Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/31a7d4-49a4-4d6f-8c8d-d8152b5157d8/1/OkJAWnF8vRxHNROsU-CQGDspHwA.roa
File: OkJAWnF8vRxHNROsU-CQGDspHwA.roa (raw, json)
Hash identifier: ZMyJ1t4WueVOzSD2xMfZbhLXzQtrWy0EWfbAze+MRHM=
Subject key identifier: 3A:42:40:5A:71:7C:BD:1C:47:35:13:AC:53:E0:90:18:3B:29:1F:00
Certificate issuer: /CN=d921145820feceef3cf55270326c5e1243f24355
Certificate serial: 018DE5482A83A1A41C3E48728526957816B7
Authority key identifier: D9:21:14:58:20:FE:CE:EF:3C:F5:52:70:32:6C:5E:12:43:F2:43:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SEUWCD-zu889VJwMmxeEkPyQ1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/31a7d4-49a4-4d6f-8c8d-d8152b5157d8/1/OkJAWnF8vRxHNROsU-CQGDspHwA.roa
Signing time: Mon 26 Feb 2024 11:58:48 +0000
ROA not before: Mon 26 Feb 2024 11:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59829
IP address blocks: 94.176.97.0/24 maxlen: 24
212.6.50.0/24 maxlen: 24
2a0c:2f40::/29 maxlen: 29
2a0c:2f43::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 11:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:48:2a:83:a1:a4:1c:3e:48:72:85:26:95:78:16:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d921145820feceef3cf55270326c5e1243f24355
Validity
Not Before: Feb 26 11:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a42405a717cbd1c473513ac53e090183b291f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:7b:c3:eb:03:f1:01:13:6c:76:14:42:bb:
f6:27:97:6b:92:35:68:90:45:e8:5b:dc:af:63:2d:
f9:10:97:3f:dc:3f:59:ed:df:ac:c1:45:fe:5c:f7:
fa:47:09:03:0e:38:18:47:9d:c6:04:4b:f4:e2:c6:
65:34:ba:c0:f3:a6:0a:de:50:15:b1:d9:e3:2b:73:
a6:9a:8a:f8:f8:02:03:80:bb:c4:76:7e:b9:d3:3c:
38:73:d7:f9:09:bf:e4:02:ff:f7:23:75:48:36:9e:
57:3f:06:d7:c4:fc:ac:50:58:48:c8:19:24:4e:ce:
a2:71:18:cb:67:e9:d5:42:7e:c6:7a:13:9c:f0:35:
fb:1d:d5:53:e4:03:5b:84:47:d2:70:85:5c:61:0b:
2f:dd:9c:40:49:59:6e:fb:14:fd:1f:a6:bd:cd:26:
4f:ad:da:af:48:e1:f4:fe:9c:71:cc:79:55:68:fb:
96:f6:70:95:59:d7:98:0c:8b:be:2f:62:d8:77:ba:
aa:87:d8:01:c2:a3:db:62:bb:be:4b:f7:ca:39:f3:
6a:d7:de:a2:59:82:ae:1c:9f:db:53:a3:f5:45:4a:
f7:82:80:93:f9:5f:6d:9d:9a:ce:34:5e:02:d2:be:
de:bb:9b:35:ad:5f:61:75:90:c8:b0:40:df:4d:84:
b3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:42:40:5A:71:7C:BD:1C:47:35:13:AC:53:E0:90:18:3B:29:1F:00
X509v3 Authority Key Identifier:
keyid:D9:21:14:58:20:FE:CE:EF:3C:F5:52:70:32:6C:5E:12:43:F2:43:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SEUWCD-zu889VJwMmxeEkPyQ1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/31a7d4-49a4-4d6f-8c8d-d8152b5157d8/1/OkJAWnF8vRxHNROsU-CQGDspHwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/31a7d4-49a4-4d6f-8c8d-d8152b5157d8/1/2SEUWCD-zu889VJwMmxeEkPyQ1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.97.0/24
