Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/c20633-f797-4b65-b983-06a4123b461e/1/o4LxCJBFN1mvgOljdvcTlRH0yPI.roa
File: o4LxCJBFN1mvgOljdvcTlRH0yPI.roa (raw, json)
Hash identifier: a4fDzBu1KSIutL9089fnpHDUn3OpzdgoKwGMjGiCip4=
Subject key identifier: A3:82:F1:08:90:45:37:59:AF:80:E9:63:76:F7:13:95:11:F4:C8:F2
Certificate issuer: /CN=9b37f13abd98277c691fc76ce933410d5d3f37c8
Certificate serial: 018CC64B036B36DBF96979EC1207351E5225
Authority key identifier: 9B:37:F1:3A:BD:98:27:7C:69:1F:C7:6C:E9:33:41:0D:5D:3F:37:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzfxOr2YJ3xpH8ds6TNBDV0_N8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/c20633-f797-4b65-b983-06a4123b461e/1/o4LxCJBFN1mvgOljdvcTlRH0yPI.roa
Signing time: Mon 01 Jan 2024 18:30:53 +0000
ROA not before: Mon 01 Jan 2024 18:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41273
IP address blocks: 83.171.216.0/22 maxlen: 24
2a09:2f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:03:6b:36:db:f9:69:79:ec:12:07:35:1e:52:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b37f13abd98277c691fc76ce933410d5d3f37c8
Validity
Not Before: Jan 1 18:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a382f10890453759af80e96376f7139511f4c8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f8:0f:b3:c3:8c:3c:1c:5f:b7:2f:68:aa:99:
56:ec:ff:21:4c:63:68:5b:dc:73:5c:10:c1:9d:46:
9c:e2:e8:7b:eb:cc:99:a8:46:4d:24:c6:95:bb:79:
11:6e:a6:18:c6:ac:ad:b8:da:d3:f4:c0:e8:4f:e0:
3c:67:72:e1:e1:54:f2:87:76:81:da:25:4c:a0:ce:
fd:cf:cc:ef:f0:79:c3:9f:14:b1:a2:d8:37:85:11:
30:58:e8:41:0a:e3:18:8b:82:d5:07:57:3e:33:7e:
c3:69:95:fd:0d:fc:80:7d:c4:36:a9:8f:4e:3c:29:
2e:be:e2:01:17:18:30:19:88:0d:0a:d5:e6:1d:84:
bd:c6:8b:5b:47:45:86:ea:a5:b0:79:d3:74:d3:ef:
72:ef:82:48:6e:88:09:18:0d:4d:1a:cd:3e:7f:27:
02:c8:d0:bc:58:99:4b:33:20:41:9b:46:75:3e:80:
2c:b8:9b:d9:44:37:88:a0:b0:5f:da:43:05:37:e6:
ab:0c:7c:f6:e0:21:50:00:88:e0:56:e9:aa:1b:34:
8e:b0:6f:eb:3c:15:b3:c4:11:4a:d2:f2:d0:06:82:
ec:24:64:e1:48:bf:e6:7d:fc:a7:80:6d:82:99:e7:
b0:66:88:df:05:df:a8:a1:fb:a2:4e:db:46:3d:e5:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:82:F1:08:90:45:37:59:AF:80:E9:63:76:F7:13:95:11:F4:C8:F2
X509v3 Authority Key Identifier:
keyid:9B:37:F1:3A:BD:98:27:7C:69:1F:C7:6C:E9:33:41:0D:5D:3F:37:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzfxOr2YJ3xpH8ds6TNBDV0_N8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/c20633-f797-4b65-b983-06a4123b461e/1/o4LxCJBFN1mvgOljdvcTlRH0yPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/c20633-f797-4b65-b983-06a4123b461e/1/mzfxOr2YJ3xpH8ds6TNBDV0_N8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.216.0/22
