Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/ow3kGcBfQLCy1Obry-0D0YG99-o.roa
File: ow3kGcBfQLCy1Obry-0D0YG99-o.roa (raw, json)
Hash identifier: z9xOmEjOqYVcX5HwpPlJyfjXLQ6R8OqgEUJTKtRf4hc=
Subject key identifier: A3:0D:E4:19:C0:5F:40:B0:B2:D4:E6:EB:CB:ED:03:D1:81:BD:F7:EA
Certificate issuer: /CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Certificate serial: 018CC86F335E2B131336A17CFF878FA640C1
Authority key identifier: 8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/ow3kGcBfQLCy1Obry-0D0YG99-o.roa
Signing time: Tue 02 Jan 2024 04:29:39 +0000
ROA not before: Tue 02 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205961
IP address blocks: 185.200.20.0/22 maxlen: 22
2a0b:24c1::/33 maxlen: 33
Validation: Failed, certificate revoked on Sun 28 Jul 2024 04:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:33:5e:2b:13:13:36:a1:7c:ff:87:8f:a6:40:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Validity
Not Before: Jan 2 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30de419c05f40b0b2d4e6ebcbed03d181bdf7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4c:e8:7d:5c:a1:97:93:6f:30:cc:08:67:ee:
11:48:50:5b:ef:71:88:25:55:95:f5:4c:34:41:51:
97:45:5e:9c:78:df:f6:43:b6:9d:18:c1:d3:c9:9a:
1c:66:a6:6f:50:c3:64:83:2e:22:d3:51:b0:1b:89:
55:5d:b2:f4:d0:bf:4b:eb:05:29:90:89:f5:2b:b4:
65:13:c0:76:ee:15:c8:fa:64:64:2c:29:b7:13:20:
31:a8:81:e1:b3:3f:1b:42:6c:db:df:4c:76:a9:19:
25:aa:74:1b:c2:48:ac:91:b0:36:95:b9:c9:7e:cf:
ba:bb:63:0c:90:58:5a:68:2d:3d:c0:f8:98:83:56:
a0:21:8e:ce:91:e7:51:7e:09:6d:9a:ea:e3:d5:84:
18:46:2b:bd:fa:6c:33:ac:d0:47:17:cd:a9:1d:a0:
87:39:89:a4:33:a3:75:59:2d:85:c8:e8:b0:b0:7d:
de:d0:a8:3f:e6:a0:5b:c7:87:4a:37:c5:52:bc:3e:
fe:c5:e8:3e:31:e6:d7:0a:6c:40:6f:05:fa:9a:e6:
cc:30:cd:71:44:34:26:88:2c:fa:50:db:04:05:c2:
bb:9e:b4:84:a6:07:a4:3d:ff:f2:92:92:6d:5d:7e:
ab:ec:21:69:37:70:ca:62:67:56:13:f6:4f:fc:29:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0D:E4:19:C0:5F:40:B0:B2:D4:E6:EB:CB:ED:03:D1:81:BD:F7:EA
X509v3 Authority Key Identifier:
keyid:8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/ow3kGcBfQLCy1Obry-0D0YG99-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.20.0/22
IPv6:
2a0b:24c1::/33
Signature Algorithm: sha256WithRSAEncryption
41:58:b9:e5:2e:5e:81:a4:fd:6a:a1:ca:a5:06:99:51:34:fe:
61:e6:90:20:a5:9c:4a:08:e5:eb:14:82:de:a7:b7:78:f3:db:
a2:76:6d:62:92:2f:84:cb:b0:ca:0a:30:40:85:69:bf:cb:34:
a5:aa:4b:df:f0:08:53:71:87:00:2e:dd:a2:09:5b:02:28:94:
da:68:3e:39:4c:8a:fc:e1:68:99:93:70:8f:dc:f0:ed:1e:86:
47:96:02:e8:de:48:73:83:2d:b9:12:95:5d:3c:dd:6b:58:a8:
c4:1c:09:5f:78:dc:ed:f2:01:cd:25:48:52:f4:73:85:17:ce:
5c:42:d9:c9:2c:8a:00:27:33:f3:d4:64:84:f9:8a:63:11:92:
a2:aa:05:51:5c:da:50:07:ba:df:27:12:04:f5:80:57:28:d4:
3a:7e:1e:87:c3:2e:8b:78:a2:7d:67:8d:4f:b0:e8:6c:c7:86:
6d:f3:67:1c:67:dd:e0:a8:d5:6f:e6:76:71:3d:82:9d:19:da:
01:a5:8d:8e:08:e6:48:d7:b6:7c:57:27:00:ad:24:ed:81:fa:
45:92:95:c0:8e:e0:d1:81:f8:1c:f0:50:2c:63:86:0f:44:c0:
91:52:3b:6c:c2:8d:cf:b1:63:74:bd:5c:c2:24:61:d3:d9:6f:
6e:33:92:a5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIbzNeKxMTNqF8/4ePpkDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2I0OTZlYTdjZjc2M2QwNTgzMDgzNzFlMWJmNjdlNTNi
YzdiYTMwHhcNMjQwMTAyMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBkZTQxOWMwNWY0MGIwYjJkNGU2ZWJjYmVkMDNkMTgxYmRmN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUzofVyhl5NvMMwIZ+4RSFBb73GI
JVWV9Uw0QVGXRV6ceN/2Q7adGMHTyZocZqZvUMNkgy4i01GwG4lVXbL00L9L6wUp
kIn1K7RlE8B27hXI+mRkLCm3EyAxqIHhsz8bQmzb30x2qRklqnQbwkiskbA2lbnJ
fs+6u2MMkFhaaC09wPiYg1agIY7OkedRfgltmurj1YQYRiu9+mwzrNBHF82pHaCH
OYmkM6N1WS2FyOiwsH3e0Kg/5qBbx4dKN8VSvD7+xeg+MebXCmxAbwX6mubMMM1x
RDQmiCz6UNsEBcK7nrSEpgekPf/ykpJtXX6r7CFpN3DKYmdWE/ZP/CkEEQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKMN5BnAX0CwstTm68vtA9GBvffqMB8GA1UdIwQY
MBaAFI97SW6nz3Y9BYMINx4b9n5TvHujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUt
MjUxYjAxOWQ1MWE4LzEvb3cza0djQmZRTEN5MU9icnktMEQwWUc5OS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUtMjUxYjAxOWQ1MWE4
LzEvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCucgUMA4E
AgACMAgDBgcqCyTBADANBgkqhkiG9w0BAQsFAAOCAQEAQVi55S5egaT9aqHKpQaZ
UTT+YeaQIKWcSgjl6xSC3qe3ePPbonZtYpIvhMuwygowQIVpv8s0papL3/AIU3GH
AC7doglbAiiU2mg+OUyK/OFomZNwj9zw7R6GR5YC6N5Ic4MtuRKVXTzda1ioxBwJ
X3jc7fIBzSVIUvRzhRfOXELZySyKACcz89RkhPmKYxGSoqoFUVzaUAe63ycSBPWA
VyjUOn4eh8Mui3iifWeNT7DobMeGbfNnHGfd4KjVb+Z2cT2CnRnaAaWNjgjmSNe2
fFcnAK0k7YH6RZKVwI7g0YH4HPBQLGOGD0TAkVI7bMKNz7FjdL1cwiRh09lvbjOS
pQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:50:54 2025 by rpki-client