Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ozr1P-aAmixoCWThtY553RFduv8.roa
File: ozr1P-aAmixoCWThtY553RFduv8.roa (raw, json)
Hash identifier: Pcuy0tteRsP7mLLcPzpIP9UsBzG8Sd/tCBCqWcZY0UM=
Subject key identifier: A3:3A:F5:3F:E6:80:9A:2C:68:09:64:E1:B5:8E:79:DD:11:5D:BA:FF
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 019360810AD57E1B67797CE912A6B62D85DB
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ozr1P-aAmixoCWThtY553RFduv8.roa
Signing time: Sun 24 Nov 2024 23:28:09 +0000
ROA not before: Sun 24 Nov 2024 23:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
194.24.160.0/24 maxlen: 24
2a00:1910::/29 maxlen: 29
2a00:1911::/32 maxlen: 32
2a00:1912::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
2a12:5e41::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Nov 2024 14:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:60:81:0a:d5:7e:1b:67:79:7c:e9:12:a6:b6:2d:85:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Nov 24 23:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a33af53fe6809a2c680964e1b58e79dd115dbaff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:1e:ad:52:1e:e4:db:f3:31:d7:41:7e:fb:
e1:3c:f7:49:3f:21:fb:9b:66:ad:8d:8e:f3:07:28:
70:dc:e7:51:90:d8:c7:92:a1:92:8b:cd:41:eb:fc:
ae:f3:74:0a:73:ec:fe:e4:b2:75:be:09:65:6f:60:
3a:79:11:80:1d:51:ff:82:9b:b7:c9:78:48:04:8f:
58:fc:c6:ce:e0:3f:b5:be:47:c2:bc:45:b8:eb:57:
f4:c0:35:6f:bb:32:3d:8e:14:0e:fe:16:a5:8c:56:
0d:7a:3f:aa:47:52:0f:1e:ce:44:1b:93:40:20:76:
81:4e:91:cc:e1:f2:4e:32:10:98:2e:c8:d2:8f:d3:
c0:c5:bc:bf:f8:ec:ec:18:d0:ad:d8:c9:80:68:b1:
e4:c2:cb:4f:52:95:ea:4d:a5:c0:c0:6f:c2:87:74:
65:29:a8:11:cb:6f:60:d1:dd:57:a0:b5:99:1f:db:
aa:5b:c8:67:6c:c3:3c:9c:f0:da:0d:aa:84:5a:28:
7e:75:af:dc:96:b8:53:e9:5e:8f:d6:5d:e1:c9:b1:
82:b0:ca:2f:2a:9e:a3:7f:1a:2c:a9:c3:9a:2e:b3:
d6:41:f9:f8:b4:60:05:88:d1:6f:a4:9d:27:31:c1:
e6:92:e7:2e:1c:4a:b0:9d:ac:a0:4a:09:b1:27:19:
5c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3A:F5:3F:E6:80:9A:2C:68:09:64:E1:B5:8E:79:DD:11:5D:BA:FF
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ozr1P-aAmixoCWThtY553RFduv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/29
2a09:8700::/32
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
2b:bb:13:72:51:78:1a:76:33:7c:45:da:f4:b1:20:d3:1f:4e:
d0:28:2e:12:d8:c3:65:fd:db:00:30:ec:2c:37:c0:80:e2:1f:
1d:7d:0c:fb:2d:fd:ce:cb:69:b6:5b:20:21:fa:3f:16:4b:85:
eb:34:ba:6c:fa:b2:01:f5:d6:a9:5a:31:58:d1:fc:1e:3d:93:
e3:d5:fb:83:25:3c:aa:a0:4b:a3:e9:27:46:15:59:09:9a:4d:
53:81:c7:49:20:a1:fe:16:e8:43:43:ae:35:9b:3b:43:f1:23:
fd:da:d8:6a:02:ae:a2:1d:4e:02:45:ab:90:d1:bc:15:df:3e:
56:98:b5:27:9c:cc:70:98:3f:6b:8b:93:24:95:a1:64:84:ae:
b2:35:15:50:f8:23:a2:57:60:c7:2d:9d:be:09:ce:d7:b5:c0:
1c:34:7b:bc:df:ba:69:c1:94:b1:db:bf:bf:fb:c7:58:73:c7:
fd:43:ca:b4:13:8f:28:95:01:70:34:e4:b9:77:9a:e3:da:e2:
2e:f9:c0:13:45:71:61:53:26:eb:4b:1b:59:78:7e:75:36:2f:
c3:ea:1a:bf:8e:ff:4f:1c:2b:65:ad:14:c3:1c:c0:9c:a4:fe:
67:2c:77:79:1c:2e:b9:98:4b:a9:6c:9c:6f:e9:c9:c6:0e:b5:
8f:c4:5a:c7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZNggQrVfhtneXzpEqa2LYXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQxMTI0MjMyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNhZjUzZmU2ODA5YTJjNjgwOTY0ZTFiNThlNzlkZDExNWRiYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOgerVIe5NvzMddBfvvhPPdJPyH7
m2atjY7zByhw3OdRkNjHkqGSi81B6/yu83QKc+z+5LJ1vgllb2A6eRGAHVH/gpu3
yXhIBI9Y/MbO4D+1vkfCvEW461f0wDVvuzI9jhQO/haljFYNej+qR1IPHs5EG5NA
IHaBTpHM4fJOMhCYLsjSj9PAxby/+OzsGNCt2MmAaLHkwstPUpXqTaXAwG/Ch3Rl
KagRy29g0d1XoLWZH9uqW8hnbMM8nPDaDaqEWih+da/clrhT6V6P1l3hybGCsMov
Kp6jfxosqcOaLrPWQfn4tGAFiNFvpJ0nMcHmkucuHEqwnaygSgmxJxlcnQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKM69T/mgJosaAlk4bWOed0RXbr/MB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvb3pyMVAtYUFtaXhvQ1dUaHRZNTUzUkZkdXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBsEAgACMBUDBQMqABkQAwUAKgmHAAMFACoS
XkEwDQYJKoZIhvcNAQELBQADggEBACu7E3JReBp2M3xF2vSxINMfTtAoLhLYw2X9
2wAw7Cw3wIDiHx19DPst/c7LabZbICH6PxZLhes0umz6sgH11qlaMVjR/B49k+PV
+4MlPKqgS6PpJ0YVWQmaTVOBx0kgof4W6ENDrjWbO0PxI/3a2GoCrqIdTgJFq5DR
vBXfPlaYtSeczHCYP2uLkySVoWSErrI1FVD4I6JXYMctnb4Jzte1wBw0e7zfumnB
lLHbv7/7x1hzx/1DyrQTjyiVAXA05Ll3muPa4i75wBNFcWFTJutLG1l4fnU2L8Pq
Gr+O/08cK2WtFMMcwJyk/mcsd3kcLrmYS6lsnG/pycYOtY/EWsc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:09:01 2025 by rpki-client