Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/otJ3PoEzpPj94jRY4udGrBpgwp0.roa
File: otJ3PoEzpPj94jRY4udGrBpgwp0.roa (raw, json)
Hash identifier: WlHYPidvDO8kQlZUvMyJ4rESIc9AxZmQd5C/hI2DN+g=
Subject key identifier: A2:D2:77:3E:81:33:A4:F8:FD:E2:34:58:E2:E7:46:AC:1A:60:C2:9D
Certificate issuer: /CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Certificate serial: 018EA2FF031B937CBB7B21253D998C559041
Authority key identifier: 4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/otJ3PoEzpPj94jRY4udGrBpgwp0.roa
Signing time: Wed 03 Apr 2024 08:06:45 +0000
ROA not before: Wed 03 Apr 2024 08:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34953
IP address blocks: 5.145.128.0/20 maxlen: 24
5.199.240.0/20 maxlen: 24
46.183.96.0/21 maxlen: 24
62.112.64.0/19 maxlen: 24
93.159.248.0/21 maxlen: 24
2a00:fe0::/32 maxlen: 48
2a02:23f8::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:ff:03:1b:93:7c:bb:7b:21:25:3d:99:8c:55:90:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca447f7b3a776f724d8bc8140be3176662c24d0
Validity
Not Before: Apr 3 08:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2d2773e8133a4f8fde23458e2e746ac1a60c29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2f:27:e8:a2:1b:5d:29:f1:1c:52:bd:9e:90:
ae:0d:4c:27:37:17:13:5f:cd:64:59:5f:e8:94:50:
dc:ea:e8:9a:1f:a7:d1:d2:ba:a3:4b:51:73:0d:f7:
d0:9f:2b:5a:76:58:2f:c5:04:3d:8c:1a:f2:6b:64:
e0:b8:f4:65:d8:be:de:85:44:83:3c:f7:a4:cd:ea:
e4:bb:40:3e:cd:2a:55:27:f3:fe:59:38:2c:bb:b3:
63:f6:9a:c6:72:d6:a7:88:24:75:83:26:34:5a:e8:
e6:83:f0:96:0d:1c:56:45:11:74:68:45:9f:ec:d9:
42:0e:d5:fa:85:ce:4f:fe:59:01:45:74:29:8b:d2:
21:37:35:73:c3:d0:f5:f3:a2:f9:e7:cc:a1:06:2b:
2b:c7:e7:2f:59:8f:d9:0c:5b:fb:8e:28:dc:f3:ce:
ef:03:f2:8e:21:d5:15:5d:2c:64:7c:ab:06:22:b1:
63:ed:bd:bc:a1:24:77:1a:47:f5:a5:e9:b8:75:f0:
64:3e:aa:81:e6:eb:ff:9d:4c:52:67:34:f1:c5:05:
8c:4c:4b:d1:3f:b6:49:44:2f:fc:e8:78:28:b7:a4:
4d:09:b3:21:72:c9:8e:28:6e:a6:e7:e7:94:e5:21:
6f:e0:6d:a2:7f:df:ae:8c:9e:3b:71:97:06:b0:dc:
42:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:77:3E:81:33:A4:F8:FD:E2:34:58:E2:E7:46:AC:1A:60:C2:9D
X509v3 Authority Key Identifier:
keyid:4C:A4:47:F7:B3:A7:76:F7:24:D8:BC:81:40:BE:31:76:66:2C:24:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKRH97Ondvck2LyBQL4xdmYsJNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/otJ3PoEzpPj94jRY4udGrBpgwp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0f3e0b-26c3-4cf9-8056-29af33bc6b98/1/TKRH97Ondvck2LyBQL4xdmYsJNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.128.0/20
5.199.240.0/20
