Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cO_HV1ZikXDn6-Zak2KE3flmvkM.roa
File: cO_HV1ZikXDn6-Zak2KE3flmvkM.roa (raw, json)
Hash identifier: fSNIA9h6uRjFd4iPG3a+YK9fhmk0/KsT/jKRlILzVv4=
Subject key identifier: 70:EF:C7:57:56:62:91:70:E7:EB:E6:5A:93:62:84:DD:F9:66:BE:43
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0193F8091666E50ACE2E4DBF8E8714A7FF29
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cO_HV1ZikXDn6-Zak2KE3flmvkM.roa
Signing time: Tue 24 Dec 2024 09:39:25 +0000
ROA not before: Tue 24 Dec 2024 09:39:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:09:16:66:e5:0a:ce:2e:4d:bf:8e:87:14:a7:ff:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 24 09:39:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70efc75756629170e7ebe65a936284ddf966be43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ce:ca:28:5a:57:21:07:4d:89:c5:bc:2b:04:
96:17:9e:45:04:c9:af:f0:9b:fc:09:65:da:ed:7b:
a5:6c:88:40:2f:27:a5:9c:64:d7:57:7f:3b:90:b8:
b4:0d:30:2b:cb:1b:06:ea:79:35:0e:fe:1a:91:43:
72:bb:a3:ef:43:5c:5d:8e:49:73:54:32:79:60:6a:
f6:b2:3b:53:57:0d:7a:bd:48:f3:29:3a:07:d1:d5:
90:38:65:d3:61:a7:c6:bd:10:2f:5e:de:ea:81:22:
4a:62:a5:f0:e4:72:fc:38:91:81:61:a9:54:85:3d:
3d:aa:9e:56:e0:21:f5:ee:ea:c1:df:00:a9:5f:ea:
56:44:94:34:a3:3a:20:93:5c:3a:2b:d9:3d:ad:61:
33:67:c2:4d:48:e2:69:05:df:a0:27:db:b6:da:dd:
d6:3d:4e:ef:0b:98:5d:6a:e6:e5:5e:b6:25:7f:b2:
c6:9a:d1:59:cc:14:1c:c9:84:4d:aa:1c:f7:41:52:
a1:68:21:de:cf:83:22:68:f0:00:ef:67:32:9b:d0:
1f:ff:44:46:a8:73:2b:80:4b:c2:8f:d3:47:d3:3b:
5c:81:6b:b6:bd:bc:50:ea:3d:13:75:2e:d0:28:29:
28:ac:45:b6:c7:d4:95:8b:ff:ae:ca:3d:b8:f3:a2:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EF:C7:57:56:62:91:70:E7:EB:E6:5A:93:62:84:DD:F9:66:BE:43
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cO_HV1ZikXDn6-Zak2KE3flmvkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
a7:0e:e7:66:dd:d6:50:17:4c:c9:84:82:b0:9d:f5:5b:0b:5b:
9a:ea:a9:21:66:fa:1b:c1:00:1d:26:6d:73:39:95:3d:22:22:
52:dc:7a:15:d1:5f:84:bb:bb:b5:27:ee:52:b7:df:47:96:92:
d5:6c:b4:73:e8:c5:27:67:33:67:c8:b5:7a:52:6d:f8:49:c4:
a7:f1:f2:76:a3:f4:e1:19:68:cb:5b:3c:61:24:39:41:a9:dd:
76:61:22:ba:cd:bc:c3:36:15:04:cc:46:c6:60:02:a8:bc:5d:
b8:64:f0:fd:bd:04:2d:07:dc:c7:b7:3a:b0:09:b8:d2:96:03:
df:74:8a:c9:e8:64:03:74:8c:2e:51:e0:9c:33:ac:48:83:27:
7b:ea:b6:21:18:6b:1e:3d:0a:99:03:32:ba:b7:99:69:c1:4c:
ca:04:76:13:b3:1e:ae:91:2f:2e:bb:2e:c6:eb:35:ee:15:60:
d6:8d:1a:98:51:25:6b:02:7b:7b:24:7c:29:9a:18:4d:bb:11:
9d:85:cd:f8:db:fb:4b:25:54:0e:f6:8d:b5:f9:3b:25:bb:20:
11:48:4a:06:7d:40:a6:23:db:33:32:62:c4:e9:07:00:db:1e:
fa:a4:c7:91:e2:20:81:e1:f2:a4:86:99:55:25:64:d1:24:9b:
76:e4:36:6c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZP4CRZm5QrOLk2/jocUp/8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMjI0MDkzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVmYzc1NzU2NjI5MTcwZTdlYmU2NWE5MzYyODRkZGY5NjZiZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA587KKFpXIQdNicW8KwSWF55FBMmv
8Jv8CWXa7XulbIhALyelnGTXV387kLi0DTAryxsG6nk1Dv4akUNyu6PvQ1xdjklz
VDJ5YGr2sjtTVw16vUjzKToH0dWQOGXTYafGvRAvXt7qgSJKYqXw5HL8OJGBYalU
hT09qp5W4CH17urB3wCpX+pWRJQ0ozogk1w6K9k9rWEzZ8JNSOJpBd+gJ9u22t3W
PU7vC5hdaublXrYlf7LGmtFZzBQcyYRNqhz3QVKhaCHez4MiaPAA72cym9Af/0RG
qHMrgEvCj9NH0ztcgWu2vbxQ6j0TdS7QKCkorEW2x9SVi/+uyj2486KVbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHDvx1dWYpFw5+vmWpNihN35Zr5DMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvY09fSFYxWmlrWERuNi1aYWsyS0UzZmxtdmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQC
w9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCnDudm3dZQF0zJ
hIKwnfVbC1ua6qkhZvobwQAdJm1zOZU9IiJS3HoV0V+Eu7u1J+5St99HlpLVbLRz
6MUnZzNnyLV6Um34ScSn8fJ2o/ThGWjLWzxhJDlBqd12YSK6zbzDNhUEzEbGYAKo
vF24ZPD9vQQtB9zHtzqwCbjSlgPfdIrJ6GQDdIwuUeCcM6xIgyd76rYhGGsePQqZ
AzK6t5lpwUzKBHYTsx6ukS8uuy7G6zXuFWDWjRqYUSVrAnt7JHwpmhhNuxGdhc34
2/tLJVQO9o21+TsluyARSEoGfUCmI9szMmLE6QcA2x76pMeR4iCB4fKkhplVJWTR
JJt25DZs
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:32:29 2025 by rpki-client