Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/o2iYMe4CglFz8fKMhYKq9vVmB0k.roa
File: o2iYMe4CglFz8fKMhYKq9vVmB0k.roa (raw, json)
Hash identifier: W8HHCfQoS98o3GknY3v/UCQ/RL0Xg8zp00GayTeZ9Ws=
Subject key identifier: A3:68:98:31:EE:02:82:51:73:F1:F2:8C:85:82:AA:F6:F5:66:07:49
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428275A2B16E7A886E9D0D0E00E22BC7A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/o2iYMe4CglFz8fKMhYKq9vVmB0k.roa
Signing time: Thu 02 Jan 2025 17:54:15 +0000
ROA not before: Thu 02 Jan 2025 17:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44103
IP address blocks: 188.214.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 08:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:5a:2b:16:e7:a8:86:e9:d0:d0:e0:0e:22:bc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3689831ee02825173f1f28c8582aaf6f5660749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8d:a1:55:00:d6:10:b7:51:f8:73:45:45:95:
c2:15:8e:7f:af:b7:1d:f3:e5:1e:a6:13:90:95:aa:
0b:cf:b1:0d:bf:0e:fd:dd:8c:c0:5b:b9:35:1d:1d:
d3:f4:5d:35:eb:82:11:6e:ef:fc:24:7b:2c:ce:6c:
e0:f0:55:28:58:f5:c9:76:7e:5c:7b:14:ff:80:71:
7e:0a:d5:d0:e8:d0:3e:45:f6:a6:0f:bf:17:72:d8:
37:1c:be:03:e5:a4:a0:3c:a0:99:a5:41:76:3c:4b:
a8:e2:61:75:24:a2:5f:b6:98:a1:ee:78:ff:df:c2:
fc:69:0c:4b:fa:33:5e:81:e4:eb:40:bf:42:01:88:
07:53:1a:34:dc:45:6b:b6:f6:e3:4f:ac:11:02:4b:
c7:95:1c:09:c9:9a:1a:de:de:19:2e:dd:5c:0c:40:
a9:08:67:88:0b:6f:8f:d2:d1:d6:db:05:30:89:eb:
1a:e5:95:8e:ad:aa:63:22:22:a2:8b:3e:a2:e8:c0:
07:73:da:bd:3a:88:98:f6:e6:07:b7:8d:14:26:66:
a4:26:f8:88:cb:fd:10:04:b2:14:5f:d0:f3:06:27:
77:f2:26:1b:e6:98:6d:fd:28:95:7c:a4:85:7c:6c:
3c:62:03:68:7e:0d:e3:34:0f:35:36:62:2b:94:d4:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:68:98:31:EE:02:82:51:73:F1:F2:8C:85:82:AA:F6:F5:66:07:49
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/o2iYMe4CglFz8fKMhYKq9vVmB0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e3:0c:03:76:15:c6:54:25:87:3b:d6:c1:7b:72:49:ee:d3:
e4:bf:34:aa:54:3f:80:f8:21:4a:7e:66:42:8b:5f:c8:b3:97:
bd:f8:87:9d:01:9a:29:09:e5:1c:f4:13:96:75:df:d4:4f:ab:
87:83:ce:3f:a7:ea:9a:bc:6f:18:8d:5b:f7:0f:05:b9:f8:54:
c7:e8:fa:0c:4b:be:1f:45:9e:32:30:a6:6c:27:d9:53:8b:e9:
98:5b:6c:e5:66:ae:50:50:87:ca:aa:18:1c:8d:41:d3:e2:20:
bc:10:13:d4:35:46:87:50:39:d0:d0:00:80:9c:5d:27:5d:a7:
86:ba:88:e1:6d:38:67:d3:92:13:5f:20:bb:bc:d9:4e:28:52:
17:81:1c:51:7b:fc:68:ab:8a:90:77:6d:2d:c1:79:19:91:ff:
3f:f9:37:0f:f8:3c:15:19:29:c4:c7:11:28:ee:7d:89:e9:4b:
67:f0:82:4e:ab:33:59:17:bd:26:ef:5d:94:ed:2c:b5:44:3f:
75:bf:f3:c8:2a:4d:ba:37:13:47:d9:14:22:d0:ef:8a:0b:7f:
4c:f4:01:ca:42:cb:e0:0e:b3:7c:7c:be:6b:a5:a3:b6:df:f2:
9b:94:da:d3:c6:ed:13:d4:11:93:41:bb:3e:5d:a8:18:2a:1e:
1c:34:ab:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ1orFueohunQ0OAOIrx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzY4OTgzMWVlMDI4MjUxNzNmMWYyOGM4NTgyYWFmNmY1NjYwNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI2hVQDWELdR+HNFRZXCFY5/r7cd
8+UephOQlaoLz7ENvw793YzAW7k1HR3T9F0164IRbu/8JHsszmzg8FUoWPXJdn5c
exT/gHF+CtXQ6NA+RfamD78Xctg3HL4D5aSgPKCZpUF2PEuo4mF1JKJftpih7nj/
38L8aQxL+jNegeTrQL9CAYgHUxo03EVrtvbjT6wRAkvHlRwJyZoa3t4ZLt1cDECp
CGeIC2+P0tHW2wUwiesa5ZWOrapjIiKiiz6i6MAHc9q9OoiY9uYHt40UJmakJviI
y/0QBLIUX9DzBid38iYb5pht/SiVfKSFfGw8YgNofg3jNA81NmIrlNSruwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNomDHuAoJRc/HyjIWCqvb1ZgdJMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbzJpWU1lNENnbEZ6OGZLTWhZS3E5dlZtQjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNZrMA0G
CSqGSIb3DQEBCwUAA4IBAQAi4wwDdhXGVCWHO9bBe3JJ7tPkvzSqVD+A+CFKfmZC
i1/Is5e9+IedAZopCeUc9BOWdd/UT6uHg84/p+qavG8YjVv3DwW5+FTH6PoMS74f
RZ4yMKZsJ9lTi+mYW2zlZq5QUIfKqhgcjUHT4iC8EBPUNUaHUDnQ0ACAnF0nXaeG
uojhbThn05ITXyC7vNlOKFIXgRxRe/xoq4qQd20twXkZkf8/+TcP+DwVGSnExxEo
7n2J6Utn8IJOqzNZF70m712U7Sy1RD91v/PIKk26NxNH2RQi0O+KC39M9AHKQsvg
DrN8fL5rpaO23/KblNrTxu0T1BGTQbs+XagYKh4cNKtR
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:04:13 2025 by rpki-client