Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/OTYgsA_r9kLxq2Q9K-Auc5pODpI.roa
File: OTYgsA_r9kLxq2Q9K-Auc5pODpI.roa (raw, json)
Hash identifier: 08p1WGKkz2AV3v7M/ZWu62QT/HRijwYGr728kwOcdqE=
Subject key identifier: 39:36:20:B0:0F:EB:F6:42:F1:AB:64:3D:2B:E0:2E:73:9A:4E:0E:92
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019301AAF5F86ADA95087ECB6C88B9065618
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/OTYgsA_r9kLxq2Q9K-Auc5pODpI.roa
Signing time: Wed 06 Nov 2024 13:30:01 +0000
ROA not before: Wed 06 Nov 2024 13:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 95.164.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 21:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:aa:f5:f8:6a:da:95:08:7e:cb:6c:88:b9:06:56:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 6 13:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=393620b00febf642f1ab643d2be02e739a4e0e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:23:c3:33:c8:f6:44:3d:1f:1b:b5:ae:50:f6:
4e:9e:f6:15:53:28:9e:c7:68:dd:40:d5:eb:f8:68:
1a:b7:81:3f:af:02:69:93:a5:71:38:ef:7f:31:dd:
57:03:2c:84:39:44:c7:fd:17:bb:5b:f8:86:63:14:
cf:1b:6d:8c:27:23:90:3e:ad:67:76:18:0a:b9:41:
71:d1:2a:3c:c3:cd:27:cf:98:90:cc:fb:5e:64:51:
c6:88:a4:19:5a:95:8d:07:fd:1a:45:a8:50:49:ee:
13:3f:f8:57:c6:33:44:f6:e2:b8:6e:a3:56:61:d4:
7a:5f:64:92:3f:80:34:e2:59:dc:16:c1:92:a2:bb:
7e:54:3c:08:5e:60:84:e4:7f:60:37:bb:b7:78:23:
f1:a0:c1:d3:6a:8e:80:95:87:e6:db:24:d3:2f:86:
d6:c6:7c:d5:25:cc:0f:1e:ed:1d:fe:fd:08:58:0b:
fb:76:75:1c:07:ad:e2:8d:8c:63:14:f9:1a:4b:c0:
f6:d3:97:97:67:9b:48:ea:71:c6:01:07:c8:9c:b3:
b8:42:a5:51:56:a6:7c:e2:d4:69:16:ac:6d:a7:05:
55:82:05:5e:ff:1a:00:62:83:65:eb:a9:b8:fd:6b:
89:b8:82:9c:3c:c3:c0:78:b3:44:f5:81:ca:ad:8f:
63:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:36:20:B0:0F:EB:F6:42:F1:AB:64:3D:2B:E0:2E:73:9A:4E:0E:92
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/OTYgsA_r9kLxq2Q9K-Auc5pODpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.224.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:68:e6:62:e7:42:ec:c0:bf:6b:12:eb:0e:55:9f:53:d8:e3:
23:c5:45:44:ca:97:40:a6:75:66:08:1d:df:12:32:2a:71:3f:
c2:fc:df:43:0d:c7:73:1a:da:21:79:a5:0c:c9:ab:12:81:0f:
db:54:80:c5:a0:b4:69:c0:04:be:a9:db:62:8e:b6:e6:83:6e:
9a:73:2a:36:4d:3c:83:43:7d:b8:f7:f7:c0:d9:11:6a:63:0d:
c2:93:5a:b2:10:5d:cd:15:37:5c:bc:db:76:46:6a:03:21:a3:
50:db:e7:88:7d:75:1e:7a:91:7b:0a:72:09:1c:f8:8b:f9:ba:
7f:b5:82:82:09:a0:b4:39:6c:8a:b0:c1:17:40:8e:d7:82:da:
30:1d:54:fd:f9:91:8b:c2:48:39:e7:86:82:4b:0a:3d:79:74:
bd:13:82:be:bd:fa:5b:15:54:89:ba:57:c3:56:91:60:c3:7b:
8e:3b:4c:f5:1b:cd:61:7b:be:db:2b:c9:13:90:53:26:d2:ca:
15:07:43:28:24:c5:12:06:58:c2:84:e3:76:27:1f:f5:89:33:
1d:d0:0d:27:84:27:7e:ca:6b:3b:a5:a5:ba:1c:27:01:71:b8:
c3:cc:01:a9:c1:9b:ef:19:9e:43:3e:80:8c:6c:eb:57:7d:ae:
b9:35:e5:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMBqvX4atqVCH7LbIi5BlYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTA2MTMzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM2MjBiMDBmZWJmNjQyZjFhYjY0M2QyYmUwMmU3MzlhNGUwZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yPDM8j2RD0fG7WuUPZOnvYVUyie
x2jdQNXr+Ggat4E/rwJpk6VxOO9/Md1XAyyEOUTH/Re7W/iGYxTPG22MJyOQPq1n
dhgKuUFx0So8w80nz5iQzPteZFHGiKQZWpWNB/0aRahQSe4TP/hXxjNE9uK4bqNW
YdR6X2SSP4A04lncFsGSort+VDwIXmCE5H9gN7u3eCPxoMHTao6AlYfm2yTTL4bW
xnzVJcwPHu0d/v0IWAv7dnUcB63ijYxjFPkaS8D205eXZ5tI6nHGAQfInLO4QqVR
VqZ84tRpFqxtpwVVggVe/xoAYoNl66m4/WuJuIKcPMPAeLNE9YHKrY9jAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk2ILAP6/ZC8atkPSvgLnOaTg6SMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvT1RZZ3NBX3I5a0x4cTJROUstQXVjNXBPRHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX6TgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8aOZi50LswL9rEusOVZ9T2OMjxUVEypdApnVmCB3f
EjIqcT/C/N9DDcdzGtoheaUMyasSgQ/bVIDFoLRpwAS+qdtijrbmg26acyo2TTyD
Q3249/fA2RFqYw3Ck1qyEF3NFTdcvNt2RmoDIaNQ2+eIfXUeepF7CnIJHPiL+bp/
tYKCCaC0OWyKsMEXQI7XgtowHVT9+ZGLwkg554aCSwo9eXS9E4K+vfpbFVSJulfD
VpFgw3uOO0z1G81he77bK8kTkFMm0soVB0MoJMUSBljChON2Jx/1iTMd0A0nhCd+
yms7paW6HCcBcbjDzAGpwZvvGZ5DPoCMbOtXfa65NeV/
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:24:39 2025 by rpki-client