46.183.96.0/21
62.112.64.0/19
93.159.248.0/21
IPv6:
2a00:fe0::/32
2a02:23f8::/32
Signature Algorithm: sha256WithRSAEncryption
40:57:fc:bf:7f:82:c9:1f:78:af:c4:48:08:cb:0f:d3:3d:3b:
5e:50:84:e1:14:69:8e:16:bf:22:9e:6c:fe:46:3b:95:01:4f:
43:f0:f8:48:c8:b0:d2:e0:bc:44:b5:28:9d:f7:8b:4e:42:92:
43:7d:7a:e5:66:1b:c7:03:79:94:d8:51:50:e9:c2:ad:fb:96:
4c:8b:e2:9f:95:85:9c:cc:c3:74:40:37:8e:99:83:97:d1:87:
57:05:77:02:b4:8b:35:98:2a:2c:59:f1:c8:25:dc:d9:84:d6:
6e:73:7b:30:9a:f3:21:6b:b1:32:e0:7d:45:6e:25:aa:ed:0d:
67:f1:d8:c1:56:98:53:83:ed:c9:cf:77:9d:71:db:28:58:1c:
93:3d:6b:5a:f4:5a:43:a4:73:aa:25:67:b3:78:dc:04:2e:9e:
b5:09:3c:f5:8e:e1:44:d3:4b:37:8d:32:b9:9d:a9:de:22:e1:
e7:0e:7b:e0:f3:d5:1a:e7:5e:00:38:26:17:fa:e0:09:42:cb:
f2:72:38:af:02:c7:e9:19:2b:71:55:45:29:13:7f:51:e1:8a:
e6:e5:3e:b0:0f:80:b6:5c:cb:00:bd:3c:d8:97:cd:7a:34:33:
19:7b:bc:b0:bf:ac:52:aa:62:a1:69:ca:8b:e5:91:d4:53:bf:
1f:34:86:a2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY6i/wMbk3y7eyElPZmMVZBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTQ0N2Y3YjNhNzc2ZjcyNGQ4YmM4MTQwYmUzMTc2NjYy
YzI0ZDAwHhcNMjQwNDAzMDgwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQyNzczZTgxMzNhNGY4ZmRlMjM0NThlMmU3NDZhYzFhNjBjMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS8n6KIbXSnxHFK9npCuDUwnNxcT
X81kWV/olFDc6uiaH6fR0rqjS1FzDffQnytadlgvxQQ9jBrya2TguPRl2L7ehUSD
PPekzerku0A+zSpVJ/P+WTgsu7Nj9prGctaniCR1gyY0Wujmg/CWDRxWRRF0aEWf
7NlCDtX6hc5P/lkBRXQpi9IhNzVzw9D186L558yhBisrx+cvWY/ZDFv7jijc887v
A/KOIdUVXSxkfKsGIrFj7b28oSR3Gkf1pem4dfBkPqqB5uv/nUxSZzTxxQWMTEvR
P7ZJRC/86Hgot6RNCbMhcsmOKG6m5+eU5SFv4G2if9+ujJ47cZcGsNxCHwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKLSdz6BM6T4/eI0WOLnRqwaYMKdMB8GA1UdIwQY
MBaAFEykR/ezp3b3JNi8gUC+MXZmLCTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYt
MjlhZjMzYmM2Yjk4LzEvb3RKM1BvRXpwUGo5NGpSWTR1ZEdyQnBnd3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZjNlMGItMjZjMy00Y2Y5LTgwNTYtMjlhZjMzYmM2Yjk4
LzEvVEtSSDk3T25kdmNrMkx5QlFMNHhkbVlzSk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEBZGAAwQE
BcfwAwQDLrdgAwQFPnBAAwQDXZ/4MBQEAgACMA4DBQAqAA/gAwUAKgIj+DANBgkq
hkiG9w0BAQsFAAOCAQEAQFf8v3+CyR94r8RICMsP0z07XlCE4RRpjha/Ip5s/kY7
lQFPQ/D4SMiw0uC8RLUonfeLTkKSQ3165WYbxwN5lNhRUOnCrfuWTIvin5WFnMzD
dEA3jpmDl9GHVwV3ArSLNZgqLFnxyCXc2YTWbnN7MJrzIWuxMuB9RW4lqu0NZ/HY
wVaYU4Ptyc93nXHbKFgckz1rWvRaQ6RzqiVns3jcBC6etQk89Y7hRNNLN40yuZ2p
3iLh5w574PPVGudeADgmF/rgCULL8nI4rwLH6RkrcVVFKRN/UeGK5uU+sA+AtlzL
AL082JfNejQzGXu8sL+sUqpioWnKi+WR1FO/HzSGog==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:38 2025 by rpki-client