Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/og44fOaPv-pNMzESlm91kARhB3s.roa
File: og44fOaPv-pNMzESlm91kARhB3s.roa (raw, json)
Hash identifier: cMSErgQa7QWJqqJdaX5NrT64fdE8d6sZ/a2TKTtqe+4=
Subject key identifier: A2:0E:38:7C:E6:8F:BF:EA:4D:33:31:12:96:6F:75:90:04:61:07:7B
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 01941764556AEBBC7EDA6130419E5C28DB78
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/og44fOaPv-pNMzESlm91kARhB3s.roa
Signing time: Mon 30 Dec 2024 11:47:18 +0000
ROA not before: Mon 30 Dec 2024 11:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47330
IP address blocks: 37.156.28.0/23 maxlen: 23
92.114.16.0/22 maxlen: 22
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
188.213.65.0/24 maxlen: 24
188.213.66.0/24 maxlen: 24
188.213.67.0/24 maxlen: 24
188.213.68.0/24 maxlen: 24
188.213.69.0/24 maxlen: 24
2a00:5ca6::/31 maxlen: 31
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:64:55:6a:eb:bc:7e:da:61:30:41:9e:5c:28:db:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Dec 30 11:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a20e387ce68fbfea4d333112966f75900461077b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c4:8f:d2:20:b1:dd:b6:d8:29:f8:3c:3b:6a:
8f:6d:bb:e2:d2:02:33:6a:af:a4:dc:b7:17:42:ee:
d7:7d:3e:3d:b2:b0:7c:cc:96:8f:f0:dd:eb:58:29:
33:07:38:56:46:b5:ba:9d:7c:a3:e5:b7:40:6d:d8:
e1:cb:72:60:c9:42:e4:c5:2e:a0:3b:40:b7:04:c9:
92:a3:82:d4:97:7d:d7:45:3c:78:a0:41:7f:21:6a:
1c:cd:3d:7c:ae:f2:5a:e9:a5:2f:31:12:06:52:71:
17:f7:af:9d:94:db:a6:f8:a9:00:d0:c4:c7:d5:b2:
38:63:80:0d:f5:05:4d:b4:b9:70:b6:3c:1e:b8:0e:
b5:db:dc:a5:cd:46:6e:b9:12:2e:1d:f9:ee:8d:ca:
3f:c1:2d:6f:eb:58:9a:83:56:0e:69:7d:aa:3e:00:
31:39:ab:70:48:1f:56:25:f0:7d:1e:0c:8d:ca:c8:
9a:7b:21:3a:15:8d:9c:cb:9e:de:fa:88:88:2d:38:
dd:66:7e:1d:db:22:09:ed:a5:3f:dd:dc:55:68:a1:
54:7c:a9:eb:7a:1e:85:73:d3:dc:60:7d:bf:3b:05:
65:c9:c9:5c:c4:2d:fb:4f:e8:64:9a:ee:1a:48:22:
d3:32:54:52:73:0d:4a:66:19:a2:ab:8e:92:f2:d4:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0E:38:7C:E6:8F:BF:EA:4D:33:31:12:96:6F:75:90:04:61:07:7B
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/og44fOaPv-pNMzESlm91kARhB3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.28.0/23
92.114.16.0-92.114.21.255
188.213.65.0-188.213.69.255
IPv6:
2a00:5ca6::/31
Signature Algorithm: sha256WithRSAEncryption
8c:77:2c:1d:eb:2b:95:6a:ef:28:71:bb:ea:a3:de:12:2b:07:
f7:d4:48:f9:99:6b:f9:7b:39:a0:a6:d7:77:85:ff:ed:14:8c:
66:75:c0:b0:e7:76:3e:25:01:3a:2e:21:af:b7:43:ed:1f:63:
d8:df:13:83:19:6b:c4:fe:11:dc:fe:c4:12:3f:30:7c:31:81:
8c:e6:09:de:c0:b0:77:e1:18:a5:97:76:90:00:0f:57:54:df:
f5:37:43:60:eb:4b:bd:3f:d8:53:e4:8a:be:ea:f6:ac:99:47:
94:c3:58:36:48:d0:c9:1a:a4:2a:b5:5b:85:1d:4e:2b:1c:11:
a8:e2:10:33:c3:8d:66:37:3c:aa:6d:ea:18:10:d5:e0:79:0c:
ff:42:ba:8b:4a:98:c0:8e:80:3e:80:79:f7:60:3b:93:ea:cf:
f7:58:5d:c6:4c:e9:31:e1:82:d4:b6:35:88:b4:52:b6:a2:b8:
7e:fe:bb:54:9d:7d:40:a8:96:93:3c:3f:b1:80:61:75:84:b2:
cb:30:ff:51:f5:07:9e:1f:45:cf:bd:96:7b:da:af:72:9d:2d:
d9:5f:fa:19:ae:e4:b0:39:42:94:db:2b:d4:89:1e:72:b1:4b:
42:20:c3:e8:a7:38:5e:c6:87:7a:43:79:24:d9:bf:93:d5:cf:
3d:c7:e0:8f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQXZFVq67x+2mEwQZ5cKNt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQxMjMwMTE0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBlMzg3Y2U2OGZiZmVhNGQzMzMxMTI5NjZmNzU5MDA0NjEwNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMSP0iCx3bbYKfg8O2qPbbvi0gIz
aq+k3LcXQu7XfT49srB8zJaP8N3rWCkzBzhWRrW6nXyj5bdAbdjhy3JgyULkxS6g
O0C3BMmSo4LUl33XRTx4oEF/IWoczT18rvJa6aUvMRIGUnEX96+dlNum+KkA0MTH
1bI4Y4AN9QVNtLlwtjweuA6129ylzUZuuRIuHfnujco/wS1v61iag1YOaX2qPgAx
OatwSB9WJfB9HgyNysiaeyE6FY2cy57e+oiILTjdZn4d2yIJ7aU/3dxVaKFUfKnr
eh6Fc9PcYH2/OwVlyclcxC37T+hkmu4aSCLTMlRScw1KZhmiq46S8tSLBwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKIOOHzmj7/qTTMxEpZvdZAEYQd7MB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvb2c0NGZPYVB2LXBOTXpFU2xtOTFrQVJoQjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQBJZwcMAwD
BARcchADBAFcchQwDAMEALzVQQMEAbzVRDANBAIAAjAHAwUBKgBcpjANBgkqhkiG
9w0BAQsFAAOCAQEAjHcsHesrlWrvKHG76qPeEisH99RI+Zlr+Xs5oKbXd4X/7RSM
ZnXAsOd2PiUBOi4hr7dD7R9j2N8TgxlrxP4R3P7EEj8wfDGBjOYJ3sCwd+EYpZd2
kAAPV1Tf9TdDYOtLvT/YU+SKvur2rJlHlMNYNkjQyRqkKrVbhR1OKxwRqOIQM8ON
Zjc8qm3qGBDV4HkM/0K6i0qYwI6APoB592A7k+rP91hdxkzpMeGC1LY1iLRStqK4
fv67VJ19QKiWkzw/sYBhdYSyyzD/UfUHnh9Fz72We9qvcp0t2V/6Ga7ksDlClNsr
1IkecrFLQiDD6Kc4XsaHekN5JNm/k9XPPcfgjw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 15:40:02 2025 by rpki-client