Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/odRB_PRlqvKib5xgtWBovnpUZIc.roa
File: odRB_PRlqvKib5xgtWBovnpUZIc.roa (raw, json)
Hash identifier: +/wkEvfY+Oq26gtR2UyFf+vhbtbW1NCmtNQr6pdJlnU=
Subject key identifier: A1:D4:41:FC:F4:65:AA:F2:A2:6F:9C:60:B5:60:68:BE:7A:54:64:87
Certificate issuer: /CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922
Certificate serial: 018CC801475CA0BE9980AB58F1B92D4F29D6
Authority key identifier: 3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/odRB_PRlqvKib5xgtWBovnpUZIc.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206355
IP address blocks: 185.192.136.0/22 maxlen: 22
2a0a:2cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:47:5c:a0:be:99:80:ab:58:f1:b9:2d:4f:29:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3363e47e69ebc5d1c2251ddd5dac7c98989922
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1d441fcf465aaf2a26f9c60b56068be7a546487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2b:8d:c3:ea:37:c2:c6:9a:c0:16:0a:04:7c:
fd:d8:f9:6f:c0:6a:25:c7:a3:f7:95:a1:d0:b9:24:
a8:cc:de:f2:e9:83:81:fe:41:f9:48:dc:b4:0e:ca:
a6:e2:c4:2e:df:8a:4d:9b:c5:c1:5d:7a:6c:da:45:
05:2b:50:cf:30:2b:32:5d:90:c9:42:03:fc:8c:60:
3f:d8:44:60:81:00:0b:4c:a0:01:a8:2c:f9:1a:4f:
a3:1e:7d:b2:99:c0:0c:cf:08:c0:94:fb:95:78:43:
a9:44:65:96:bd:ef:f5:db:2a:7f:7b:02:73:06:51:
92:74:3f:15:7b:4a:4a:7a:5f:3f:dc:3f:af:b5:26:
9a:75:5a:ae:d2:e8:41:c8:55:6d:2f:dd:01:42:6f:
7c:5d:e2:0a:c0:b4:51:11:84:f2:e7:9d:cc:77:63:
c1:1c:e5:7c:8d:15:9f:b8:91:52:e5:4b:de:07:fb:
8b:de:0c:e5:84:ce:20:d4:ad:18:08:96:08:b1:95:
2e:44:d1:8a:ff:18:ff:26:d0:14:35:a9:b3:f7:fa:
d5:83:b2:5b:1f:c4:6b:73:e0:78:7b:f9:11:4f:d9:
fc:21:76:e8:95:c3:9b:0f:1e:5b:8b:24:ae:1c:75:
c7:5c:a7:49:db:3b:b2:7b:87:9c:4c:59:79:4b:1e:
65:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D4:41:FC:F4:65:AA:F2:A2:6F:9C:60:B5:60:68:BE:7A:54:64:87
X509v3 Authority Key Identifier:
keyid:3B:33:63:E4:7E:69:EB:C5:D1:C2:25:1D:DD:5D:AC:7C:98:98:99:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzNj5H5p68XRwiUd3V2sfJiYmSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/odRB_PRlqvKib5xgtWBovnpUZIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d32cd4-ba93-4f16-899c-ccdadf7f65f2/1/OzNj5H5p68XRwiUd3V2sfJiYmSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.136.0/22
IPv6:
2a0a:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:61:3c:f6:c6:4f:1a:e9:84:d7:95:6e:81:bf:8c:81:e7:cf:
78:63:46:4d:f7:09:ca:94:e0:28:a0:12:c3:98:10:83:77:43:
19:41:fc:4c:27:84:62:be:12:bb:5d:c2:cf:d0:0f:bd:4c:58:
7c:4d:1e:4b:83:3f:6f:d7:5c:50:b0:c6:81:96:83:2f:b4:1c:
56:4c:30:b6:6f:9c:e1:1b:cd:f7:84:40:02:a7:09:d4:01:bb:
8a:75:97:51:bb:d3:18:53:17:26:76:ee:a7:81:15:f6:8f:bc:
da:c2:a1:9b:f6:49:0d:0e:e3:d1:30:e8:8a:3c:ce:d7:16:11:
18:59:67:c5:a0:d4:73:28:0c:e6:2d:92:cc:a9:6a:b3:b6:03:
fc:29:79:f5:8e:a9:4e:77:de:11:85:79:8c:85:39:bf:91:33:
09:fa:ff:73:79:69:89:5a:3a:fb:a3:bc:d0:6b:22:8a:9d:92:
55:64:a1:a6:7f:40:47:08:91:21:e4:9d:39:10:08:00:f9:13:
c1:71:a7:ed:9d:b4:4d:75:18:37:25:72:fa:23:94:81:a3:03:
b6:9f:67:a9:07:77:40:ed:d2:74:15:43:d5:46:a0:fc:e3:b8:
33:10:89:ce:e8:a2:ec:e5:6f:95:24:1e:a3:92:8d:4e:10:01:
db:ae:26:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAUdcoL6ZgKtY8bktTynWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzM2M2U0N2U2OWViYzVkMWMyMjUxZGRkNWRhYzdjOTg5
ODk5MjIwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ0NDFmY2Y0NjVhYWYyYTI2ZjljNjBiNTYwNjhiZTdhNTQ2NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyuNw+o3wsaawBYKBHz92PlvwGol
x6P3laHQuSSozN7y6YOB/kH5SNy0Dsqm4sQu34pNm8XBXXps2kUFK1DPMCsyXZDJ
QgP8jGA/2ERggQALTKABqCz5Gk+jHn2ymcAMzwjAlPuVeEOpRGWWve/12yp/ewJz
BlGSdD8Ve0pKel8/3D+vtSaadVqu0uhByFVtL90BQm98XeIKwLRREYTy553Md2PB
HOV8jRWfuJFS5UveB/uL3gzlhM4g1K0YCJYIsZUuRNGK/xj/JtAUNamz9/rVg7Jb
H8Rrc+B4e/kRT9n8IXbolcObDx5biySuHHXHXKdJ2zuye4ecTFl5Sx5l3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKHUQfz0Zaryom+cYLVgaL56VGSHMB8GA1UdIwQY
MBaAFDszY+R+aevF0cIlHd1drHyYmJkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMt
Y2NkYWRmN2Y2NWYyLzEvb2RSQl9QUmxxdktpYjV4Z3RXQm92bnBVWkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kMzJjZDQtYmE5My00ZjE2LTg5OWMtY2NkYWRmN2Y2NWYy
LzEvT3pOajVINXA2OFhSd2lVZDNWMnNmSmlZbVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucCIMA0E
AgACMAcDBQMqCizAMA0GCSqGSIb3DQEBCwUAA4IBAQB3YTz2xk8a6YTXlW6Bv4yB
5894Y0ZN9wnKlOAooBLDmBCDd0MZQfxMJ4RivhK7XcLP0A+9TFh8TR5Lgz9v11xQ
sMaBloMvtBxWTDC2b5zhG833hEACpwnUAbuKdZdRu9MYUxcmdu6ngRX2j7zawqGb
9kkNDuPRMOiKPM7XFhEYWWfFoNRzKAzmLZLMqWqztgP8KXn1jqlOd94RhXmMhTm/
kTMJ+v9zeWmJWjr7o7zQayKKnZJVZKGmf0BHCJEh5J05EAgA+RPBcaftnbRNdRg3
JXL6I5SBowO2n2epB3dA7dJ0FUPVRqD847gzEInO6KLs5W+VJB6jko1OEAHbribq
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:33:20 2025 by rpki-client