Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oYm24cI8KxI09GFqatOyPni3qD4.roa
File: oYm24cI8KxI09GFqatOyPni3qD4.roa (raw, json)
Hash identifier: z82Xi0q+JZoOa0SLEXmo1omn4gSyDow+nI31aze92fU=
Subject key identifier: A1:89:B6:E1:C2:3C:2B:12:34:F4:61:6A:6A:D3:B2:3E:78:B7:A8:3E
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DAE86FC0FA22DB3253E67E23F3B056
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oYm24cI8KxI09GFqatOyPni3qD4.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209388
IP address blocks: 82.177.131.0/24 maxlen: 24
88.220.164.0/24 maxlen: 24
82.177.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e8:6f:c0:fa:22:db:32:53:e6:7e:23:f3:b0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a189b6e1c23c2b1234f4616a6ad3b23e78b7a83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cc:d4:c4:18:e7:4d:b5:63:5e:9e:9d:e5:ce:
cf:3a:65:90:34:11:a8:aa:cd:c5:a9:e3:7a:7e:24:
a8:3e:d7:18:64:1a:76:a9:e7:8c:21:36:50:31:ec:
0f:38:d5:63:a5:7c:90:de:38:b4:49:6f:b7:45:3c:
2a:b0:fc:48:b0:1e:22:70:a8:68:17:5d:7a:2c:5a:
d3:af:a1:c3:a4:b3:23:cd:db:84:69:c7:28:bb:dd:
5a:f0:0e:a4:f9:96:62:51:0e:63:d0:06:fd:02:d2:
15:03:38:97:39:e2:06:94:8f:a4:57:83:c1:65:16:
dd:9b:7a:21:d0:ed:1d:f2:01:29:67:29:f4:b3:73:
29:ca:f3:d4:c6:af:d9:f4:09:21:c4:52:7b:40:16:
75:16:61:96:49:c9:2b:fd:ea:a5:04:63:0d:14:29:
43:0b:2f:dd:4f:33:81:c9:9c:63:76:01:7f:9e:a4:
2e:63:40:2a:14:32:06:a8:58:32:5b:08:25:00:f2:
43:f9:13:5f:35:1a:49:a0:05:73:67:00:94:a2:13:
4c:4d:62:32:e6:fb:d3:a5:92:7e:b8:61:0f:75:e1:
f3:a8:8e:30:37:b8:d1:54:c8:ac:de:f4:46:cf:22:
72:a0:04:29:97:47:b2:84:a7:e5:6d:ae:6c:d9:ed:
0f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:89:B6:E1:C2:3C:2B:12:34:F4:61:6A:6A:D3:B2:3E:78:B7:A8:3E
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/oYm24cI8KxI09GFqatOyPni3qD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.101.0/24
82.177.131.0/24
88.220.164.0/24
Signature Algorithm: sha256WithRSAEncryption
21:bb:58:47:72:a5:ff:f3:a8:81:d5:70:28:56:97:cb:e8:d0:
ea:3f:db:21:88:43:1e:4d:d5:fe:3f:1f:b9:ca:d9:da:ce:0d:
ce:5d:33:f9:9e:78:1c:1d:93:fb:d2:1b:82:c8:8a:8e:a8:7f:
be:e0:98:eb:46:72:0b:c3:c0:77:86:8d:34:80:bd:92:ee:17:
3b:9b:63:73:35:b4:d4:2a:78:d9:ec:70:61:b0:73:52:b4:10:
ae:f9:78:66:29:a7:cf:d5:33:aa:5c:43:ee:2a:81:2f:e4:af:
2a:50:39:27:14:5c:00:77:77:41:7e:63:6a:ee:c6:26:99:b8:
6d:0f:34:4d:1b:b8:69:ac:fd:05:57:c9:a5:f6:35:4f:53:53:
c9:f4:6f:a5:0f:b2:fe:90:ac:20:7e:09:c8:9c:1b:b8:68:c8:
4e:b6:ae:a3:58:49:a7:90:4b:ca:94:2a:fa:47:53:04:83:34:
28:d0:33:80:4b:91:48:db:60:51:ac:7c:a1:7a:a6:ca:9d:ce:
54:e1:93:82:a5:12:fa:93:22:5e:3d:19:eb:ed:71:85:4a:ea:
64:03:fe:22:11:36:d1:c0:b1:cb:a9:16:b6:b0:89:5d:41:d8:
fd:36:54:35:1c:69:ab:07:cd:c2:5e:6c:1a:51:38:fc:cf:18:
c3:6a:9d:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2uhvwPoi2zJT5n4j87BWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg5YjZlMWMyM2MyYjEyMzRmNDYxNmE2YWQzYjIzZTc4YjdhODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkszUxBjnTbVjXp6d5c7POmWQNBGo
qs3FqeN6fiSoPtcYZBp2qeeMITZQMewPONVjpXyQ3ji0SW+3RTwqsPxIsB4icKho
F116LFrTr6HDpLMjzduEaccou91a8A6k+ZZiUQ5j0Ab9AtIVAziXOeIGlI+kV4PB
ZRbdm3oh0O0d8gEpZyn0s3MpyvPUxq/Z9AkhxFJ7QBZ1FmGWSckr/eqlBGMNFClD
Cy/dTzOByZxjdgF/nqQuY0AqFDIGqFgyWwglAPJD+RNfNRpJoAVzZwCUohNMTWIy
5vvTpZJ+uGEPdeHzqI4wN7jRVMis3vRGzyJyoAQpl0eyhKflba5s2e0PowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKGJtuHCPCsSNPRhamrTsj54t6g+MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvb1ltMjRjSThLeEkwOUdGcWF0T3lQbmkzcUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUrFlAwQA
UrGDAwQAWNykMA0GCSqGSIb3DQEBCwUAA4IBAQAhu1hHcqX/86iB1XAoVpfL6NDq
P9shiEMeTdX+Px+5ytnazg3OXTP5nngcHZP70huCyIqOqH++4JjrRnILw8B3ho00
gL2S7hc7m2NzNbTUKnjZ7HBhsHNStBCu+XhmKafP1TOqXEPuKoEv5K8qUDknFFwA
d3dBfmNq7sYmmbhtDzRNG7hprP0FV8ml9jVPU1PJ9G+lD7L+kKwgfgnInBu4aMhO
tq6jWEmnkEvKlCr6R1MEgzQo0DOAS5FI22BRrHyheqbKnc5U4ZOCpRL6kyJePRnr
7XGFSupkA/4iETbRwLHLqRa2sIldQdj9NlQ1HGmrB83CXmwaUTj8zxjDap1l
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:48 2025 by rpki-client