Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/OcwSobI1NeXt62dpm2I_5FMHR3w.roa
File: OcwSobI1NeXt62dpm2I_5FMHR3w.roa (raw, json)
Hash identifier: h2iEoGSyl4EdycsysuAYiekK8YmIhtT4NZ4l7duysfk=
Subject key identifier: 39:CC:12:A1:B2:35:35:E5:ED:EB:67:69:9B:62:3F:E4:53:07:47:7C
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0194258F83705905AAD0E24FAA315E9DB671
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/OcwSobI1NeXt62dpm2I_5FMHR3w.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 212.111.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 19:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:83:70:59:05:aa:d0:e2:4f:aa:31:5e:9d:b6:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39cc12a1b23535e5edeb67699b623fe45307477c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:c3:af:ce:81:f7:d0:4b:63:ad:11:a2:10:
c4:32:d2:0a:1f:08:38:2c:3a:af:54:05:93:ef:fb:
dc:a0:c2:64:7c:0e:29:f8:73:24:a5:ff:b1:f3:a1:
a9:64:5e:35:8e:a4:63:11:0b:81:74:27:80:85:41:
05:44:fc:e5:60:7f:42:18:18:cb:66:aa:c5:12:14:
60:e7:ba:c1:ff:06:2c:a5:15:b0:41:1f:7c:44:24:
b6:36:47:09:ad:70:d2:71:75:50:95:f1:cd:a0:80:
31:e7:1c:3f:19:e0:a0:cb:18:cb:f9:98:46:19:a8:
9d:67:b9:32:1e:36:c9:b9:31:27:c5:32:9d:1d:10:
b4:b0:51:7b:13:ce:0a:f9:3e:89:c2:9c:fb:82:69:
c4:c0:02:e8:23:9e:e3:94:80:5d:98:d8:c2:7a:66:
bb:de:c6:bb:b1:89:79:8a:cc:bb:a0:9e:96:c8:2e:
14:fa:e4:de:6a:54:74:fc:d2:67:fb:27:63:53:cb:
3b:dc:ed:b3:c0:ba:61:27:5c:0d:7c:34:e2:bf:54:
bc:b8:4f:e8:05:32:53:c7:b0:21:04:7e:83:a4:cd:
a9:01:17:c8:6a:44:d8:19:95:22:44:46:82:c5:84:
46:7b:38:18:23:ab:82:fc:cf:d5:9f:07:1c:d8:8a:
2b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CC:12:A1:B2:35:35:E5:ED:EB:67:69:9B:62:3F:E4:53:07:47:7C
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/OcwSobI1NeXt62dpm2I_5FMHR3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:c4:d6:9f:62:ba:08:5f:ec:26:95:09:02:4e:23:83:6a:6b:
5f:02:fb:ec:27:0f:f3:4f:bb:6f:97:a1:6c:11:93:54:46:fa:
9b:e4:17:f0:27:e7:ad:29:52:0c:52:00:2a:ce:a1:3f:46:6f:
69:81:87:bf:04:e0:be:48:d6:80:6f:69:d1:f2:ff:96:bd:81:
70:77:74:d8:3d:71:e9:8e:50:d4:12:86:3b:a7:81:0d:d9:b0:
9f:ef:f7:2b:4a:ff:63:c0:d8:2c:4b:5e:27:1f:7b:b3:5a:86:
22:6f:45:f9:c4:14:7a:30:34:8c:76:84:cd:9d:4a:c9:f2:e4:
07:5c:f1:65:90:e8:1a:76:88:b3:4c:59:f8:ee:3a:4a:ae:3b:
c4:ea:9f:b7:00:04:e3:ba:3a:3a:f3:90:e6:13:37:f2:9c:44:
74:f0:47:e3:e8:c7:0c:dd:4e:ac:13:46:39:95:d5:89:f3:b0:
7b:8b:4f:26:55:d1:a5:76:80:7d:9b:50:c9:f8:72:ff:2b:8e:
e3:89:a5:8f:df:c5:3f:4e:75:bb:77:cf:12:e5:0c:4e:c3:6d:
5b:b7:de:7f:be:af:d2:bd:00:9f:42:8f:7c:fd:2f:df:1e:2f:
c8:a8:bf:05:14:a1:43:c4:59:ba:6d:67:d5:a1:af:32:89:7e:
c8:a3:53:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4NwWQWq0OJPqjFenbZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNjMTJhMWIyMzUzNWU1ZWRlYjY3Njk5YjYyM2ZlNDUzMDc0NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnrDr86B99BLY60RohDEMtIKHwg4
LDqvVAWT7/vcoMJkfA4p+HMkpf+x86GpZF41jqRjEQuBdCeAhUEFRPzlYH9CGBjL
ZqrFEhRg57rB/wYspRWwQR98RCS2NkcJrXDScXVQlfHNoIAx5xw/GeCgyxjL+ZhG
GaidZ7kyHjbJuTEnxTKdHRC0sFF7E84K+T6Jwpz7gmnEwALoI57jlIBdmNjCema7
3sa7sYl5isy7oJ6WyC4U+uTealR0/NJn+ydjU8s73O2zwLphJ1wNfDTiv1S8uE/o
BTJTx7AhBH6DpM2pARfIakTYGZUiREaCxYRGezgYI6uC/M/Vnwcc2IorDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnMEqGyNTXl7etnaZtiP+RTB0d8MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvT2N3U29iSTFOZVh0NjJkcG0ySV81Rk1IUjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1G/cMA0G
CSqGSIb3DQEBCwUAA4IBAQBuxNafYroIX+wmlQkCTiODamtfAvvsJw/zT7tvl6Fs
EZNURvqb5BfwJ+etKVIMUgAqzqE/Rm9pgYe/BOC+SNaAb2nR8v+WvYFwd3TYPXHp
jlDUEoY7p4EN2bCf7/crSv9jwNgsS14nH3uzWoYib0X5xBR6MDSMdoTNnUrJ8uQH
XPFlkOgadoizTFn47jpKrjvE6p+3AATjujo685DmEzfynER08Efj6McM3U6sE0Y5
ldWJ87B7i08mVdGldoB9m1DJ+HL/K47jiaWP38U/TnW7d88S5QxOw21bt95/vq/S
vQCfQo98/S/fHi/IqL8FFKFDxFm6bWfVoa8yiX7Io1Nj
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:23:00 2025 by rpki-client