Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/o-t-EjM-KB0pgNLckexGLMKhgyg.roa
File: o-t-EjM-KB0pgNLckexGLMKhgyg.roa (raw, json)
Hash identifier: 7FwRBBKJHgud5v2Fpl8brob+ali1Ddz3HCm/QiZ40rk=
Subject key identifier: A3:EB:7E:12:33:3E:28:1D:29:80:D2:DC:91:EC:46:2C:C2:A1:83:28
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018CF8D50B3D54FDFAFB640A5136369D8FE6
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/o-t-EjM-KB0pgNLckexGLMKhgyg.roa
Signing time: Thu 11 Jan 2024 14:02:40 +0000
ROA not before: Thu 11 Jan 2024 14:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
185.253.76.0/24 maxlen: 24
185.253.79.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:d5:0b:3d:54:fd:fa:fb:64:0a:51:36:36:9d:8f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 11 14:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3eb7e12333e281d2980d2dc91ec462cc2a18328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:58:1f:58:d8:54:34:12:ba:f3:89:7c:cd:cb:
c8:e6:a7:c5:a3:27:ee:d3:ed:64:24:d5:7a:b8:1a:
d0:7c:e7:d1:45:d6:cc:8b:53:cc:ee:cb:a9:19:4c:
5e:8a:1a:41:59:43:88:d9:f3:60:17:56:11:4f:a2:
78:b9:dc:d0:cb:5f:60:38:35:13:a5:d1:29:eb:f2:
c4:54:9a:97:3b:a5:09:85:1c:f7:ae:34:80:33:5f:
06:7c:92:78:3a:b4:21:e9:47:29:5e:2f:07:4f:d2:
9b:1e:65:09:cf:77:c1:ce:6a:40:b6:87:62:f9:b5:
f3:f5:16:4e:d1:34:54:29:ba:3b:7c:f1:a4:86:56:
96:ac:fd:20:e8:a1:68:0d:16:43:b5:96:6b:a7:7e:
3d:2d:9f:48:91:52:23:8d:f7:75:13:af:bd:24:d2:
5e:21:b4:db:f4:c4:29:b4:6b:7a:92:62:29:bf:55:
cc:44:84:f9:53:50:83:14:89:a5:06:3c:e8:c5:2e:
09:4a:8c:12:c9:03:da:6f:81:14:26:c3:8f:85:d9:
f3:67:d1:7e:ec:47:38:4f:66:ba:f2:a6:03:de:6f:
d2:05:fc:c3:8b:89:ac:7d:b3:84:25:69:49:1c:99:
62:99:c4:da:de:08:4d:89:3b:58:05:f7:b1:30:96:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EB:7E:12:33:3E:28:1D:29:80:D2:DC:91:EC:46:2C:C2:A1:83:28
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/o-t-EjM-KB0pgNLckexGLMKhgyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.119.0/24
185.253.76.0/22
Signature Algorithm: sha256WithRSAEncryption
52:3d:dc:f9:9a:70:22:ec:f8:9b:a2:ca:da:d4:f0:ec:8f:5d:
75:c5:6f:4d:ee:78:23:ad:8e:0e:de:6f:18:96:5c:f3:5a:b7:
af:92:6e:2e:34:1e:10:f6:64:3c:52:5c:ee:dc:fe:d9:24:54:
94:79:71:05:ee:41:2f:49:27:a7:a3:a0:93:1b:06:dc:0d:96:
f7:fe:ee:04:3b:2d:95:ae:31:90:85:c4:b1:de:21:09:44:14:
07:1a:10:23:33:bb:3f:4f:c2:fb:b8:22:82:05:bb:88:26:a9:
e3:dc:6a:93:4c:dc:15:d0:d8:7b:04:dd:85:40:43:9f:20:89:
d9:cc:f8:ce:14:15:9e:dc:08:12:21:e7:52:0e:f3:df:3d:d2:
e5:39:af:41:c1:7b:3c:23:9a:0e:85:b4:c8:f2:63:86:f1:d3:
d3:9b:c3:f3:10:27:e6:3a:d2:4d:b9:a5:d7:12:cf:ef:99:b6:
95:8f:cb:eb:e4:ae:d0:27:30:79:6c:35:49:0f:b7:7e:03:85:
76:3e:63:78:df:3f:e7:fe:0c:e6:ce:7e:d9:e9:31:52:34:a5:
d2:30:48:3c:1f:5e:0c:b8:a1:e0:cb:25:b5:c3:73:18:5f:77:
ec:86:cd:8e:29:fa:c2:87:72:b7:d4:39:ed:4f:bc:e8:bf:d0:
85:84:b6:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz41Qs9VP36+2QKUTY2nY/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQwMTExMTQwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ViN2UxMjMzM2UyODFkMjk4MGQyZGM5MWVjNDYyY2MyYTE4MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplgfWNhUNBK684l8zcvI5qfFoyfu
0+1kJNV6uBrQfOfRRdbMi1PM7supGUxeihpBWUOI2fNgF1YRT6J4udzQy19gODUT
pdEp6/LEVJqXO6UJhRz3rjSAM18GfJJ4OrQh6UcpXi8HT9KbHmUJz3fBzmpAtodi
+bXz9RZO0TRUKbo7fPGkhlaWrP0g6KFoDRZDtZZrp349LZ9IkVIjjfd1E6+9JNJe
IbTb9MQptGt6kmIpv1XMRIT5U1CDFImlBjzoxS4JSowSyQPab4EUJsOPhdnzZ9F+
7Ec4T2a68qYD3m/SBfzDi4msfbOEJWlJHJlimcTa3ghNiTtYBfexMJZuEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKPrfhIzPigdKYDS3JHsRizCoYMoMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvby10LUVqTS1LQjBwZ05MY2tleEdMTUtoZ3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+93AwQC
uf1MMA0GCSqGSIb3DQEBCwUAA4IBAQBSPdz5mnAi7Pibosra1PDsj111xW9N7ngj
rY4O3m8YllzzWrevkm4uNB4Q9mQ8Ulzu3P7ZJFSUeXEF7kEvSSeno6CTGwbcDZb3
/u4EOy2VrjGQhcSx3iEJRBQHGhAjM7s/T8L7uCKCBbuIJqnj3GqTTNwV0Nh7BN2F
QEOfIInZzPjOFBWe3AgSIedSDvPfPdLlOa9BwXs8I5oOhbTI8mOG8dPTm8PzECfm
OtJNuaXXEs/vmbaVj8vr5K7QJzB5bDVJD7d+A4V2PmN43z/n/gzmzn7Z6TFSNKXS
MEg8H14MuKHgyyW1w3MYX3fshs2OKfrCh3K31DntT7zov9CFhLbk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:45 2025 by rpki-client