Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/o3USWl_OTMKphTL100-n_XkJtng.roa
File: o3USWl_OTMKphTL100-n_XkJtng.roa (raw, json)
Hash identifier: X2tCt6BLLBKEdfqwW2iDdOKOvebGR05SSQw5dHadaNg=
Subject key identifier: A3:75:12:5A:5F:CE:4C:C2:A9:85:32:F5:D3:4F:A7:FD:79:09:B6:78
Certificate issuer: /CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
Certificate serial: 018CCA29F6A5A6AB666154A6D0DBCA25DA47
Authority key identifier: 37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/o3USWl_OTMKphTL100-n_XkJtng.roa
Signing time: Tue 02 Jan 2024 12:33:16 +0000
ROA not before: Tue 02 Jan 2024 12:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40513
IP address blocks: 147.78.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f6:a5:a6:ab:66:61:54:a6:d0:db:ca:25:da:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=372ac6ef92b81d705787a4ef89fd4673805c7abc
Validity
Not Before: Jan 2 12:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a375125a5fce4cc2a98532f5d34fa7fd7909b678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0c:fd:ab:cb:08:a2:0f:86:64:99:ea:ad:6d:
40:e4:f0:97:3e:fc:19:01:32:49:4f:10:67:fd:a7:
6b:15:5e:6b:a1:34:ea:60:8f:1a:4b:f2:4e:d4:2a:
59:b1:f0:b3:8f:b3:17:4d:33:77:1f:0b:76:ab:22:
80:80:1b:ff:6e:cb:50:3b:5c:a4:0c:ca:a7:68:e4:
e7:04:15:5b:7e:3d:c7:81:a3:e0:80:53:e2:0c:67:
d4:7e:6d:d5:92:38:8c:06:60:4e:f8:4e:77:52:a8:
88:c8:eb:2d:c0:07:f4:cb:12:08:6b:7d:ef:2b:47:
f4:e5:e8:fa:2b:cf:ba:50:c7:9b:04:ae:70:c3:dc:
12:ef:3b:ce:e4:dc:f6:61:cf:d6:2f:b9:bb:34:e0:
25:b8:01:7e:a4:e6:cc:5a:63:cd:21:05:c1:14:32:
e2:6b:b7:ce:51:96:db:1b:f2:60:b7:31:bf:e9:db:
38:a2:8a:df:84:27:d8:e3:f6:f5:f9:4f:e8:94:12:
a5:7e:a8:ee:d8:ac:03:13:fe:22:0d:94:18:d8:d1:
66:5c:15:48:2c:f1:10:db:9d:59:91:75:76:5a:9c:
d2:0a:bd:86:82:e6:02:bb:20:07:97:3a:de:7b:4b:
9d:cd:6d:38:94:ba:f2:a4:da:d6:53:06:92:55:2f:
b1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:75:12:5A:5F:CE:4C:C2:A9:85:32:F5:D3:4F:A7:FD:79:09:B6:78
X509v3 Authority Key Identifier:
keyid:37:2A:C6:EF:92:B8:1D:70:57:87:A4:EF:89:FD:46:73:80:5C:7A:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NyrG75K4HXBXh6Tvif1Gc4Bcerw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/o3USWl_OTMKphTL100-n_XkJtng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b1a67d-5fb3-4855-8d19-09a28e0d7178/1/NyrG75K4HXBXh6Tvif1Gc4Bcerw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ae:4b:3d:b9:e3:44:7f:33:78:53:8b:31:62:5a:c9:14:4b:
f2:60:de:d7:79:bc:2d:88:66:72:71:db:60:05:d6:af:a7:f6:
12:83:40:63:5f:b7:36:1b:bf:5c:51:75:72:c9:86:37:6c:97:
a9:9f:f5:74:2f:bd:f8:86:da:65:78:51:a1:99:e6:8b:e8:88:
e9:a6:87:dd:e8:57:ef:03:72:14:09:83:d7:b1:3f:5f:9e:31:
ab:b2:d3:54:b8:93:a5:8b:d8:40:f5:de:66:b3:c0:60:63:57:
86:cd:b4:f6:7f:f6:5b:36:13:22:f3:56:75:40:48:d5:9a:bd:
8f:98:aa:3a:22:33:c7:52:5b:20:d2:f6:fa:59:47:b5:6e:10:
03:62:38:38:71:fa:8c:b7:53:d2:c0:0c:9d:60:6a:a4:a8:9c:
35:b6:11:1e:36:6f:e1:fa:75:60:78:eb:f1:75:ae:09:39:ff:
e6:77:d2:a2:b6:d9:72:fe:13:4b:27:65:10:84:99:95:2b:a0:
b2:58:ac:e7:dd:c5:e3:cf:e2:37:47:36:8d:ea:e5:e8:83:75:
a9:40:5d:82:9b:e3:9a:00:8a:3c:45:db:b0:8c:35:7d:02:ad:
19:60:79:cd:bf:f1:dc:3e:64:cb:2d:1f:df:f5:fa:23:d1:14:
4d:fa:26:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKfalpqtmYVSm0NvKJdpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MmFjNmVmOTJiODFkNzA1Nzg3YTRlZjg5ZmQ0NjczODA1
YzdhYmMwHhcNMjQwMTAyMTIzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc1MTI1YTVmY2U0Y2MyYTk4NTMyZjVkMzRmYTdmZDc5MDliNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQz9q8sIog+GZJnqrW1A5PCXPvwZ
ATJJTxBn/adrFV5roTTqYI8aS/JO1CpZsfCzj7MXTTN3Hwt2qyKAgBv/bstQO1yk
DMqnaOTnBBVbfj3HgaPggFPiDGfUfm3VkjiMBmBO+E53UqiIyOstwAf0yxIIa33v
K0f05ej6K8+6UMebBK5ww9wS7zvO5Nz2Yc/WL7m7NOAluAF+pObMWmPNIQXBFDLi
a7fOUZbbG/JgtzG/6ds4oorfhCfY4/b1+U/olBKlfqju2KwDE/4iDZQY2NFmXBVI
LPEQ251ZkXV2WpzSCr2GguYCuyAHlzree0udzW04lLrypNrWUwaSVS+x1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKN1ElpfzkzCqYUy9dNPp/15CbZ4MB8GA1UdIwQY
MBaAFDcqxu+SuB1wV4ek74n9RnOAXHq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTkt
MDlhMjhlMGQ3MTc4LzEvbzNVU1dsX09UTUtwaFRMMTAwLW5fWGtKdG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iMWE2N2QtNWZiMy00ODU1LThkMTktMDlhMjhlMGQ3MTc4
LzEvTnlyRzc1SzRIWEJYaDZUdmlmMUdjNEJjZXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk048MA0G
CSqGSIb3DQEBCwUAA4IBAQB4rks9ueNEfzN4U4sxYlrJFEvyYN7XebwtiGZycdtg
Bdavp/YSg0BjX7c2G79cUXVyyYY3bJepn/V0L734htpleFGhmeaL6Ijppofd6Ffv
A3IUCYPXsT9fnjGrstNUuJOli9hA9d5ms8BgY1eGzbT2f/ZbNhMi81Z1QEjVmr2P
mKo6IjPHUlsg0vb6WUe1bhADYjg4cfqMt1PSwAydYGqkqJw1thEeNm/h+nVgeOvx
da4JOf/md9Kittly/hNLJ2UQhJmVK6CyWKzn3cXjz+I3RzaN6uXog3WpQF2Cm+Oa
AIo8RduwjDV9Aq0ZYHnNv/HcPmTLLR/f9foj0RRN+iac
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:23 2025 by rpki-client