Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/0eOKoB46AD1T8h3saphI2YTv_WU.roa
File: 0eOKoB46AD1T8h3saphI2YTv_WU.roa (raw, json)
Hash identifier: L1P1ic1ASlimEh7HkVO/mDIIgYA5oFYHg3jPUWc3gWY=
Subject key identifier: D1:E3:8A:A0:1E:3A:00:3D:53:F2:1D:EC:6A:98:48:D9:84:EF:FD:65
Certificate issuer: /CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Certificate serial: 0193A2795B5966C6F46E3026BD5466A3F81B
Authority key identifier: D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/0eOKoB46AD1T8h3saphI2YTv_WU.roa
Signing time: Sat 07 Dec 2024 18:54:42 +0000
ROA not before: Sat 07 Dec 2024 18:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64457
IP address blocks: 185.224.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:79:5b:59:66:c6:f4:6e:30:26:bd:54:66:a3:f8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8012faf98275ae4f3f8d87f084ee4ff8420c485
Validity
Not Before: Dec 7 18:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1e38aa01e3a003d53f21dec6a9848d984effd65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:51:e9:43:2b:a5:fa:1e:83:00:de:96:e0:69:
4d:a4:65:11:bb:be:ea:dd:6c:05:ba:51:d6:b8:77:
f9:77:d1:46:a1:a4:e3:c1:64:99:c6:9b:28:2e:8b:
34:d2:7f:ca:7b:cd:8e:cf:f0:5e:be:cd:99:ca:6c:
ce:0e:70:ba:4b:e3:3b:9b:2c:12:6d:47:08:4b:a5:
dd:b0:a1:e2:06:66:7d:e5:35:85:79:00:19:b4:40:
54:60:7d:f6:20:5a:a2:84:49:25:c8:4e:43:e8:83:
69:80:ad:0d:bd:6f:84:38:b6:5a:e4:61:66:10:6c:
59:6b:a3:71:5d:a2:b3:84:30:f7:3d:fe:35:e3:09:
89:92:8c:8b:c5:5f:1b:12:f7:f0:93:f6:9b:e6:0b:
77:ef:a3:f3:42:59:f8:af:2a:4a:27:d6:42:26:83:
d0:73:4f:6c:3b:41:78:d6:f4:2d:41:a8:b5:7a:8c:
f5:b1:e5:86:4c:a8:a0:66:65:19:c0:c5:87:5d:75:
f0:b0:91:a9:3a:5f:2f:ff:75:fb:c0:51:c8:c8:e6:
82:1d:56:14:66:86:73:a6:12:20:4e:12:e5:83:9e:
6c:b4:06:98:4d:0a:4e:d3:c9:49:20:ff:7b:20:71:
6a:bd:4f:53:ff:74:a3:77:ce:b8:2d:8b:61:18:1d:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E3:8A:A0:1E:3A:00:3D:53:F2:1D:EC:6A:98:48:D9:84:EF:FD:65
X509v3 Authority Key Identifier:
keyid:D8:01:2F:AF:98:27:5A:E4:F3:F8:D8:7F:08:4E:E4:FF:84:20:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/0eOKoB46AD1T8h3saphI2YTv_WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f67aa8-51c2-43b2-b022-6d560debf7b3/1/2AEvr5gnWuTz-Nh_CE7k_4QgxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.3.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:11:96:98:85:6c:38:09:a6:e0:4d:3a:e1:40:04:fc:0e:cd:
dc:64:dd:be:88:d5:bf:08:e0:19:75:cf:3a:86:cb:c1:d2:45:
ba:da:7d:1d:ac:8e:07:df:83:58:17:c9:73:4b:3b:88:eb:89:
fc:50:73:b9:ec:aa:d4:72:3d:15:f4:03:40:cb:5d:46:01:a8:
47:21:4b:bf:22:35:17:18:54:d2:87:1e:3d:1e:a5:df:15:83:
21:77:ff:3f:60:dc:9b:d0:f8:60:a7:78:fb:a4:b3:09:6e:a0:
5d:6a:56:57:c1:46:1a:2d:21:b1:d0:c7:8f:12:e4:32:3f:4c:
b7:d6:89:6c:e4:77:b1:03:a1:1e:df:74:b0:fd:98:d9:d9:b5:
27:54:4c:42:f8:36:71:93:3a:ff:70:4c:71:0c:19:f9:5d:38:
a5:59:e5:90:cc:f7:62:2e:8e:93:c2:1e:c4:0b:be:3f:6d:db:
dd:0f:b0:6f:2c:e8:10:66:36:b1:e1:73:e9:03:bc:9f:1c:28:
4e:c8:8c:df:81:fa:eb:63:c8:d2:35:23:3b:9a:1f:b8:65:15:
bc:cb:2b:36:68:e0:af:a2:4e:c7:ad:55:6f:18:01:a5:72:4d:
bf:9a:38:cf:aa:08:b7:87:1a:79:2a:fe:48:4f:a3:1e:9a:93:
62:52:86:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOieVtZZsb0bjAmvVRmo/gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDEyZmFmOTgyNzVhZTRmM2Y4ZDg3ZjA4NGVlNGZmODQy
MGM0ODUwHhcNMjQxMjA3MTg1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWUzOGFhMDFlM2EwMDNkNTNmMjFkZWM2YTk4NDhkOTg0ZWZmZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/lHpQyul+h6DAN6W4GlNpGURu77q
3WwFulHWuHf5d9FGoaTjwWSZxpsoLos00n/Ke82Oz/Bevs2ZymzODnC6S+M7mywS
bUcIS6XdsKHiBmZ95TWFeQAZtEBUYH32IFqihEklyE5D6INpgK0NvW+EOLZa5GFm
EGxZa6NxXaKzhDD3Pf414wmJkoyLxV8bEvfwk/ab5gt376PzQln4rypKJ9ZCJoPQ
c09sO0F41vQtQai1eoz1seWGTKigZmUZwMWHXXXwsJGpOl8v/3X7wFHIyOaCHVYU
ZoZzphIgThLlg55stAaYTQpO08lJIP97IHFqvU9T/3Sjd864LYthGB2wlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHjiqAeOgA9U/Id7GqYSNmE7/1lMB8GA1UdIwQY
MBaAFNgBL6+YJ1rk8/jYfwhO5P+EIMSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjIt
NmQ1NjBkZWJmN2IzLzEvMGVPS29CNDZBRDFUOGgzc2FwaEkyWVR2X1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mNjdhYTgtNTFjMi00M2IyLWIwMjItNmQ1NjBkZWJmN2Iz
LzEvMkFFdnI1Z25XdVR6LU5oX0NFN2tfNFFneElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueADMA0G
CSqGSIb3DQEBCwUAA4IBAQCsEZaYhWw4CabgTTrhQAT8Ds3cZN2+iNW/COAZdc86
hsvB0kW62n0drI4H34NYF8lzSzuI64n8UHO57KrUcj0V9ANAy11GAahHIUu/IjUX
GFTShx49HqXfFYMhd/8/YNyb0Phgp3j7pLMJbqBdalZXwUYaLSGx0MePEuQyP0y3
1ols5HexA6Ee33Sw/ZjZ2bUnVExC+DZxkzr/cExxDBn5XTilWeWQzPdiLo6Twh7E
C74/bdvdD7BvLOgQZjax4XPpA7yfHChOyIzfgfrrY8jSNSM7mh+4ZRW8yys2aOCv
ok7HrVVvGAGlck2/mjjPqgi3hxp5Kv5IT6MempNiUoZx
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:55 2025 by rpki-client