IPv6:
2a09:2f00::/29
Signature Algorithm: sha256WithRSAEncryption
4e:54:e6:94:27:95:76:a4:c3:0f:f8:a7:86:82:4a:34:23:43:
04:8a:70:72:e9:d2:0f:1b:20:e1:00:1f:c8:80:64:81:c6:37:
74:f2:42:6b:c6:57:f9:ee:58:b2:0a:0c:e6:d9:30:17:c7:74:
8f:7c:0c:fb:4e:3d:0e:47:97:0e:2a:11:a6:96:14:a5:64:f9:
cc:c6:9e:21:68:5b:d2:f8:e0:68:db:d2:4a:a4:55:da:a9:b0:
af:f8:ad:5e:cc:ba:03:9c:9d:8b:42:52:a5:57:d1:20:79:c7:
cf:11:d5:ba:52:81:bb:74:64:39:c0:da:26:96:70:a9:ef:69:
7e:89:c4:fc:45:66:30:83:f7:68:ac:6e:31:ee:56:3a:af:bf:
33:6f:a9:76:e7:a4:8c:9b:da:a0:6f:a7:11:f8:d8:cd:b8:c7:
01:f5:1b:20:a2:29:11:de:21:aa:b4:c7:2b:39:71:a8:af:13:
59:a9:dd:ed:5b:15:f6:cd:e1:5c:ba:b4:56:10:1e:94:fd:8c:
0b:cf:c9:a6:8b:0f:06:af:55:75:29:b7:dd:c2:29:17:96:73:
45:82:8b:be:4b:5c:2d:af:5e:fc:cc:12:95:97:83:d0:e7:60:
77:6f:4f:98:8d:59:5f:2e:ed:e6:84:17:ee:de:e5:88:63:ca:
3d:b3:c8:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSwNrNtv5aXnsEgc1HlIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzdmMTNhYmQ5ODI3N2M2OTFmYzc2Y2U5MzM0MTBkNWQz
ZjM3YzgwHhcNMjQwMTAxMTgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgyZjEwODkwNDUzNzU5YWY4MGU5NjM3NmY3MTM5NTExZjRjOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPgPs8OMPBxfty9oqplW7P8hTGNo
W9xzXBDBnUac4uh768yZqEZNJMaVu3kRbqYYxqytuNrT9MDoT+A8Z3Lh4VTyh3aB
2iVMoM79z8zv8HnDnxSxotg3hREwWOhBCuMYi4LVB1c+M37DaZX9DfyAfcQ2qY9O
PCkuvuIBFxgwGYgNCtXmHYS9xotbR0WG6qWwedN00+9y74JIbogJGA1NGs0+fycC
yNC8WJlLMyBBm0Z1PoAsuJvZRDeIoLBf2kMFN+arDHz24CFQAIjgVumqGzSOsG/r
PBWzxBFK0vLQBoLsJGThSL/mffyngG2CmeewZojfBd+oofuiTttGPeWWmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKOC8QiQRTdZr4DpY3b3E5UR9MjyMB8GA1UdIwQY
MBaAFJs38Tq9mCd8aR/HbOkzQQ1dPzfIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpmeE9yMllKM3hwSDhkczZUTkJEVjBfTjhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jMjA2MzMtZjc5Ny00YjY1LWI5ODMt
MDZhNDEyM2I0NjFlLzEvbzRMeENKQkZOMW12Z09samR2Y1RsUkgweVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jMjA2MzMtZjc5Ny00YjY1LWI5ODMtMDZhNDEyM2I0NjFl
LzEvbXpmeE9yMllKM3hwSDhkczZUTkJEVjBfTjhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCU6vYMA0E
AgACMAcDBQMqCS8AMA0GCSqGSIb3DQEBCwUAA4IBAQBOVOaUJ5V2pMMP+KeGgko0
I0MEinBy6dIPGyDhAB/IgGSBxjd08kJrxlf57liyCgzm2TAXx3SPfAz7Tj0OR5cO
KhGmlhSlZPnMxp4haFvS+OBo29JKpFXaqbCv+K1ezLoDnJ2LQlKlV9EgecfPEdW6
UoG7dGQ5wNomlnCp72l+icT8RWYwg/dorG4x7lY6r78zb6l256SMm9qgb6cR+NjN
uMcB9RsgoikR3iGqtMcrOXGorxNZqd3tWxX2zeFcurRWEB6U/YwLz8mmiw8Gr1V1
KbfdwikXlnNFgou+S1wtr178zBKVl4PQ52B3b0+YjVlfLu3mhBfu3uWIY8o9s8iU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:46 2025 by rpki-client