Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/o6ocndT5exwAFkOhNOZaU_sBKsI.roa
File: o6ocndT5exwAFkOhNOZaU_sBKsI.roa (raw, json)
Hash identifier: Pq6I9Kq0XC/7joRwaduGMp+jlN32AsqJFeUkNNy1dZA=
Subject key identifier: A3:AA:1C:9D:D4:F9:7B:1C:00:16:43:A1:34:E6:5A:53:FB:01:2A:C2
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019421B2002F8FF1C7A6215CD2523E011C75
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/o6ocndT5exwAFkOhNOZaU_sBKsI.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 212.116.240.0/24 maxlen: 24
212.116.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 22:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:00:2f:8f:f1:c7:a6:21:5c:d2:52:3e:01:1c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3aa1c9dd4f97b1c001643a134e65a53fb012ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4f:21:29:c9:7b:ef:d9:39:eb:89:0d:08:d3:
f8:6a:80:92:75:be:78:e6:2d:36:42:f9:67:a7:11:
14:6e:fb:eb:ee:c4:00:d6:36:b4:a4:93:92:97:48:
31:35:6d:50:60:5f:b3:41:e4:ce:dc:8e:6d:bd:7d:
4d:b5:13:db:50:ef:5f:bd:96:25:59:b2:7e:02:e3:
0e:10:37:ed:1f:95:e6:99:8a:c1:55:08:5d:0c:7e:
f6:36:ec:7e:dc:71:dc:d2:dd:74:7f:f8:46:96:50:
9a:b3:1b:7a:eb:73:6d:aa:1a:b7:e0:57:47:b0:b0:
49:76:16:ca:10:3d:c1:f2:f8:10:89:ec:94:e8:65:
b8:3a:74:d8:d6:0d:18:b9:3c:3e:a9:b4:d4:16:bc:
e2:4b:0f:8d:63:47:61:9a:d4:ff:1f:6b:8f:3f:16:
d1:bc:cf:c4:5f:a1:76:19:6a:32:07:3c:b4:4a:a0:
dc:ae:c6:d9:52:59:d0:af:a6:52:7a:b6:18:f4:c8:
dc:ea:49:6e:cb:e3:f3:57:7e:35:8b:7b:51:93:41:
77:65:cc:e4:12:d0:ef:6d:07:b9:77:3e:47:fe:18:
b0:f5:5b:c9:b5:bb:69:7d:bf:b0:b4:ed:74:60:e3:
88:7b:aa:0c:d1:a6:78:5a:28:b1:65:3d:96:c3:fe:
e7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AA:1C:9D:D4:F9:7B:1C:00:16:43:A1:34:E6:5A:53:FB:01:2A:C2
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/o6ocndT5exwAFkOhNOZaU_sBKsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.240.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:06:46:1a:48:bd:23:de:96:c1:40:b0:e0:ea:5c:09:3a:30:
21:84:60:58:dc:2c:a1:b3:f2:86:a2:ae:77:88:7b:e5:09:7b:
05:79:e9:eb:28:ca:d8:d7:61:69:dd:95:5c:5c:63:6f:36:90:
7b:5d:de:f3:be:9d:2b:8d:de:ba:7a:01:9e:50:2a:d7:90:d8:
06:be:ee:ea:18:34:df:21:56:21:16:45:6b:be:55:81:55:be:
77:e4:2e:af:50:67:55:ec:88:76:5f:bb:36:8e:fc:5a:ea:44:
9b:96:0b:08:ba:04:a6:63:56:a7:ea:fa:6e:84:93:bc:18:eb:
6c:e2:f7:09:17:bb:d0:5e:e7:8a:84:4c:13:52:d9:81:0a:95:
44:9b:65:9e:22:d1:a8:ee:2e:99:e1:88:68:9f:0c:7a:7b:35:
74:79:91:be:81:b5:ad:c4:ce:11:6f:ab:52:b5:cf:ec:e0:9b:
26:b9:07:89:ee:33:68:2f:60:60:e0:ca:7b:78:70:26:19:3f:
0b:e0:a1:fd:18:76:ff:a4:8e:f7:7a:ed:b8:b7:a0:16:9c:ec:
2d:4e:d8:3f:40:c5:59:dd:55:bd:6f:40:0d:c6:b8:15:01:18:
b3:6c:cd:64:62:97:ae:ce:82:21:d1:e9:43:6e:1d:29:e4:c7:
fb:a3:65:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsgAvj/HHpiFc0lI+ARx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2FhMWM5ZGQ0Zjk3YjFjMDAxNjQzYTEzNGU2NWE1M2ZiMDEyYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm08hKcl779k564kNCNP4aoCSdb54
5i02QvlnpxEUbvvr7sQA1ja0pJOSl0gxNW1QYF+zQeTO3I5tvX1NtRPbUO9fvZYl
WbJ+AuMOEDftH5XmmYrBVQhdDH72Nux+3HHc0t10f/hGllCasxt663Ntqhq34FdH
sLBJdhbKED3B8vgQieyU6GW4OnTY1g0YuTw+qbTUFrziSw+NY0dhmtT/H2uPPxbR
vM/EX6F2GWoyBzy0SqDcrsbZUlnQr6ZSerYY9Mjc6kluy+PzV341i3tRk0F3Zczk
EtDvbQe5dz5H/hiw9VvJtbtpfb+wtO10YOOIe6oM0aZ4WiixZT2Ww/7nOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOqHJ3U+XscABZDoTTmWlP7ASrCMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvbzZvY25kVDVleHdBRmtPaE5PWmFVX3NCS3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HTwMA0G
CSqGSIb3DQEBCwUAA4IBAQCKBkYaSL0j3pbBQLDg6lwJOjAhhGBY3Cyhs/KGoq53
iHvlCXsFeenrKMrY12Fp3ZVcXGNvNpB7Xd7zvp0rjd66egGeUCrXkNgGvu7qGDTf
IVYhFkVrvlWBVb535C6vUGdV7Ih2X7s2jvxa6kSblgsIugSmY1an6vpuhJO8GOts
4vcJF7vQXueKhEwTUtmBCpVEm2WeItGo7i6Z4Yhonwx6ezV0eZG+gbWtxM4Rb6tS
tc/s4JsmuQeJ7jNoL2Bg4Mp7eHAmGT8L4KH9GHb/pI73eu24t6AWnOwtTtg/QMVZ
3VW9b0ANxrgVARizbM1kYpeuzoIh0elDbh0p5Mf7o2VG
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:24 2025 by rpki-client