Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/o9Vaaqw1u9l-ZGxaFiGn2JztzQY.roa
File: o9Vaaqw1u9l-ZGxaFiGn2JztzQY.roa (raw, json)
Hash identifier: gtgykLg2WWkb1IG/IWwC06NmcVOz8EmdALlfvOcUmpQ=
Subject key identifier: A3:D5:5A:6A:AC:35:BB:D9:7E:64:6C:5A:16:21:A7:D8:9C:ED:CD:06
Certificate issuer: /CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Certificate serial: 018CCA2BD198A33892F8186F32018F9076D3
Authority key identifier: 3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/o9Vaaqw1u9l-ZGxaFiGn2JztzQY.roa
Signing time: Tue 02 Jan 2024 12:35:18 +0000
ROA not before: Tue 02 Jan 2024 12:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 94.124.219.0/24 maxlen: 24
109.203.224.0/20 maxlen: 20
109.203.224.0/23 maxlen: 23
109.203.226.0/23 maxlen: 23
109.203.228.0/24 maxlen: 24
109.203.230.0/23 maxlen: 23
109.203.232.0/23 maxlen: 23
109.203.235.0/24 maxlen: 24
109.203.234.0/24 maxlen: 24
109.203.240.0/24 maxlen: 24
109.203.242.0/24 maxlen: 24
109.203.241.0/24 maxlen: 24
109.203.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d1:98:a3:38:92:f8:18:6f:32:01:8f:90:76:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Validity
Not Before: Jan 2 12:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d55a6aac35bbd97e646c5a1621a7d89cedcd06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c5:d9:8d:53:50:73:bd:de:bb:97:ae:20:f1:
02:d1:ff:54:b0:fe:09:c7:e8:c4:b5:e7:e2:ff:a2:
9d:d5:86:5e:9a:38:00:b6:3f:9f:0d:20:c9:36:59:
c0:32:a6:2a:89:72:6e:66:c3:36:77:91:7c:0c:ea:
2a:73:73:43:0a:8f:0d:67:48:e5:08:54:8e:91:22:
53:c2:42:48:a7:e9:ce:13:69:ae:f0:6b:1e:7d:e7:
e1:21:ef:06:8c:d9:ae:5a:32:67:7d:da:ca:f6:a5:
a8:f9:05:65:ad:db:8f:6e:2c:d0:13:c9:4f:c9:31:
77:16:9c:d6:61:6f:c1:20:79:6c:84:24:a6:78:c5:
6e:b9:33:f2:23:85:41:c6:1b:54:7d:93:86:2d:73:
1f:ff:52:b2:ee:a4:50:00:77:4c:7f:d3:27:28:44:
7f:59:93:c0:a8:b3:f7:22:b2:d6:98:3d:07:38:aa:
74:da:bd:40:ef:65:74:8d:6f:c2:4d:08:72:fa:44:
18:41:94:86:0b:e2:50:e3:9c:af:f6:73:4d:e9:13:
8a:d4:65:3a:ab:b5:cb:d7:4d:b1:26:70:96:7c:6f:
d4:d8:43:99:1b:5d:21:99:66:99:83:50:2a:65:96:
83:87:36:28:cb:1a:88:b9:14:64:c1:c3:b1:99:21:
c2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D5:5A:6A:AC:35:BB:D9:7E:64:6C:5A:16:21:A7:D8:9C:ED:CD:06
X509v3 Authority Key Identifier:
keyid:3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/o9Vaaqw1u9l-ZGxaFiGn2JztzQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.219.0/24
