Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/OIGwK8leAqm38R7MvkXAH6TX7zA.roa
File: OIGwK8leAqm38R7MvkXAH6TX7zA.roa (raw, json)
Hash identifier: /HPC/1gjCgW0UviH0K4ZNXSI3x5lhm9O5jjHUPoehAk=
Subject key identifier: 38:81:B0:2B:C9:5E:02:A9:B7:F1:1E:CC:BE:45:C0:1F:A4:D7:EF:30
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FFA5BE2990F295310304C9C35357B
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/OIGwK8leAqm38R7MvkXAH6TX7zA.roa
Signing time: Tue 02 Jan 2024 04:30:30 +0000
ROA not before: Tue 02 Jan 2024 04:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212805
IP address blocks: 85.153.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:fa:5b:e2:99:0f:29:53:10:30:4c:9c:35:35:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3881b02bc95e02a9b7f11eccbe45c01fa4d7ef30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:4e:e7:88:e9:87:ea:98:a3:2e:71:c8:14:
a3:7e:da:5c:08:da:12:07:1a:83:9e:4b:eb:1e:c7:
66:81:c1:9a:6c:d3:8e:d7:78:50:ad:91:66:49:e4:
4e:bf:e2:05:de:3f:45:aa:e4:8f:fe:ca:9a:5b:6d:
97:9c:fd:eb:27:dc:1e:cd:7c:c4:37:40:ae:c1:46:
13:d8:61:3d:e5:9b:e4:26:24:9f:e0:0b:7b:fd:3d:
37:37:7c:15:bc:a2:6c:0c:60:f1:01:37:70:e4:98:
2d:36:09:37:f2:9b:d4:11:45:dc:55:23:8a:a7:e3:
2f:e6:73:44:9b:11:5b:63:8f:a5:28:3a:74:66:1e:
90:34:4c:ca:e2:ea:60:0a:59:47:c8:4c:b9:e0:20:
ad:d9:ca:a7:64:e1:b9:32:60:b5:3b:a4:fc:31:83:
04:db:6c:04:19:13:aa:4a:a6:76:a4:32:b3:9c:ff:
12:dc:db:a6:55:05:76:cb:76:1c:c6:a4:05:65:a9:
2b:0d:9b:5c:89:2b:63:40:f4:3a:19:36:80:a5:be:
fd:54:ac:61:90:95:98:62:c5:19:55:b7:c6:8a:54:
14:52:aa:e3:b2:92:18:5f:8a:c4:db:5a:bd:12:a9:
fa:9b:ca:b7:55:ad:42:18:4e:1c:e8:25:29:1d:4e:
30:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:81:B0:2B:C9:5E:02:A9:B7:F1:1E:CC:BE:45:C0:1F:A4:D7:EF:30
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/OIGwK8leAqm38R7MvkXAH6TX7zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.146.0/24
Signature Algorithm: sha256WithRSAEncryption
08:15:13:bc:51:3e:25:75:a5:7d:ae:88:65:85:e8:75:2f:32:
20:19:91:23:a5:9c:d4:86:95:58:f1:07:8b:eb:e7:49:1b:18:
c6:53:4c:86:11:98:06:e6:95:d1:38:55:66:c3:5c:8f:af:03:
5e:b7:dc:2e:78:bc:bd:22:3e:8e:15:36:7a:08:42:3b:63:27:
38:c4:2b:df:f7:be:9e:5d:64:92:1f:3e:6e:a6:56:20:a5:2f:
6d:27:b9:44:41:d7:12:95:dd:2e:ae:25:e1:9a:05:9f:b0:ee:
47:99:6a:2d:6c:1a:f3:05:40:04:d7:d6:25:25:b2:9f:a0:f9:
a1:ef:2b:ae:4d:c0:99:6d:b4:30:e1:3d:29:ee:9f:64:10:33:
0f:9a:92:25:8d:38:0c:ca:b2:2b:7a:03:6f:01:a1:19:bf:fb:
98:71:7b:f9:ee:27:99:41:e9:82:ec:7f:30:76:99:19:cd:80:
03:85:e8:62:54:9a:e6:02:0f:9a:30:03:99:f5:c7:3d:ce:42:
4f:11:e3:df:33:4f:f4:51:da:7d:54:c3:08:4b:ef:71:b1:50:
0f:3e:a2:da:f2:3e:00:5c:f2:c8:95:e0:2c:01:4e:78:60:36:
a8:c2:cf:0b:14:83:d1:0c:fa:05:49:a4:e2:8a:81:47:02:bf:
39:b7:42:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb/pb4pkPKVMQMEycNTV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODgxYjAyYmM5NWUwMmE5YjdmMTFlY2NiZTQ1YzAxZmE0ZDdlZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNFO54jph+qYoy5xyBSjftpcCNoS
BxqDnkvrHsdmgcGabNOO13hQrZFmSeROv+IF3j9FquSP/sqaW22XnP3rJ9wezXzE
N0CuwUYT2GE95ZvkJiSf4At7/T03N3wVvKJsDGDxATdw5JgtNgk38pvUEUXcVSOK
p+Mv5nNEmxFbY4+lKDp0Zh6QNEzK4upgCllHyEy54CCt2cqnZOG5MmC1O6T8MYME
22wEGROqSqZ2pDKznP8S3NumVQV2y3YcxqQFZakrDZtciStjQPQ6GTaApb79VKxh
kJWYYsUZVbfGilQUUqrjspIYX4rE21q9Eqn6m8q3Va1CGE4c6CUpHU4wRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiBsCvJXgKpt/EezL5FwB+k1+8wMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvT0lHd0s4bGVBcW0zOFI3TXZrWEFINlRYN3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZmSMA0G
CSqGSIb3DQEBCwUAA4IBAQAIFRO8UT4ldaV9rohlheh1LzIgGZEjpZzUhpVY8QeL
6+dJGxjGU0yGEZgG5pXROFVmw1yPrwNet9wueLy9Ij6OFTZ6CEI7Yyc4xCvf976e
XWSSHz5uplYgpS9tJ7lEQdcSld0uriXhmgWfsO5HmWotbBrzBUAE19YlJbKfoPmh
7yuuTcCZbbQw4T0p7p9kEDMPmpIljTgMyrIregNvAaEZv/uYcXv57ieZQemC7H8w
dpkZzYADhehiVJrmAg+aMAOZ9cc9zkJPEePfM0/0Udp9VMMIS+9xsVAPPqLa8j4A
XPLIleAsAU54YDaows8LFIPRDPoFSaTiioFHAr85t0KX
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:41:30 2025 by rpki-client