Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/oao6NCf6JXrE34QzyRWFeo_iTYA.roa
File: oao6NCf6JXrE34QzyRWFeo_iTYA.roa (raw, json)
Hash identifier: lGWu0gO5cV/0b/5rZz4TCpNYiry0aF01iWjX2PpvuAU=
Subject key identifier: A1:AA:3A:34:27:FA:25:7A:C4:DF:84:33:C9:15:85:7A:8F:E2:4D:80
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0193BB070FF16D2A93AE21C83238EB844618
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/oao6NCf6JXrE34QzyRWFeo_iTYA.roa
Signing time: Thu 12 Dec 2024 13:20:22 +0000
ROA not before: Thu 12 Dec 2024 13:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
81.91.176.0/24 maxlen: 24
81.91.177.0/24 maxlen: 24
81.91.178.0/24 maxlen: 24
81.91.179.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:07:0f:f1:6d:2a:93:ae:21:c8:32:38:eb:84:46:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Dec 12 13:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1aa3a3427fa257ac4df8433c915857a8fe24d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:01:3b:9e:1d:e9:47:5c:ae:36:29:e8:9a:
d5:c9:28:44:3c:ec:d8:20:3f:9c:b8:2a:68:8a:64:
83:06:fd:7d:f8:ae:5b:f2:90:c2:52:8d:9c:6d:c1:
60:2b:a5:1a:7f:19:92:29:a1:03:09:0d:c6:73:5c:
87:f7:82:80:5f:f4:98:06:99:04:79:69:fe:b9:68:
89:56:3a:cb:15:48:b6:b8:ed:33:b4:df:cc:da:3f:
42:64:17:65:9e:db:8b:91:66:5f:c5:1a:af:85:4d:
1e:14:e3:9b:7c:44:4b:28:88:a1:bf:6c:dc:48:bb:
6d:3e:c3:fb:92:af:d7:8b:83:74:3c:5a:c3:a2:91:
37:a1:8e:c0:c5:20:76:72:bb:d0:5f:ec:d0:d8:5f:
4d:86:ba:94:dd:12:db:44:c2:d9:b5:46:b5:a8:c1:
2f:be:b1:67:e4:92:9f:03:ee:ba:d6:3b:95:2d:21:
58:4c:da:22:ad:fa:75:c6:31:13:86:c1:a8:e9:50:
a4:7b:4f:a7:e5:1b:a5:0a:c1:27:50:7d:12:ed:49:
c7:62:07:a3:64:a6:0b:cd:10:51:2c:19:3f:6b:9f:
03:78:61:24:c7:16:0c:0c:e0:a6:14:e6:3d:5e:3c:
0e:2f:c3:07:76:e7:1c:ae:17:a7:47:1b:18:95:a6:
bf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AA:3A:34:27:FA:25:7A:C4:DF:84:33:C9:15:85:7A:8F:E2:4D:80
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/oao6NCf6JXrE34QzyRWFeo_iTYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
81.91.176.0/22
95.215.205.0/24
103.246.144.0/22
Signature Algorithm: sha256WithRSAEncryption
32:39:76:96:04:f7:cf:01:66:25:2d:a9:70:25:5b:de:3c:59:
b6:4c:50:9f:d2:b3:eb:10:11:b0:c9:dd:ef:76:86:c6:16:97:
6d:36:84:68:c0:6c:3c:2a:8a:0b:94:61:85:07:1f:77:ec:e1:
92:5a:85:b2:9d:44:b3:79:2c:d8:a6:28:9c:b0:6b:2f:71:23:
e3:da:9c:bd:01:d0:0a:a0:27:1a:ce:e6:3f:7c:fa:52:46:ad:
44:54:98:3f:5c:04:7e:dd:82:8a:0d:37:cf:b6:90:2e:b6:24:
80:58:72:d4:a4:48:5b:7c:b5:fb:6a:2c:9f:40:36:b2:fd:a4:
56:fe:a6:c2:e2:d3:1e:56:14:43:58:88:85:33:d2:a0:ad:75:
62:8a:d1:be:1b:f9:0d:8d:5f:68:9b:55:d7:44:90:47:87:75:
df:81:d2:26:31:f3:58:48:1f:30:33:98:86:9b:57:69:ed:ec:
0d:b5:f4:a0:bf:2f:06:8e:b7:10:01:1d:69:ef:c0:0e:65:1a:
74:5e:dc:6a:fa:c2:8c:0d:bc:9c:19:84:b1:93:c9:ff:0d:6e:
0b:b1:37:3f:d4:29:c3:f4:a4:c4:da:38:d0:4a:4b:05:60:eb:
2f:64:02:6e:da:03:01:5a:c7:c2:5d:92:6f:a4:03:1f:18:65:
fa:3b:72:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZO7Bw/xbSqTriHIMjjrhEYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQxMjEyMTMyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFhM2EzNDI3ZmEyNTdhYzRkZjg0MzNjOTE1ODU3YThmZTI0ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmgBO54d6UdcrjYp6JrVyShEPOzY
ID+cuCpoimSDBv19+K5b8pDCUo2cbcFgK6UafxmSKaEDCQ3Gc1yH94KAX/SYBpkE
eWn+uWiJVjrLFUi2uO0ztN/M2j9CZBdlntuLkWZfxRqvhU0eFOObfERLKIihv2zc
SLttPsP7kq/Xi4N0PFrDopE3oY7AxSB2crvQX+zQ2F9NhrqU3RLbRMLZtUa1qMEv
vrFn5JKfA+661juVLSFYTNoirfp1xjEThsGo6VCke0+n5RulCsEnUH0S7UnHYgej
ZKYLzRBRLBk/a58DeGEkxxYMDOCmFOY9XjwOL8MHduccrhenRxsYlaa/qwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKGqOjQn+iV6xN+EM8kVhXqP4k2AMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvb2FvNk5DZjZKWHJFMzRRenlSV0Zlb19pVFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVhOAwQC
UVuwAwQAX9fNAwQCZ/aQMA0GCSqGSIb3DQEBCwUAA4IBAQAyOXaWBPfPAWYlLalw
JVvePFm2TFCf0rPrEBGwyd3vdobGFpdtNoRowGw8KooLlGGFBx937OGSWoWynUSz
eSzYpiicsGsvcSPj2py9AdAKoCcazuY/fPpSRq1EVJg/XAR+3YKKDTfPtpAutiSA
WHLUpEhbfLX7aiyfQDay/aRW/qbC4tMeVhRDWIiFM9KgrXViitG+G/kNjV9om1XX
RJBHh3XfgdImMfNYSB8wM5iGm1dp7ewNtfSgvy8GjrcQAR1p78AOZRp0Xtxq+sKM
DbycGYSxk8n/DW4LsTc/1CnD9KTE2jjQSksFYOsvZAJu2gMBWsfCXZJvpAMfGGX6
O3L6
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:44:28 2025 by rpki-client