a773b-efa0-4b40-9861-6d6f558a7d65/1/eoZ9LBopBdVDIfAacQsh7Xq9hX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.184.0/21
178.249.216.0/21
194.39.144.0/22
IPv6:
2a00:1cb0::/32
Signature Algorithm: sha256WithRSAEncryption
31:37:df:97:d7:fb:02:19:72:2a:01:64:3a:49:da:d3:be:02:
47:bf:3b:d1:d4:40:2c:64:91:bb:89:9a:68:ae:03:27:bc:24:
15:dd:4e:ae:3a:5b:53:55:4d:c1:e1:72:57:98:76:fa:1d:f9:
17:77:54:9c:5b:b7:14:6c:32:1b:95:e7:aa:d9:9c:d1:c2:68:
81:c1:11:53:cc:b1:4f:d7:ef:c1:37:b5:25:12:e7:61:50:ed:
c0:48:29:25:4e:17:6d:39:bb:8a:16:e2:54:fb:6d:45:28:ff:
f5:88:25:d7:83:47:98:5e:f6:82:db:df:7f:90:03:67:f5:e0:
d8:40:a6:4f:1e:3b:87:4c:90:11:12:95:59:5d:00:5c:4a:6f:
65:60:be:ad:2a:04:dd:7b:1b:cb:b8:7f:cb:c0:d7:98:fe:9b:
73:1d:eb:20:f0:c6:d6:79:99:5d:3c:03:d5:6b:7e:9d:e2:22:
ec:41:23:c5:34:20:86:c9:91:19:65:ec:58:9e:91:61:14:bc:
9a:c2:0a:88:0a:06:5a:3b:8f:de:9d:bf:b0:e3:28:1c:6b:a7:
2d:96:d7:50:08:47:60:39:e4:0d:b4:10:dc:79:fa:a6:22:64:
87:af:be:c4:b7:95:e3:ec:d8:07:b5:e7:ef:80:a9:5d:63:94:
09:21:dc:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAAhd+ghmHyYXUf6vGcd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODY3ZDJjMWEyOTA1ZDU0MzIxZjAxYTcxMGIyMWVkN2Fi
ZDg1N2QwHhcNMjQwMTAxMTIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBkODlmNWNiN2Y0NzE5MjBiYWJiYzU1YmRjOWFhYjZhODU3MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAfST5YSF0dKxcEJu7rBHVX+1MqD
VHPi+zpKah/Bd+rmXeQKx6s7rb4W69PPSt73PO9ApU7hgnIxj7L7JNmLL+rOqgL9
7RyHIcPZ5XovcHm+zR86Jylglw2d/FvSQtioe3gPxFwnQtwclvQcpZZu2EV2LNiS
QZdJMR7mDe1sIbhDKx4Ok31HwjYkOrDohRnbLT2oAlfEWhHq1i83/yt+lyEdh57h
rnUS5gwrBzbkE2y9LQnQC9AqTRupZEysGxJKpIvcDcvjQ9O7t3ow/96sfD5bPidc
3EduBNm0WTs8US+v8BtYWKYz9mCzRvc21eiBaUm8yFm7Cj/84EspY3SUBwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKMNifXLf0cZILq7xVvcmqtqhXAAMB8GA1UdIwQY
MBaAFHqGfSwaKQXVQyHwGnELIe16vYV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9aOUxCb3BCZFZESWZBYWNRc2g3WHE5aFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yYTc3M2ItZWZhMC00YjQwLTk4NjEt
NmQ2ZjU1OGE3ZDY1LzEvb3cySjljdF9SeGtndXJ2Rlc5eWFxMnFGY0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yYTc3M2ItZWZhMC00YjQwLTk4NjEtNmQ2ZjU1OGE3ZDY1
LzEvZW9aOUxCb3BCZFZESWZBYWNRc2g3WHE5aFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXve4AwQD
svnYAwQCwieQMA0EAgACMAcDBQAqABywMA0GCSqGSIb3DQEBCwUAA4IBAQAxN9+X
1/sCGXIqAWQ6SdrTvgJHvzvR1EAsZJG7iZporgMnvCQV3U6uOltTVU3B4XJXmHb6
HfkXd1ScW7cUbDIbleeq2ZzRwmiBwRFTzLFP1+/BN7UlEudhUO3ASCklThdtObuK
FuJU+21FKP/1iCXXg0eYXvaC299/kANn9eDYQKZPHjuHTJAREpVZXQBcSm9lYL6t
KgTdexvLuH/LwNeY/ptzHesg8MbWeZldPAPVa36d4iLsQSPFNCCGyZEZZexYnpFh
FLyawgqICgZaO4/enb+w4ygca6ctltdQCEdgOeQNtBDcefqmImSHr77Et5Xj7NgH
tefvgKldY5QJIdwE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:59 2025 by rpki-client