Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OGpP3k91_eu6jYBUtWCfDi2agdw.roa
File: OGpP3k91_eu6jYBUtWCfDi2agdw.roa (raw, json)
Hash identifier: OSOYBXtCeUH4m2ECX3/5vlyuEwBOEOvx9SAdixJz4Ck=
Subject key identifier: 38:6A:4F:DE:4F:75:FD:EB:BA:8D:80:54:B5:60:9F:0E:2D:9A:81:DC
Certificate issuer: /CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Certificate serial: 018CCA99AA8ECBCB3D87584929BBF7D40296
Authority key identifier: 38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OGpP3k91_eu6jYBUtWCfDi2agdw.roa
Signing time: Tue 02 Jan 2024 14:35:17 +0000
ROA not before: Tue 02 Jan 2024 14:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44133
IP address blocks: 185.119.116.0/22 maxlen: 22
93.189.24.0/21 maxlen: 21
37.252.184.0/21 maxlen: 21
2a00:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:aa:8e:cb:cb:3d:87:58:49:29:bb:f7:d4:02:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Validity
Not Before: Jan 2 14:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=386a4fde4f75fdebba8d8054b5609f0e2d9a81dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7f:d2:af:33:d8:16:b6:17:0c:ed:e4:87:3d:
3b:6f:32:d4:04:c1:39:39:bf:9d:b3:fd:d1:cd:71:
2c:96:eb:45:0f:72:a4:a0:f9:c0:b7:75:48:70:79:
77:5e:c3:0e:5f:22:09:5a:ac:5b:7e:f5:b3:35:bd:
73:81:56:3b:d6:aa:7c:f7:29:ca:a8:c2:fe:a2:1e:
59:fa:29:91:2f:45:f4:6b:5a:e5:81:b2:2d:d6:42:
43:76:0b:02:46:b5:3f:b5:92:13:b1:72:20:32:bd:
e2:b7:11:40:2c:e6:e6:2d:4a:96:f2:bb:02:1d:40:
a1:da:fb:cf:2d:a2:80:0b:d1:27:ed:6e:43:8f:25:
8e:73:ba:1a:58:8c:6f:fe:dc:a1:57:76:08:4e:32:
ce:5d:06:08:2c:9c:1d:52:01:c6:ce:70:17:2e:de:
ae:a8:3a:18:b6:a1:4a:7e:03:0b:6f:a5:74:9f:05:
ef:8d:40:c4:c5:ff:d8:2f:0d:8c:d7:1d:b2:d4:44:
76:c2:74:24:5a:72:11:77:98:cf:f3:82:02:b0:92:
16:55:bb:0a:3c:58:70:9a:ca:65:4e:d9:68:38:75:
0c:24:42:02:b7:f6:f0:59:2e:ed:85:dc:bc:2a:a0:
7b:20:47:c5:15:60:63:71:a7:4c:9f:6c:16:10:7b:
e5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6A:4F:DE:4F:75:FD:EB:BA:8D:80:54:B5:60:9F:0E:2D:9A:81:DC
X509v3 Authority Key Identifier:
keyid:38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OGpP3k91_eu6jYBUtWCfDi2agdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.184.0/21
93.189.24.0/21
185.119.116.0/22
IPv6:
2a00:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:86:73:ff:95:ae:eb:59:6d:60:0f:4b:e1:d0:72:8d:53:40:
c9:1d:ab:9a:70:63:12:5c:42:5d:2b:dc:83:a8:6d:ae:d1:63:
a3:e9:f2:9e:14:c4:0a:30:ae:0e:a5:aa:2a:3d:5e:4c:24:c2:
99:ce:98:96:5f:0b:5b:66:5e:fc:f0:cd:ad:a0:8a:1a:eb:4a:
03:f5:39:b6:ae:48:28:8e:45:e4:43:05:7a:f2:2e:a6:f4:84:
20:79:69:5e:89:cf:99:63:b2:d9:d7:d8:12:56:88:12:6c:20:
31:75:7f:5f:1e:cd:bb:9d:be:71:94:9e:63:4d:dd:f0:bf:ce:
e6:2f:b9:e1:37:05:21:87:d1:1f:45:57:dc:ba:44:77:d4:e5:
8a:6d:29:93:54:6f:e2:8c:32:2f:73:a8:b1:03:67:5b:3c:a2:
07:c9:fd:72:fb:b0:14:fb:04:e4:36:bd:88:fe:ce:ff:9b:4f:
74:bf:4a:06:6a:fa:f8:29:69:3e:01:7e:c1:b1:b2:97:dd:58:
1f:f0:91:21:f4:59:79:a1:11:3f:68:8a:e7:c7:66:e7:95:b6:
93:cb:e6:05:7b:36:e3:7b:2e:d4:58:70:f6:96:2c:6a:74:17:
2a:23:01:31:b6:7a:ee:06:46:e9:38:25:8c:db:d3:58:31:7e:
2f:c4:5a:79
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKmaqOy8s9h1hJKbv31AKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Yjc4YzhlZWY5YWQyNTdkNjkwZDc3ZGM5YWUzZmU5YTYy
NGIyOGQwHhcNMjQwMTAyMTQzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZhNGZkZTRmNzVmZGViYmE4ZDgwNTRiNTYwOWYwZTJkOWE4MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH/SrzPYFrYXDO3khz07bzLUBME5
Ob+ds/3RzXEslutFD3KkoPnAt3VIcHl3XsMOXyIJWqxbfvWzNb1zgVY71qp89ynK
qML+oh5Z+imRL0X0a1rlgbIt1kJDdgsCRrU/tZITsXIgMr3itxFALObmLUqW8rsC
HUCh2vvPLaKAC9En7W5DjyWOc7oaWIxv/tyhV3YITjLOXQYILJwdUgHGznAXLt6u
qDoYtqFKfgMLb6V0nwXvjUDExf/YLw2M1x2y1ER2wnQkWnIRd5jP84ICsJIWVbsK
PFhwmsplTtloOHUMJEICt/bwWS7thdy8KqB7IEfFFWBjcadMn2wWEHvlSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDhqT95Pdf3ruo2AVLVgnw4tmoHcMB8GA1UdIwQY
MBaAFDi3jI7vmtJX1pDXfcmuP+mmJLKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEt
ZjUxOGE5Zjc5NzkwLzEvT0dwUDNrOTFfZXU2allCVXRXQ2ZEaTJhZ2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEtZjUxOGE5Zjc5Nzkw
LzEvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJfy4AwQD
Xb0YAwQCuXd0MA0EAgACMAcDBQMqAGPAMA0GCSqGSIb3DQEBCwUAA4IBAQCFhnP/
la7rWW1gD0vh0HKNU0DJHauacGMSXEJdK9yDqG2u0WOj6fKeFMQKMK4OpaoqPV5M
JMKZzpiWXwtbZl788M2toIoa60oD9Tm2rkgojkXkQwV68i6m9IQgeWleic+ZY7LZ
19gSVogSbCAxdX9fHs27nb5xlJ5jTd3wv87mL7nhNwUhh9EfRVfcukR31OWKbSmT
VG/ijDIvc6ixA2dbPKIHyf1y+7AU+wTkNr2I/s7/m090v0oGavr4KWk+AX7BsbKX
3Vgf8JEh9Fl5oRE/aIrnx2bnlbaTy+YFezbjey7UWHD2lixqdBcqIwExtnruBkbp
OCWM29NYMX4vxFp5
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:46 2025 by rpki-client