Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OPcGoABZOlAZUcsE9VZBqzhiRQg.roa
File: OPcGoABZOlAZUcsE9VZBqzhiRQg.roa (raw, json)
Hash identifier: iT3SMhrIOJtnhCdN+xGcR6fILFmuZue6C3gSn1/U5fM=
Subject key identifier: 38:F7:06:A0:00:59:3A:50:19:51:CB:04:F5:56:41:AB:38:62:45:08
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019427B54DFD1BEB7A28A6C192A2B25C8FF9
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OPcGoABZOlAZUcsE9VZBqzhiRQg.roa
Signing time: Thu 02 Jan 2025 15:49:40 +0000
ROA not before: Thu 02 Jan 2025 15:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 09:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4d:fd:1b:eb:7a:28:a6:c1:92:a2:b2:5c:8f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 15:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38f706a000593a501951cb04f55641ab38624508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:d2:d5:f8:a6:4e:ef:38:5d:13:db:dc:d8:
a9:71:17:60:3f:4d:66:57:86:db:99:33:75:08:96:
f0:36:73:9c:d1:e6:1c:87:be:b2:bb:47:a5:1b:51:
ba:ba:87:75:e9:c5:0b:86:c9:a9:a9:42:27:dc:81:
fe:7c:86:87:09:19:31:f2:71:93:29:2d:4f:ea:b4:
76:8b:80:c4:c4:02:2d:fc:44:56:a1:ef:03:25:33:
65:69:2b:2a:64:8a:92:12:9d:98:ff:61:b9:5a:90:
6a:3a:d2:9d:ae:aa:21:7c:dd:11:dd:67:82:d7:64:
55:5d:62:c0:9d:87:6c:71:f1:3d:f6:00:67:a0:77:
6b:3a:a0:b2:95:73:0a:03:df:29:0f:55:6e:13:5d:
65:d4:aa:af:96:36:76:6a:f6:23:93:78:31:97:51:
4e:be:2a:c5:f4:19:5f:dc:20:41:e9:72:98:dd:0a:
3e:ae:3a:96:8a:5d:37:60:06:a1:7a:d4:bd:d0:ec:
08:bf:27:c4:ee:c6:57:12:95:e6:55:b3:99:9d:6b:
08:e5:2f:1d:3b:8e:b2:68:ec:3e:2f:ab:e0:65:b3:
54:e3:90:8b:da:a2:70:38:d0:11:da:f6:d6:a7:0a:
4d:7f:10:8a:45:31:3a:a5:13:5c:50:07:9a:1e:ba:
2b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F7:06:A0:00:59:3A:50:19:51:CB:04:F5:56:41:AB:38:62:45:08
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OPcGoABZOlAZUcsE9VZBqzhiRQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.43.0/24
185.47.91.0/24
Signature Algorithm: sha256WithRSAEncryption
96:93:77:d8:f2:6c:6d:30:9d:01:2a:e3:3e:dc:ea:4b:6e:e3:
16:a2:c3:7e:76:34:2e:92:11:c4:a4:8c:f0:5e:58:87:dc:51:
cf:dd:56:c1:b6:9d:fe:c7:c5:eb:d5:69:db:48:2c:5d:89:56:
1b:74:26:df:ed:01:71:eb:8d:42:13:da:5f:25:6c:1f:69:91:
5a:e9:4b:bf:f8:d9:72:81:56:98:6b:6f:c9:cd:ba:3f:84:08:
89:89:a2:58:18:16:9f:f4:68:b7:a6:54:b1:b7:74:d3:16:b6:
14:bf:df:85:d4:95:63:58:0f:15:e4:37:f7:59:39:15:e2:ff:
65:3b:dd:e5:d1:c6:c6:7d:b4:f6:ba:4b:e7:89:35:fc:9c:df:
45:e8:da:55:c5:44:f7:46:a4:08:9b:52:e1:7f:10:eb:af:7a:
76:f1:9c:92:dc:d0:d4:0d:59:9c:2c:c3:30:1f:9d:3c:aa:fc:
1e:e2:74:b8:31:1f:95:9a:3e:4e:9f:66:26:c0:81:3d:9e:f6:
9c:5a:13:71:05:85:f1:cf:e4:eb:55:ee:6a:ea:a0:63:af:22:
de:06:f9:c9:b3:d5:d9:fd:aa:07:ce:3a:8f:b7:74:ec:0d:b6:
2a:dd:c2:bb:49:2d:47:e3:ea:30:81:9f:b7:5a:bf:06:d7:3d:
80:1d:3a:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntU39G+t6KKbBkqKyXI/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMTAyMTU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGY3MDZhMDAwNTkzYTUwMTk1MWNiMDRmNTU2NDFhYjM4NjI0NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5bS1fimTu84XRPb3NipcRdgP01m
V4bbmTN1CJbwNnOc0eYch76yu0elG1G6uod16cULhsmpqUIn3IH+fIaHCRkx8nGT
KS1P6rR2i4DExAIt/ERWoe8DJTNlaSsqZIqSEp2Y/2G5WpBqOtKdrqohfN0R3WeC
12RVXWLAnYdscfE99gBnoHdrOqCylXMKA98pD1VuE11l1KqvljZ2avYjk3gxl1FO
virF9Blf3CBB6XKY3Qo+rjqWil03YAahetS90OwIvyfE7sZXEpXmVbOZnWsI5S8d
O46yaOw+L6vgZbNU45CL2qJwONAR2vbWpwpNfxCKRTE6pRNcUAeaHrorMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDj3BqAAWTpQGVHLBPVWQas4YkUIMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvT1BjR29BQlpPbEFaVWNzRTlWWkJxemhpUlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXkrAwQA
uS9bMA0GCSqGSIb3DQEBCwUAA4IBAQCWk3fY8mxtMJ0BKuM+3OpLbuMWosN+djQu
khHEpIzwXliH3FHP3VbBtp3+x8Xr1WnbSCxdiVYbdCbf7QFx641CE9pfJWwfaZFa
6Uu/+NlygVaYa2/Jzbo/hAiJiaJYGBaf9Gi3plSxt3TTFrYUv9+F1JVjWA8V5Df3
WTkV4v9lO93l0cbGfbT2ukvniTX8nN9F6NpVxUT3RqQIm1LhfxDrr3p28ZyS3NDU
DVmcLMMwH508qvwe4nS4MR+Vmj5On2YmwIE9nvacWhNxBYXxz+TrVe5q6qBjryLe
BvnJs9XZ/aoHzjqPt3TsDbYq3cK7SS1H4+owgZ+3Wr8G1z2AHTrN
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:13:54 2025 by rpki-client