109.203.224.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:42:60:fb:ee:8c:c0:29:6e:a1:3c:ca:34:f9:ce:d5:80:29:
fd:73:42:c3:f0:ae:bc:19:3d:ef:f4:49:d9:6a:e3:eb:9f:a0:
52:c5:6a:5a:c7:ba:16:a7:f4:a0:75:bc:bf:8b:9d:02:1f:0b:
eb:ca:49:cc:b7:10:37:c0:53:1e:20:b7:37:e4:63:07:16:51:
b2:0f:be:05:cf:f9:c3:52:d6:d1:da:90:9c:1c:51:bf:01:e3:
5f:29:8b:8f:03:b7:31:63:1e:6e:ab:55:61:05:b0:4a:62:b4:
b2:14:7f:48:56:fc:73:69:c1:4e:d1:d2:71:1c:bd:35:7c:dd:
c8:6b:7a:e4:6c:c5:ff:05:e9:74:bd:d8:a3:8b:7b:eb:73:a1:
e0:29:24:3a:2e:ff:4d:10:59:ca:d3:99:fb:57:af:51:9a:d3:
c6:3e:45:08:30:48:15:5c:28:a6:ea:46:fd:9b:32:ae:68:aa:
b1:38:cb:2c:3d:5b:e5:88:77:28:5f:61:71:00:d2:0f:de:cd:
1a:06:30:79:08:3f:86:27:33:9b:a2:bb:27:6c:51:9e:01:1a:
48:9a:e5:46:ae:0d:d6:2b:56:2e:bc:ff:c4:64:8c:50:1d:8c:
e0:4d:21:f1:8a:e5:58:04:1a:7e:b2:85:ba:a2:02:c0:f5:1a:
33:69:a3:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK9GYoziS+BhvMgGPkHbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjczYjY4NjFjZjdjZjQ2NDZjYzVlMDQyNzVkNjYxNzYz
NWYwN2IwHhcNMjQwMTAyMTIzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q1NWE2YWFjMzViYmQ5N2U2NDZjNWExNjIxYTdkODljZWRjZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcXZjVNQc73eu5euIPEC0f9UsP4J
x+jEtefi/6Kd1YZemjgAtj+fDSDJNlnAMqYqiXJuZsM2d5F8DOoqc3NDCo8NZ0jl
CFSOkSJTwkJIp+nOE2mu8GsefefhIe8GjNmuWjJnfdrK9qWo+QVlrduPbizQE8lP
yTF3FpzWYW/BIHlshCSmeMVuuTPyI4VBxhtUfZOGLXMf/1Ky7qRQAHdMf9MnKER/
WZPAqLP3IrLWmD0HOKp02r1A72V0jW/CTQhy+kQYQZSGC+JQ45yv9nNN6ROK1GU6
q7XL102xJnCWfG/U2EOZG10hmWaZg1AqZZaDhzYoyxqIuRRkwcOxmSHCCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKPVWmqsNbvZfmRsWhYhp9ic7c0GMB8GA1UdIwQY
MBaAFD8nO2hhz3z0ZGzF4EJ11mF2NfB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEt
OGI3YzU3YzU2MjE1LzEvbzlWYWFxdzF1OWwtWkd4YUZpR24ySnp0elFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEtOGI3YzU3YzU2MjE1
LzEvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXnzbAwQF
bcvgMA0GCSqGSIb3DQEBCwUAA4IBAQBeQmD77ozAKW6hPMo0+c7VgCn9c0LD8K68
GT3v9EnZauPrn6BSxWpax7oWp/Sgdby/i50CHwvryknMtxA3wFMeILc35GMHFlGy
D74Fz/nDUtbR2pCcHFG/AeNfKYuPA7cxYx5uq1VhBbBKYrSyFH9IVvxzacFO0dJx
HL01fN3Ia3rkbMX/Bel0vdiji3vrc6HgKSQ6Lv9NEFnK05n7V69RmtPGPkUIMEgV
XCim6kb9mzKuaKqxOMssPVvliHcoX2FxANIP3s0aBjB5CD+GJzOborsnbFGeARpI
muVGrg3WK1YuvP/EZIxQHYzgTSHxiuVYBBp+soW6ogLA9RozaaOB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:57 2025 by rpki-client