Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/h4VOiYOb4hMiJ5h07r0EdrQkDHQ.roa
File: h4VOiYOb4hMiJ5h07r0EdrQkDHQ.roa (raw, json)
Hash identifier: p6DypMXf1x5UOGRx21UZ6+AnhZ4kyQsIP4WvPBhmM+U=
Subject key identifier: 87:85:4E:89:83:9B:E2:13:22:27:98:74:EE:BD:04:76:B4:24:0C:74
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019372D261A6412CAEEB0842A1F24C82E0A3
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/h4VOiYOb4hMiJ5h07r0EdrQkDHQ.roa
Signing time: Thu 28 Nov 2024 12:50:10 +0000
ROA not before: Thu 28 Nov 2024 12:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 212.116.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:d2:61:a6:41:2c:ae:eb:08:42:a1:f2:4c:82:e0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Nov 28 12:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87854e89839be21322279874eebd0476b4240c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:9b:5d:75:61:37:d2:fa:ff:6a:0c:55:c5:
f3:42:7b:f7:e8:a2:66:d3:e8:bd:6b:e3:77:b5:3f:
07:02:0d:ea:e4:9f:7c:6a:da:8c:df:61:c9:2b:72:
a4:3d:98:17:b4:7d:70:52:52:0c:a3:c5:f8:3a:f5:
21:82:ec:32:9e:b5:05:92:a6:de:a3:13:e5:44:ff:
0a:e0:b2:1a:cc:25:b0:6b:59:b5:bf:3b:a4:a0:0f:
06:da:3f:a1:ce:62:5f:cc:69:04:1d:fa:5c:00:47:
42:1b:62:90:ea:04:b7:0f:61:7f:07:a3:b9:31:38:
28:6a:6a:a2:1d:fb:d6:da:2f:b1:d0:42:23:7f:35:
70:05:2e:61:24:c1:20:55:ec:54:6e:3f:98:3d:0f:
6a:c4:54:37:e2:2c:4d:60:13:5b:07:86:6c:02:f4:
98:25:77:66:8f:03:3d:b7:8c:e6:58:7d:14:e1:ce:
64:c7:1c:be:39:32:7a:82:a7:50:1b:5f:28:18:72:
32:58:1a:eb:d8:55:c2:64:75:10:58:2a:ed:9c:2e:
09:c0:bf:66:f5:5a:c0:e9:b6:43:4c:b2:59:82:d1:
6e:9f:55:b1:0a:7d:5e:91:b0:01:7d:49:04:c4:bf:
31:c6:83:2e:78:7e:e9:38:0f:43:fc:69:d9:c3:ba:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:85:4E:89:83:9B:E2:13:22:27:98:74:EE:BD:04:76:B4:24:0C:74
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/h4VOiYOb4hMiJ5h07r0EdrQkDHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:11:e3:37:8c:48:c4:a1:e3:d4:50:db:57:6f:c4:13:9c:63:
c9:72:08:fa:37:9a:63:80:7c:cf:82:f9:47:64:a8:b3:3d:c1:
a6:a0:d5:39:ac:0a:bd:65:d5:40:4a:ff:13:11:70:a7:c8:3e:
48:ee:40:39:bb:ce:c8:4b:38:fe:b1:4a:fc:5d:9e:08:db:4c:
5a:74:69:27:6b:25:51:dc:d2:aa:e4:16:17:0b:97:55:30:43:
0f:aa:2e:83:86:f9:79:b9:62:10:54:56:e3:63:9e:93:35:be:
87:b8:24:ca:73:c7:80:c8:80:d1:ae:d5:77:b1:60:41:de:3a:
92:64:d8:fd:7a:b3:83:e0:ac:e8:63:78:e9:c1:6d:68:56:79:
21:05:42:d6:bd:7c:05:37:db:1a:8b:af:ef:b9:19:58:b0:0b:
d5:58:a0:b0:d0:c8:4d:6b:ca:39:c3:89:d7:a0:61:13:45:d2:
27:0f:f8:94:18:45:10:98:ed:5a:48:22:23:88:59:08:1a:ad:
f3:23:d0:c0:2a:16:5e:56:78:2b:eb:90:df:96:18:70:90:18:
d2:5d:f5:ff:af:18:a4:0f:f3:c7:06:d6:ca:3b:c9:d9:da:a7:
1e:b0:2f:f4:3a:ca:e2:78:6f:ef:fd:cb:d7:15:1f:a7:38:76:
81:8c:4a:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNy0mGmQSyu6whCofJMguCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQxMTI4MTI1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg1NGU4OTgzOWJlMjEzMjIyNzk4NzRlZWJkMDQ3NmI0MjQwYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvKbXXVhN9L6/2oMVcXzQnv36KJm
0+i9a+N3tT8HAg3q5J98atqM32HJK3KkPZgXtH1wUlIMo8X4OvUhguwynrUFkqbe
oxPlRP8K4LIazCWwa1m1vzukoA8G2j+hzmJfzGkEHfpcAEdCG2KQ6gS3D2F/B6O5
MTgoamqiHfvW2i+x0EIjfzVwBS5hJMEgVexUbj+YPQ9qxFQ34ixNYBNbB4ZsAvSY
JXdmjwM9t4zmWH0U4c5kxxy+OTJ6gqdQG18oGHIyWBrr2FXCZHUQWCrtnC4JwL9m
9VrA6bZDTLJZgtFun1WxCn1ekbABfUkExL8xxoMueH7pOA9D/GnZw7qOUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeFTomDm+ITIieYdO69BHa0JAx0MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvaDRWT2lZT2I0aE1pSjVoMDdyMEVkclFrREhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1HTkMA0G
CSqGSIb3DQEBCwUAA4IBAQALEeM3jEjEoePUUNtXb8QTnGPJcgj6N5pjgHzPgvlH
ZKizPcGmoNU5rAq9ZdVASv8TEXCnyD5I7kA5u87ISzj+sUr8XZ4I20xadGknayVR
3NKq5BYXC5dVMEMPqi6Dhvl5uWIQVFbjY56TNb6HuCTKc8eAyIDRrtV3sWBB3jqS
ZNj9erOD4KzoY3jpwW1oVnkhBULWvXwFN9sai6/vuRlYsAvVWKCw0MhNa8o5w4nX
oGETRdInD/iUGEUQmO1aSCIjiFkIGq3zI9DAKhZeVngr65DflhhwkBjSXfX/rxik
D/PHBtbKO8nZ2qcesC/0OsrieG/v/cvXFR+nOHaBjEqa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:14 2025 by rpki-client