Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Om4UTtnEicjBAffo0YzNoS0fsW8.roa
File: Om4UTtnEicjBAffo0YzNoS0fsW8.roa (raw, json)
Hash identifier: 2lqn3gl3Dj0QVSD3YPgv3r3WI+RFpHWKnxPPMZVp2yo=
Subject key identifier: 3A:6E:14:4E:D9:C4:89:C8:C1:01:F7:E8:D1:8C:CD:A1:2D:1F:B1:6F
Certificate issuer: /CN=1319f052bc9e7284888074390c9d0bc127606692
Certificate serial: 01929A43A34B85DE3E21AF23FFE12E3F3924
Authority key identifier: 13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Om4UTtnEicjBAffo0YzNoS0fsW8.roa
Signing time: Thu 17 Oct 2024 11:36:16 +0000
ROA not before: Thu 17 Oct 2024 11:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 88.157.230.0/24 maxlen: 24
88.157.231.0/24 maxlen: 24
95.93.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 16:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:43:a3:4b:85:de:3e:21:af:23:ff:e1:2e:3f:39:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1319f052bc9e7284888074390c9d0bc127606692
Validity
Not Before: Oct 17 11:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a6e144ed9c489c8c101f7e8d18ccda12d1fb16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:27:6f:3b:7b:ea:c3:0b:34:24:2f:51:35:
ab:97:01:07:e1:00:de:b4:b5:9a:1a:d1:b9:d6:38:
22:81:20:7c:46:f8:a0:27:2d:a2:da:46:37:65:2e:
7f:bc:32:d9:f9:f3:85:bc:a8:e9:4b:c0:e4:54:e1:
b5:b3:5e:27:da:5a:d5:0f:f8:30:18:66:6d:f4:62:
b1:2c:b3:1b:2e:10:c6:84:ac:5c:a0:bb:1f:39:28:
94:e6:2f:cc:70:d1:fe:df:f3:b7:48:17:41:b2:dc:
8e:9d:81:14:23:0a:4e:1e:f2:77:60:25:4a:3f:00:
23:8e:45:3f:75:0a:d4:12:fe:15:e1:a6:43:29:a5:
6c:9a:be:e5:3f:b8:33:9a:3b:b6:cf:fb:7a:85:27:
48:41:6c:28:33:83:5c:3a:1e:00:6c:4d:0b:c8:4a:
bd:90:d8:cc:41:ee:2c:e5:15:40:c5:d5:18:8c:63:
ba:53:91:76:d7:a9:da:25:64:bd:3f:59:37:a3:63:
5d:21:a8:52:89:70:ef:d7:13:8e:73:75:da:4a:37:
c0:1f:15:30:94:ab:4d:9d:bf:4d:1b:66:07:fc:ca:
02:1c:3a:38:84:fa:7d:d4:75:4e:9c:12:20:34:2d:
e7:dd:1e:c7:e7:a8:eb:64:9e:66:12:5f:7e:04:ad:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:14:4E:D9:C4:89:C8:C1:01:F7:E8:D1:8C:CD:A1:2D:1F:B1:6F
X509v3 Authority Key Identifier:
keyid:13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Om4UTtnEicjBAffo0YzNoS0fsW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/ExnwUryecoSIgHQ5DJ0LwSdgZpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.157.230.0/23
95.93.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:de:4e:ff:cb:d4:cc:0c:88:04:67:df:05:71:c9:57:da:d1:
b6:6b:d1:ef:c6:c2:71:ed:1d:02:7b:fe:7c:12:df:57:03:aa:
8e:19:52:34:73:43:45:88:ce:b2:31:cc:45:78:d7:7e:7c:d6:
72:d9:ad:e5:70:bf:10:f6:3f:5a:87:91:e8:44:f4:4d:6d:64:
d5:09:ad:05:88:5e:f4:82:66:9d:8f:51:c8:d2:ef:46:f6:c0:
66:52:36:40:19:a4:90:d3:84:fa:f8:07:8f:60:dd:1c:53:b7:
2a:28:fa:ea:9e:19:cc:aa:8c:0f:74:cd:03:16:f4:bb:f2:92:
2e:4a:81:b2:3b:4d:8e:06:06:d2:02:b3:9c:8c:2e:01:0c:73:
64:8e:e2:89:4d:5c:06:55:4b:97:3a:e1:03:2a:3f:0e:0c:c9:
8d:f4:f9:49:a9:1a:a2:63:04:5a:2e:49:dd:24:63:27:a8:6f:
f5:df:0b:2d:f6:00:92:0f:f0:58:8f:b2:c3:5d:d5:ca:27:5f:
21:e0:33:bd:ab:d7:b9:72:ff:f2:cd:a7:a9:58:a5:89:57:1a:
77:29:5b:e0:8d:e5:67:e4:00:52:9d:22:9c:55:5a:00:58:c7:
c7:49:17:9d:d2:66:b6:12:aa:b4:63:be:a6:c2:a2:3c:48:83:
76:73:e7:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKaQ6NLhd4+Ia8j/+EuPzkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTlmMDUyYmM5ZTcyODQ4ODgwNzQzOTBjOWQwYmMxMjc2
MDY2OTIwHhcNMjQxMDE3MTEzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZlMTQ0ZWQ5YzQ4OWM4YzEwMWY3ZThkMThjY2RhMTJkMWZiMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Qnbzt76sMLNCQvUTWrlwEH4QDe
tLWaGtG51jgigSB8RvigJy2i2kY3ZS5/vDLZ+fOFvKjpS8DkVOG1s14n2lrVD/gw
GGZt9GKxLLMbLhDGhKxcoLsfOSiU5i/McNH+3/O3SBdBstyOnYEUIwpOHvJ3YCVK
PwAjjkU/dQrUEv4V4aZDKaVsmr7lP7gzmju2z/t6hSdIQWwoM4NcOh4AbE0LyEq9
kNjMQe4s5RVAxdUYjGO6U5F216naJWS9P1k3o2NdIahSiXDv1xOOc3XaSjfAHxUw
lKtNnb9NG2YH/MoCHDo4hPp91HVOnBIgNC3n3R7H56jrZJ5mEl9+BK3FLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpuFE7ZxInIwQH36NGMzaEtH7FvMB8GA1UdIwQY
MBaAFBMZ8FK8nnKEiIB0OQydC8EnYGaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUt
MmMxYTc3MzBiZDI1LzEvT200VVR0bkVpY2pCQWZmbzBZek5vUzBmc1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUtMmMxYTc3MzBiZDI1
LzEvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWJ3mAwQA
X10vMA0GCSqGSIb3DQEBCwUAA4IBAQAP3k7/y9TMDIgEZ98FcclX2tG2a9HvxsJx
7R0Ce/58Et9XA6qOGVI0c0NFiM6yMcxFeNd+fNZy2a3lcL8Q9j9ah5HoRPRNbWTV
Ca0FiF70gmadj1HI0u9G9sBmUjZAGaSQ04T6+AePYN0cU7cqKPrqnhnMqowPdM0D
FvS78pIuSoGyO02OBgbSArOcjC4BDHNkjuKJTVwGVUuXOuEDKj8ODMmN9PlJqRqi
YwRaLkndJGMnqG/13wst9gCSD/BYj7LDXdXKJ18h4DO9q9e5cv/yzaepWKWJVxp3
KVvgjeVn5ABSnSKcVVoAWMfHSRed0ma2Eqq0Y76mwqI8SIN2c+eO
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:06 2025 by rpki-client