Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/OOBDQXgnFgcKBNnHe0zNovyse9E.roa
File: OOBDQXgnFgcKBNnHe0zNovyse9E.roa (raw, json)
Hash identifier: oAdjxHRnj1HQxI4LF46Vucze+3yHtiEZFXuRxOEId1w=
Subject key identifier: 38:E0:43:41:78:27:16:07:0A:04:D9:C7:7B:4C:CD:A2:FC:AC:7B:D1
Certificate issuer: /CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Certificate serial: 018CC726EF02C7D579036CF1E301DAE6AA7E
Authority key identifier: C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/OOBDQXgnFgcKBNnHe0zNovyse9E.roa
Signing time: Mon 01 Jan 2024 22:31:06 +0000
ROA not before: Mon 01 Jan 2024 22:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12941
IP address blocks: 185.101.184.0/22 maxlen: 22
213.135.0.0/19 maxlen: 19
185.101.132.0/22 maxlen: 24
2a02:430::/32 maxlen: 32
2a06:1e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ef:02:c7:d5:79:03:6c:f1:e3:01:da:e6:aa:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Validity
Not Before: Jan 1 22:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e04341782716070a04d9c77b4ccda2fcac7bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:97:eb:a8:ff:76:84:06:1a:67:73:a3:4a:
86:61:38:cf:79:f7:a5:ce:93:d1:12:f1:4b:e3:77:
e9:23:cd:f8:6a:5f:79:8a:39:ee:8b:1f:9a:2a:a3:
a7:0c:29:89:31:37:c1:7b:86:2e:73:a1:1b:bf:5f:
1c:86:bb:a8:f8:19:6b:c6:cc:c0:11:5d:6d:65:15:
8b:bc:c0:2c:6b:44:aa:b2:bb:46:d3:3a:fb:06:a6:
9d:50:a0:6e:a5:7d:35:65:6b:cf:de:f2:93:7d:a1:
30:6d:62:ab:c7:30:25:39:92:cb:06:db:64:59:32:
48:4f:0c:e4:72:2d:a8:b1:9a:48:ec:c1:63:a8:a7:
8d:93:90:ee:61:97:95:6e:97:f8:7e:43:38:d9:21:
60:36:a3:9b:40:19:09:56:f2:74:f8:65:0a:d6:e7:
72:70:3f:78:a4:7c:24:35:3e:5b:6e:3a:35:29:8c:
9e:55:9c:1d:40:0b:6e:7c:58:2d:47:18:fc:6a:f0:
8b:cb:30:c7:d8:30:1e:18:15:fa:bf:87:f5:f5:72:
ec:4e:84:15:4b:68:5f:34:de:d1:b9:c6:96:21:e2:
c8:0d:9b:81:3e:db:4b:12:ce:d1:48:88:08:99:39:
d0:a4:9e:f2:79:33:06:4f:48:c8:19:5a:1b:fe:03:
49:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E0:43:41:78:27:16:07:0A:04:D9:C7:7B:4C:CD:A2:FC:AC:7B:D1
X509v3 Authority Key Identifier:
keyid:C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/OOBDQXgnFgcKBNnHe0zNovyse9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.132.0/22
185.101.184.0/22
213.135.0.0/19
IPv6:
2a02:430::/32
2a06:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:27:2f:02:ca:17:3a:08:29:14:b9:af:bc:78:0e:7c:12:36:
71:e3:c1:3d:d5:1d:30:2d:c9:69:a7:66:97:ce:1e:6b:f6:a3:
8b:78:5b:ae:65:5b:1a:0a:23:1d:05:ce:fd:27:a5:7b:30:9a:
9d:bf:f0:79:ff:d6:ad:03:de:c8:b4:44:dc:19:42:28:8d:87:
ce:09:26:fe:a4:15:d8:33:c8:f8:db:86:b7:58:90:ea:87:a3:
86:d0:29:2d:9e:83:fd:60:af:9f:c6:b1:9d:eb:1b:92:f2:93:
50:56:68:ed:9a:5c:c0:48:35:a6:e1:2b:49:03:b3:bc:fb:f1:
4f:18:5e:94:97:50:e5:5f:81:2a:8c:1e:7b:a0:f6:dc:1c:78:
3e:62:7b:99:83:0c:a7:d4:ea:60:27:37:69:0b:ad:78:fa:8d:
38:bf:b0:5e:1a:62:bb:7c:b8:a6:b6:0d:07:91:df:ff:f6:27:
18:68:d5:3a:81:f5:42:c5:bc:bb:f9:d8:09:74:7a:62:91:26:
86:ef:38:23:89:00:e1:d0:97:30:52:c1:b4:34:92:63:9d:8a:
fb:49:2c:cd:d2:38:d8:04:9d:90:1f:cf:0f:4f:99:51:9c:3d:
f7:36:08:be:ce:57:8f:bc:90:41:3e:34:07:8d:28:c4:3c:35:
bb:37:ce:7f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHJu8Cx9V5A2zx4wHa5qp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTk2OGVkYjcyYzE1ZjVmOTU2N2ZkMzQyNjdiODc0ODVl
ZjM2ZDEwHhcNMjQwMTAxMjIzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGUwNDM0MTc4MjcxNjA3MGEwNGQ5Yzc3YjRjY2RhMmZjYWM3YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTeX66j/doQGGmdzo0qGYTjPefel
zpPREvFL43fpI834al95ijnuix+aKqOnDCmJMTfBe4Yuc6Ebv18chruo+BlrxszA
EV1tZRWLvMAsa0SqsrtG0zr7BqadUKBupX01ZWvP3vKTfaEwbWKrxzAlOZLLBttk
WTJITwzkci2osZpI7MFjqKeNk5DuYZeVbpf4fkM42SFgNqObQBkJVvJ0+GUK1udy
cD94pHwkNT5bbjo1KYyeVZwdQAtufFgtRxj8avCLyzDH2DAeGBX6v4f19XLsToQV
S2hfNN7RucaWIeLIDZuBPttLEs7RSIgImTnQpJ7yeTMGT0jIGVob/gNJrQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDjgQ0F4JxYHCgTZx3tMzaL8rHvRMB8GA1UdIwQY
MBaAFMWpaO23LBX1+VZ/00JnuHSF7zbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMt
YjJjMGRmYThhMGUxLzEvT09CRFFYZ25GZ2NLQk5uSGUwek5vdnlzZTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMtYjJjMGRmYThhMGUx
LzEveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuWWEAwQC
uWW4AwQF1YcAMBQEAgACMA4DBQAqAgQwAwUDKgYeQDANBgkqhkiG9w0BAQsFAAOC
AQEAPicvAsoXOggpFLmvvHgOfBI2cePBPdUdMC3Jaadml84ea/aji3hbrmVbGgoj
HQXO/SelezCanb/wef/WrQPeyLRE3BlCKI2Hzgkm/qQV2DPI+NuGt1iQ6oejhtAp
LZ6D/WCvn8axnesbkvKTUFZo7ZpcwEg1puErSQOzvPvxTxhelJdQ5V+BKowee6D2
3Bx4PmJ7mYMMp9TqYCc3aQutePqNOL+wXhpiu3y4prYNB5Hf//YnGGjVOoH1QsW8
u/nYCXR6YpEmhu84I4kA4dCXMFLBtDSSY52K+0kszdI42ASdkB/PD0+ZUZw99zYI
vs5Xj7yQQT40B40oxDw1uzfOfw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:52 2025 by rpki-client