Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/O71N5VU1m0nQQOrXfvDlvRvKYTs.roa
File: O71N5VU1m0nQQOrXfvDlvRvKYTs.roa (raw, json)
Hash identifier: in/d6kcHGNn1Dpmxi7DoVZxkGNbtGlTYvci9cqY3wLU=
Subject key identifier: 3B:BD:4D:E5:55:35:9B:49:D0:40:EA:D7:7E:F0:E5:BD:1B:CA:61:3B
Certificate issuer: /CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Certificate serial: 018CC9BC65A792018A4F7EE55ABCD69DE19A
Authority key identifier: 6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/O71N5VU1m0nQQOrXfvDlvRvKYTs.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 194.147.69.0/24 maxlen: 24
194.147.68.0/24 maxlen: 24
194.124.191.0/24 maxlen: 24
2a0a:aec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Nov 2024 14:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:65:a7:92:01:8a:4f:7e:e5:5a:bc:d6:9d:e1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bbd4de555359b49d040ead77ef0e5bd1bca613b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c1:2e:d7:97:20:b9:03:79:12:a7:3d:37:ff:
a7:f8:2d:24:a2:4c:52:89:b5:f1:55:ab:37:bf:2d:
7e:af:4f:6f:b0:d8:cf:f3:30:98:bc:76:55:1a:dc:
ea:42:07:6d:d5:ee:c5:2e:24:2d:67:8e:f6:69:55:
f5:2e:d8:db:17:1c:30:54:6f:3b:09:3a:ee:f4:46:
aa:eb:25:5a:8b:d9:e1:6b:89:d3:2c:ad:16:8b:ab:
4d:8f:d4:56:6b:48:08:d4:e2:11:9d:05:19:41:86:
0f:e8:22:4b:9f:17:e4:01:cc:06:7c:92:46:3b:1f:
bc:d3:8e:55:7c:96:16:fb:28:98:05:5d:e2:e7:4b:
1c:b0:79:c1:dd:13:0e:02:0b:8f:f4:b1:40:06:b4:
0f:79:7b:f4:f6:f5:53:a2:a2:fa:37:2f:4e:3e:1a:
04:86:0a:e5:8a:4b:62:af:e4:05:d6:76:ee:01:68:
8d:7f:48:c2:c0:52:ea:8e:4f:5e:83:6f:1e:6e:1a:
85:fe:45:f5:fc:b4:7e:fe:df:7f:e5:fc:a4:b0:45:
ec:e0:91:d9:91:b2:34:cb:df:a7:60:84:c8:a5:95:
0f:82:c8:93:4a:ab:8a:83:79:ed:c8:ae:eb:c4:23:
75:07:30:f9:7c:04:04:ea:e2:40:cc:93:44:18:d0:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BD:4D:E5:55:35:9B:49:D0:40:EA:D7:7E:F0:E5:BD:1B:CA:61:3B
X509v3 Authority Key Identifier:
keyid:6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/O71N5VU1m0nQQOrXfvDlvRvKYTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.191.0/24
194.147.68.0/23
IPv6:
2a0a:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
88:f1:7f:81:a5:7f:0d:09:d7:7d:4f:39:c8:5a:45:38:0a:1f:
60:73:fc:54:ec:99:c5:66:60:a3:ac:cb:55:41:41:b1:bc:27:
a4:61:27:d6:ad:5f:ab:9c:02:45:43:95:91:fc:98:10:96:09:
9f:8a:93:4b:52:b5:42:a0:40:b8:27:1f:d2:69:d9:ca:69:5d:
54:62:a0:ea:89:e0:91:12:52:96:13:ec:05:bb:1c:39:14:50:
5a:92:3e:64:73:7e:70:35:5a:43:a5:09:76:df:32:1e:6f:b7:
5c:bf:31:d5:bf:50:7f:b6:f7:4c:4f:d0:61:52:db:b0:c6:98:
93:a6:86:55:a9:8a:08:75:0c:17:27:c7:54:6d:92:fe:cb:38:
21:81:d9:ec:db:b7:02:ca:03:47:4d:df:70:e4:d9:d5:0f:ff:
62:49:e0:7b:87:06:46:d2:d2:5c:97:ec:64:8e:a3:a0:03:6c:
54:3c:cd:a0:57:c7:e1:9b:a4:a2:62:7b:84:be:d3:c3:61:00:
fb:d5:54:db:f4:4e:18:31:fd:ec:1f:43:dc:ee:9d:ec:aa:01:
39:cb:75:4e:b3:59:65:18:45:88:de:25:72:fa:0e:a3:c7:ea:
86:eb:fb:f5:72:b7:0a:b6:e1:e9:6e:b1:b3:b5:64:a7:0a:f8:
f7:71:4d:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvGWnkgGKT37lWrzWneGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGIzZTZhN2M4NzgzZmM4YTU3MTlmYmQ5ZjM3YjMyYzhj
N2M1Y2EwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJkNGRlNTU1MzU5YjQ5ZDA0MGVhZDc3ZWYwZTViZDFiY2E2MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcEu15cguQN5Eqc9N/+n+C0kokxS
ibXxVas3vy1+r09vsNjP8zCYvHZVGtzqQgdt1e7FLiQtZ472aVX1LtjbFxwwVG87
CTru9Eaq6yVai9nha4nTLK0Wi6tNj9RWa0gI1OIRnQUZQYYP6CJLnxfkAcwGfJJG
Ox+8045VfJYW+yiYBV3i50scsHnB3RMOAguP9LFABrQPeXv09vVToqL6Ny9OPhoE
hgrliktir+QF1nbuAWiNf0jCwFLqjk9eg28ebhqF/kX1/LR+/t9/5fyksEXs4JHZ
kbI0y9+nYITIpZUPgsiTSquKg3ntyK7rxCN1BzD5fAQE6uJAzJNEGNAEawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDu9TeVVNZtJ0EDq137w5b0bymE7MB8GA1UdIwQY
MBaAFGtLPmp8h4P8ilcZ+9nzezLIx8XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmIt
NDMzMmM5NTdhMjJmLzEvTzcxTjVWVTFtMG5RUU9yWGZ2RGx2UnZLWVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmItNDMzMmM5NTdhMjJm
LzEvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwny/AwQB
wpNEMA0EAgACMAcDBQMqCq7AMA0GCSqGSIb3DQEBCwUAA4IBAQCI8X+BpX8NCdd9
TznIWkU4Ch9gc/xU7JnFZmCjrMtVQUGxvCekYSfWrV+rnAJFQ5WR/JgQlgmfipNL
UrVCoEC4Jx/SadnKaV1UYqDqieCRElKWE+wFuxw5FFBakj5kc35wNVpDpQl23zIe
b7dcvzHVv1B/tvdMT9BhUtuwxpiTpoZVqYoIdQwXJ8dUbZL+yzghgdns27cCygNH
Td9w5NnVD/9iSeB7hwZG0tJcl+xkjqOgA2xUPM2gV8fhm6SiYnuEvtPDYQD71VTb
9E4YMf3sH0Pc7p3sqgE5y3VOs1llGEWI3iVy+g6jx+qG6/v1crcKtuHpbrGztWSn
Cvj3cU0X
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:00:41 2025 by rpki-client