Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3odn-aPsrcfPc5h7mjoP48rCBjk.roa
File: 3odn-aPsrcfPc5h7mjoP48rCBjk.roa (raw, json)
Hash identifier: xChcbNWJg2FdBTIXwrFglHzYnN96ZG+vLZ8ujfAwVhA=
Subject key identifier: DE:87:67:F9:A3:EC:AD:C7:CF:73:98:7B:9A:3A:0F:E3:CA:C2:06:39
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 018CC86FDCE63D17351B9D420F969F2B6818
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3odn-aPsrcfPc5h7mjoP48rCBjk.roa
Signing time: Tue 02 Jan 2024 04:30:23 +0000
ROA not before: Tue 02 Jan 2024 04:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209916
IP address blocks: 45.157.116.0/22 maxlen: 24
194.147.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 12:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:dc:e6:3d:17:35:1b:9d:42:0f:96:9f:2b:68:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 04:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8767f9a3ecadc7cf73987b9a3a0fe3cac20639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:41:4b:d7:e4:0a:4d:95:37:ca:42:91:3e:29:
28:5d:4e:d3:c5:a8:55:d9:e7:8c:98:55:fe:f2:50:
ef:d0:d7:81:f9:cf:f5:85:2a:9c:18:b9:c5:83:b2:
10:e0:ef:36:f1:8a:9c:2e:e6:ff:19:93:04:a7:2a:
f9:7a:24:57:6f:13:e0:73:84:5e:15:04:41:c9:bf:
77:f9:5f:55:00:3d:b1:83:2f:61:f0:8b:8d:9a:64:
9a:52:eb:c5:91:30:0f:aa:63:35:c2:31:fa:97:39:
dd:ec:0c:ed:51:a4:a8:4e:d5:79:2f:b5:d5:f9:f2:
d7:5a:f8:fe:47:55:cd:f6:33:d9:15:f6:ad:d9:57:
f1:05:0d:51:06:6d:c5:80:9c:70:a6:ea:2f:22:a2:
d0:5a:2f:86:6d:9f:18:de:91:17:67:c9:fa:1e:bc:
30:f7:6d:76:60:4a:7a:b3:0a:8f:f6:f4:b3:c0:dc:
e7:bb:38:98:26:1a:76:88:f9:d4:af:7c:92:39:61:
b8:88:71:51:54:b8:e4:16:f0:63:e2:c6:7e:01:2d:
2d:8e:fc:81:e7:4b:f7:f8:f5:90:14:04:f8:d6:5c:
4f:68:d8:8e:71:9c:fa:6f:62:b8:74:8e:8b:3d:f9:
02:e1:37:d8:44:47:9d:44:38:0d:89:c8:af:0a:2a:
33:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:87:67:F9:A3:EC:AD:C7:CF:73:98:7B:9A:3A:0F:E3:CA:C2:06:39
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3odn-aPsrcfPc5h7mjoP48rCBjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
194.147.109.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3c:f9:c2:2d:18:7e:94:4c:64:d5:d2:00:f4:20:6b:e6:66:
cb:6f:29:01:11:6d:10:e9:71:8b:75:bb:86:bf:81:43:28:b5:
e3:3a:17:e0:5e:60:88:70:d3:e2:34:54:65:03:f9:7d:eb:10:
d7:bd:d4:28:62:b5:f0:a9:45:6b:21:02:ca:ba:f6:0a:fb:12:
b5:6d:d9:60:94:ed:be:a6:6d:05:d8:16:d7:6b:bf:1a:63:c3:
e2:49:8b:a3:81:bf:fc:5a:76:be:d1:a7:f2:9d:c7:9f:ef:fd:
7a:78:77:45:12:6a:47:0a:42:ca:29:df:28:68:69:1e:46:11:
e8:b6:5e:46:87:e8:2e:0d:1d:f3:54:c5:6c:22:6f:bb:fc:a2:
2e:34:b5:ea:c9:8f:10:96:b3:b7:83:57:a5:e6:5b:de:9b:71:
2e:6e:72:71:e0:73:e4:1f:32:bf:0a:72:5e:d2:8b:fc:80:b4:
0d:fc:33:07:95:6c:c9:c4:9e:e0:fb:fd:50:b7:68:32:0e:ce:
bb:04:5c:c4:b5:d0:0a:5c:4a:af:20:98:33:ab:68:fb:dd:cd:
eb:5c:11:ee:9e:3a:1e:4a:35:6b:bf:84:a3:8c:34:c8:c3:1f:
55:f3:33:60:0b:47:ee:55:9a:8d:6f:ce:aa:42:40:a5:40:e3:
a4:56:64:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb9zmPRc1G51CD5afK2gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjQwMTAyMDQzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg3NjdmOWEzZWNhZGM3Y2Y3Mzk4N2I5YTNhMGZlM2NhYzIwNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUFL1+QKTZU3ykKRPikoXU7TxahV
2eeMmFX+8lDv0NeB+c/1hSqcGLnFg7IQ4O828YqcLub/GZMEpyr5eiRXbxPgc4Re
FQRByb93+V9VAD2xgy9h8IuNmmSaUuvFkTAPqmM1wjH6lznd7AztUaSoTtV5L7XV
+fLXWvj+R1XN9jPZFfat2VfxBQ1RBm3FgJxwpuovIqLQWi+GbZ8Y3pEXZ8n6Hrww
9212YEp6swqP9vSzwNznuziYJhp2iPnUr3ySOWG4iHFRVLjkFvBj4sZ+AS0tjvyB
50v3+PWQFAT41lxPaNiOcZz6b2K4dI6LPfkC4TfYREedRDgNicivCioz/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6HZ/mj7K3Hz3OYe5o6D+PKwgY5MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvM29kbi1hUHNyY2ZQYzVoN21qb1A0OHJDQmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ10AwQA
wpNtMA0GCSqGSIb3DQEBCwUAA4IBAQBHPPnCLRh+lExk1dIA9CBr5mbLbykBEW0Q
6XGLdbuGv4FDKLXjOhfgXmCIcNPiNFRlA/l96xDXvdQoYrXwqUVrIQLKuvYK+xK1
bdlglO2+pm0F2BbXa78aY8PiSYujgb/8Wna+0afyncef7/16eHdFEmpHCkLKKd8o
aGkeRhHotl5Gh+guDR3zVMVsIm+7/KIuNLXqyY8QlrO3g1el5lvem3EubnJx4HPk
HzK/CnJe0ov8gLQN/DMHlWzJxJ7g+/1Qt2gyDs67BFzEtdAKXEqvIJgzq2j73c3r
XBHunjoeSjVrv4SjjDTIwx9V8zNgC0fuVZqNb86qQkClQOOkVmRn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:48 2025 by rpki-client