Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OA6xVq4kzXkN8FbHWBxn3rLXD-c.roa
File: OA6xVq4kzXkN8FbHWBxn3rLXD-c.roa (raw, json)
Hash identifier: sofpySHKO1EKvP35/0oEFu7rvbk2J2x64DkHWtaDLp4=
Subject key identifier: 38:0E:B1:56:AE:24:CD:79:0D:F0:56:C7:58:1C:67:DE:B2:D7:0F:E7
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018E0E7DFB7DC670BD674D94EB7F2DB4DC5D
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OA6xVq4kzXkN8FbHWBxn3rLXD-c.roa
Signing time: Tue 05 Mar 2024 12:02:01 +0000
ROA not before: Tue 05 Mar 2024 12:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 145.78.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:7d:fb:7d:c6:70:bd:67:4d:94:eb:7f:2d:b4:dc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Mar 5 12:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=380eb156ae24cd790df056c7581c67deb2d70fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d2:c4:e6:c5:06:08:33:79:d9:69:be:e1:9a:
2b:9a:d2:41:3b:5f:54:37:23:06:9a:e2:8d:67:6b:
ab:af:83:34:ed:b6:4d:57:23:64:90:5b:60:ba:fa:
e9:0c:51:8c:7e:26:a8:6e:0a:54:61:b1:4d:bb:0f:
ce:d4:8d:30:a2:83:19:1f:b9:5e:2e:77:43:cc:ca:
a2:a9:2a:c5:c3:35:65:42:86:03:75:61:70:af:26:
4b:23:9c:2c:2e:81:b9:ed:3e:f0:51:db:e8:36:50:
32:c9:fb:bd:e2:6e:71:e4:79:22:c4:51:0a:1c:04:
33:6e:2a:6d:c2:16:01:85:95:58:f4:42:90:4d:b7:
47:8a:9d:c1:6c:96:b6:49:52:5a:16:ee:ca:1b:83:
31:20:0c:c0:d2:26:67:51:7b:d3:53:b8:f7:29:cb:
36:3a:2c:f3:e4:81:97:e9:65:a0:03:7a:ae:7a:f4:
76:33:d9:e0:5d:1c:ad:0e:20:d0:99:5d:b9:b0:a0:
26:32:f7:67:b0:28:7f:3d:d3:a6:86:69:6f:57:c4:
32:51:0c:40:0f:d0:86:e9:86:ec:82:9c:a8:95:fe:
26:41:10:b9:3e:39:1f:8c:dc:88:fd:f2:2b:03:7d:
01:11:3b:d0:da:96:58:58:cb:94:a2:84:0d:d3:20:
06:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0E:B1:56:AE:24:CD:79:0D:F0:56:C7:58:1C:67:DE:B2:D7:0F:E7
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/OA6xVq4kzXkN8FbHWBxn3rLXD-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.78.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:1a:ae:f4:8b:5b:cf:86:fb:fd:99:ec:c5:e4:d2:23:9c:a2:
dd:f2:fe:b0:13:18:02:29:58:3b:df:08:8b:fa:51:4b:1d:dc:
cf:16:16:43:af:5b:35:20:61:a6:7d:14:97:d7:2c:79:fb:ed:
21:1e:f7:05:08:f7:f2:df:45:d7:a3:14:8f:21:ad:26:2d:ca:
69:43:ff:78:1b:39:e2:4a:34:aa:ea:64:3b:04:36:f9:bb:6b:
9e:48:82:f9:a0:d3:13:6a:0a:a6:e1:ff:36:92:ae:9e:7a:da:
b4:6b:6f:a4:4f:02:69:bf:01:bb:e1:c2:f3:af:05:29:24:30:
b9:da:6e:2f:50:e5:24:65:59:b4:43:02:7d:2d:7c:12:87:6a:
2c:a0:7f:87:c6:f4:25:bd:ab:20:3e:3f:6b:e5:1b:6c:e2:27:
ac:bd:02:b5:05:2a:7b:09:dd:3f:83:e7:55:3b:79:3b:c6:95:
f6:eb:bd:c0:62:b8:31:83:42:61:f8:f0:31:dd:84:f6:41:6e:
39:34:13:d4:3f:e0:bd:ef:c9:d3:a0:5c:60:8b:3e:28:25:19:
f6:d2:de:c3:81:a0:fe:99:01:c1:d7:19:e6:89:17:01:14:1c:
45:53:76:8e:12:05:c5:98:89:2f:54:c7:9b:0c:66:7c:ff:33:
dd:dc:cd:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4Offt9xnC9Z02U638ttNxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMzA1MTIwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBlYjE1NmFlMjRjZDc5MGRmMDU2Yzc1ODFjNjdkZWIyZDcwZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtLE5sUGCDN52Wm+4ZormtJBO19U
NyMGmuKNZ2urr4M07bZNVyNkkFtguvrpDFGMfiaobgpUYbFNuw/O1I0wooMZH7le
LndDzMqiqSrFwzVlQoYDdWFwryZLI5wsLoG57T7wUdvoNlAyyfu94m5x5HkixFEK
HAQzbiptwhYBhZVY9EKQTbdHip3BbJa2SVJaFu7KG4MxIAzA0iZnUXvTU7j3Kcs2
Oizz5IGX6WWgA3quevR2M9ngXRytDiDQmV25sKAmMvdnsCh/PdOmhmlvV8QyUQxA
D9CG6Ybsgpyolf4mQRC5PjkfjNyI/fIrA30BETvQ2pZYWMuUooQN0yAG4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgOsVauJM15DfBWx1gcZ96y1w/nMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvT0E2eFZxNGt6WGtOOEZiSFdCeG4zckxYRC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkU4UMA0G
CSqGSIb3DQEBCwUAA4IBAQAqGq70i1vPhvv9mezF5NIjnKLd8v6wExgCKVg73wiL
+lFLHdzPFhZDr1s1IGGmfRSX1yx5++0hHvcFCPfy30XXoxSPIa0mLcppQ/94Gzni
SjSq6mQ7BDb5u2ueSIL5oNMTagqm4f82kq6eetq0a2+kTwJpvwG74cLzrwUpJDC5
2m4vUOUkZVm0QwJ9LXwSh2osoH+HxvQlvasgPj9r5Rts4iesvQK1BSp7Cd0/g+dV
O3k7xpX2673AYrgxg0Jh+PAx3YT2QW45NBPUP+C978nToFxgiz4oJRn20t7DgaD+
mQHB1xnmiRcBFBxFU3aOEgXFmIkvVMebDGZ8/zPd3M1Q
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:14 2025 by rpki-client