212.6.50.0/24
IPv6:
2a0c:2f40::/29
Signature Algorithm: sha256WithRSAEncryption
72:d5:61:89:58:f8:65:a6:cc:70:39:2d:ce:70:ba:9a:a2:00:
89:87:90:45:77:b4:27:f2:2b:1a:2f:23:dc:59:18:f4:cb:e7:
0b:a1:ec:2a:9d:f5:93:1e:56:c0:b7:77:af:c4:9c:02:94:f4:
3c:bf:60:38:11:af:86:b2:80:c1:bc:92:71:b4:16:86:7d:37:
d9:92:d0:23:bc:0a:62:60:fd:d3:ed:92:b7:cc:dd:e3:7a:10:
d1:b5:40:45:27:f5:5d:6c:07:32:5e:f4:c1:a9:e9:fb:3e:5f:
9a:96:8c:c3:b0:fc:38:0d:f8:b8:43:cc:95:62:8c:e3:54:df:
88:08:2f:2c:b0:2f:04:7c:8a:b8:18:60:1a:fd:51:ce:de:ec:
16:9c:5d:a3:52:d5:35:fa:42:44:42:ae:c7:04:55:97:9e:48:
dc:10:c1:97:ad:78:85:ad:cb:e4:be:d5:d4:48:c3:c3:ba:26:
ef:63:65:ac:c6:38:ee:cc:c1:21:5a:23:97:6a:99:99:d5:d9:
99:8a:c8:87:23:c9:f2:88:1c:72:b3:b7:cf:24:25:e0:3c:ad:
b3:0b:d5:25:6c:08:e7:bc:a5:89:16:e2:fd:ef:37:9f:57:ac:
c9:7f:ab:06:16:8d:f9:01:b7:71:36:33:83:4e:7e:00:f3:46:
29:1d:5b:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3lSCqDoaQcPkhyhSaVeBa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjExNDU4MjBmZWNlZWYzY2Y1NTI3MDMyNmM1ZTEyNDNm
MjQzNTUwHhcNMjQwMjI2MTE1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQyNDA1YTcxN2NiZDFjNDczNTEzYWM1M2UwOTAxODNiMjkxZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOV7w+sD8QETbHYUQrv2J5drkjVo
kEXoW9yvYy35EJc/3D9Z7d+swUX+XPf6RwkDDjgYR53GBEv04sZlNLrA86YK3lAV
sdnjK3Ommor4+AIDgLvEdn650zw4c9f5Cb/kAv/3I3VINp5XPwbXxPysUFhIyBkk
Ts6icRjLZ+nVQn7GehOc8DX7HdVT5ANbhEfScIVcYQsv3ZxASVlu+xT9H6a9zSZP
rdqvSOH0/pxxzHlVaPuW9nCVWdeYDIu+L2LYd7qqh9gBwqPbYru+S/fKOfNq196i
WYKuHJ/bU6P1RUr3goCT+V9tnZrONF4C0r7eu5s1rV9hdZDIsEDfTYSzGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDpCQFpxfL0cRzUTrFPgkBg7KR8AMB8GA1UdIwQY
MBaAFNkhFFgg/s7vPPVScDJsXhJD8kNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNFVVdDRC16dTg4OVZKd01teGVFa1B5UTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMWE3ZDQtNDlhNC00ZDZmLThjOGQt
ZDgxNTJiNTE1N2Q4LzEvT2tKQVduRjh2UnhITlJPc1UtQ1FHRHNwSHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMWE3ZDQtNDlhNC00ZDZmLThjOGQtZDgxNTJiNTE1N2Q4
LzEvMlNFVVdDRC16dTg4OVZKd01teGVFa1B5UTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXrBhAwQA
1AYyMA0EAgACMAcDBQMqDC9AMA0GCSqGSIb3DQEBCwUAA4IBAQBy1WGJWPhlpsxw
OS3OcLqaogCJh5BFd7Qn8isaLyPcWRj0y+cLoewqnfWTHlbAt3evxJwClPQ8v2A4
Ea+GsoDBvJJxtBaGfTfZktAjvApiYP3T7ZK3zN3jehDRtUBFJ/VdbAcyXvTBqen7
Pl+alozDsPw4Dfi4Q8yVYozjVN+ICC8ssC8EfIq4GGAa/VHO3uwWnF2jUtU1+kJE
Qq7HBFWXnkjcEMGXrXiFrcvkvtXUSMPDuibvY2WsxjjuzMEhWiOXapmZ1dmZisiH
I8nyiBxys7fPJCXgPK2zC9UlbAjnvKWJFuL97zefV6zJf6sGFo35AbdxNjODTn4A
80YpHVsC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:39 2025 by rpki-client