Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/Owa3-rHOYmah-w4rLPBh5NF1ads.roa
File: Owa3-rHOYmah-w4rLPBh5NF1ads.roa (raw, json)
Hash identifier: zmrhVrvguMRAt7G5ZOw3VQosCzBils13kr1zkJxjsrc=
Subject key identifier: 3B:06:B7:FA:B1:CE:62:66:A1:FB:0E:2B:2C:F0:61:E4:D1:75:69:DB
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 018CC5009D06DB834AC87EED5822063F8DAD
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/Owa3-rHOYmah-w4rLPBh5NF1ads.roa
Signing time: Mon 01 Jan 2024 12:30:00 +0000
ROA not before: Mon 01 Jan 2024 12:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35766
IP address blocks: 37.130.206.0/23 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.204.0/24 maxlen: 24
37.130.204.0/22 maxlen: 22
37.130.206.0/24 maxlen: 24
37.130.205.0/24 maxlen: 24
37.130.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jul 2024 11:16:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:9d:06:db:83:4a:c8:7e:ed:58:22:06:3f:8d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 12:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b06b7fab1ce6266a1fb0e2b2cf061e4d17569db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1c:43:72:69:59:37:70:08:81:ed:30:36:03:
b6:7d:84:33:d7:68:ee:d7:89:e9:5c:08:72:08:50:
10:b4:51:e4:2d:a0:c7:4b:f9:f1:78:c8:fb:e5:e3:
52:fd:39:b1:ba:e3:d8:67:af:c6:f6:0d:46:23:25:
13:fc:0c:fc:7a:09:d8:ed:b4:77:d4:ab:11:ac:6a:
d2:d8:fa:6d:a7:60:2e:0c:b3:4c:81:0c:13:d1:44:
05:65:16:df:ac:09:12:bd:34:80:a5:ce:f4:1d:0e:
4c:38:86:eb:f0:8b:f6:da:59:e4:54:21:68:b6:04:
0a:05:c5:8a:6e:aa:6a:25:0b:ed:dc:0b:55:a4:69:
b4:2c:05:42:d2:73:17:36:63:4e:2d:27:9c:38:4f:
e0:49:4a:b4:a7:fd:ab:af:de:b4:e3:92:e8:28:42:
e9:ed:38:92:7a:73:b6:57:31:3c:a9:bf:c1:e7:d2:
8f:c8:25:f0:a3:ba:2a:09:97:2b:35:8d:94:5c:dd:
77:6c:bd:71:bf:9d:e1:2c:72:6b:d0:73:cf:55:3b:
e9:24:f8:7e:a8:09:a2:2e:df:f1:db:26:88:eb:38:
f4:d4:fa:e9:88:9c:7a:6a:77:8f:24:58:2d:2c:78:
f1:3a:9b:1c:b2:6f:bb:89:8f:ba:35:97:11:62:5b:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:06:B7:FA:B1:CE:62:66:A1:FB:0E:2B:2C:F0:61:E4:D1:75:69:DB
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/Owa3-rHOYmah-w4rLPBh5NF1ads.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.204.0/22
Signature Algorithm: sha256WithRSAEncryption
22:91:88:53:be:16:76:a3:86:8d:4e:46:1a:17:bf:2c:8c:49:
61:be:a2:85:dc:fa:f9:2d:4e:ba:b0:c6:ec:d2:c6:88:e9:aa:
2e:e1:4b:43:b0:4c:c1:f3:ac:35:02:b3:7e:8c:3f:1b:b6:64:
31:a6:c2:22:f6:39:31:c6:c2:52:da:0a:7e:c1:ed:e2:5e:65:
bf:30:a5:7c:ff:de:93:23:66:82:e0:9c:1c:9c:73:c3:b2:48:
e0:dd:e3:d9:47:73:2c:f8:eb:d9:02:38:0c:6a:2a:f7:d7:32:
72:55:3d:cf:c5:cb:a6:cc:fa:6b:5a:d2:7e:66:1d:12:3a:7b:
07:44:7b:79:83:6a:85:fe:2a:ce:9a:aa:2e:44:0c:b8:19:69:
e2:30:ff:e9:0c:0e:37:5b:18:86:f8:71:ad:fb:2b:f5:c1:6b:
0b:9f:93:68:34:6f:b5:b1:b7:19:f6:e0:4e:b5:b4:d4:85:0a:
d1:d8:79:c5:cc:da:b3:7b:5f:40:10:3c:57:3d:2c:f7:f3:b7:
14:2b:bc:70:24:4d:c2:0b:6e:2a:54:68:0d:33:8a:d1:bb:83:
d9:37:56:0c:5f:8a:12:ad:ce:e2:53:b6:5e:5e:a4:98:2a:ef:
ea:37:f3:33:72:5d:b3:ef:7a:fc:79:f8:75:02:b2:ad:41:09:
a1:28:3b:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAJ0G24NKyH7tWCIGP42tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQwMTAxMTIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA2YjdmYWIxY2U2MjY2YTFmYjBlMmIyY2YwNjFlNGQxNzU2OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRxDcmlZN3AIge0wNgO2fYQz12ju
14npXAhyCFAQtFHkLaDHS/nxeMj75eNS/TmxuuPYZ6/G9g1GIyUT/Az8egnY7bR3
1KsRrGrS2Pptp2AuDLNMgQwT0UQFZRbfrAkSvTSApc70HQ5MOIbr8Iv22lnkVCFo
tgQKBcWKbqpqJQvt3AtVpGm0LAVC0nMXNmNOLSecOE/gSUq0p/2rr96045LoKELp
7TiSenO2VzE8qb/B59KPyCXwo7oqCZcrNY2UXN13bL1xv53hLHJr0HPPVTvpJPh+
qAmiLt/x2yaI6zj01PrpiJx6anePJFgtLHjxOpscsm+7iY+6NZcRYlsQZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsGt/qxzmJmofsOKyzwYeTRdWnbMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvT3dhMy1ySE9ZbWFoLXc0ckxQQmg1TkYxYWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYLMMA0G
CSqGSIb3DQEBCwUAA4IBAQAikYhTvhZ2o4aNTkYaF78sjElhvqKF3Pr5LU66sMbs
0saI6aou4UtDsEzB86w1ArN+jD8btmQxpsIi9jkxxsJS2gp+we3iXmW/MKV8/96T
I2aC4JwcnHPDskjg3ePZR3Ms+OvZAjgMair31zJyVT3PxcumzPprWtJ+Zh0SOnsH
RHt5g2qF/irOmqouRAy4GWniMP/pDA43WxiG+HGt+yv1wWsLn5NoNG+1sbcZ9uBO
tbTUhQrR2HnFzNqze19AEDxXPSz387cUK7xwJE3CC24qVGgNM4rRu4PZN1YMX4oS
rc7iU7ZeXqSYKu/qN/Mzcl2z73r8efh1ArKtQQmhKDvd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:47 2025 by rpki-client