Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/oxKWRW1N2gw8hi2y3-XnWrt9Yow.roa
File: oxKWRW1N2gw8hi2y3-XnWrt9Yow.roa (raw, json)
Hash identifier: U7rqvK2orF51VzLOFi9A2WWQ3tZex09yXCx8Dg0aDko=
Subject key identifier: A3:12:96:45:6D:4D:DA:0C:3C:86:2D:B2:DF:E5:E7:5A:BB:7D:62:8C
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B7424EF612BD64A7775F461773965F
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/oxKWRW1N2gw8hi2y3-XnWrt9Yow.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12688
IP address blocks: 141.105.32.0/20 maxlen: 20
141.105.48.0/21 maxlen: 21
37.49.160.0/19 maxlen: 19
185.13.120.0/22 maxlen: 22
31.47.160.0/19 maxlen: 19
5.254.224.0/19 maxlen: 19
164.215.80.0/20 maxlen: 20
2a01:b580::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:4e:f6:12:bd:64:a7:77:5f:46:17:73:96:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a31296456d4dda0c3c862db2dfe5e75abb7d628c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f4:4f:16:e1:a2:96:58:1b:3e:dc:8b:85:30:
58:e4:76:9d:e6:ff:0d:e0:b7:ac:78:3b:4d:67:33:
c4:b6:30:fa:6c:85:e5:81:41:2c:28:01:a7:ed:35:
d6:3c:a5:ad:8c:84:46:eb:05:f2:df:f2:25:f8:3e:
8b:0a:92:5d:bf:f9:9f:61:0f:01:71:8a:96:57:b8:
23:6f:73:95:98:3a:57:e4:1d:dc:5b:2a:87:85:0a:
18:e2:c0:14:70:6a:cf:36:97:1a:51:ad:b5:c8:e1:
5b:7a:18:02:84:a7:24:be:cd:7f:d0:33:4b:aa:1d:
ab:35:16:8d:25:38:cb:ee:38:4f:20:3e:4b:e7:06:
a6:7e:73:f2:01:73:61:e1:f5:4c:7a:db:9a:56:88:
cc:ee:b9:56:7a:c5:4a:b5:d7:cc:b5:94:40:ba:a7:
bb:b1:7c:08:e0:e6:9f:d1:ad:df:d3:6f:95:c5:bc:
2f:32:99:8b:53:d2:09:5b:a7:c0:75:95:bd:5d:91:
aa:13:e3:d8:bd:d7:8b:03:49:c2:09:ad:e0:07:de:
39:24:15:10:ac:90:6e:a2:28:7a:1e:18:3d:a5:4d:
57:0e:c3:55:14:22:42:cf:0a:a2:28:50:15:81:3a:
fb:c7:25:d2:06:6d:22:7b:93:99:c6:dc:ff:86:8e:
85:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:12:96:45:6D:4D:DA:0C:3C:86:2D:B2:DF:E5:E7:5A:BB:7D:62:8C
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/oxKWRW1N2gw8hi2y3-XnWrt9Yow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.254.224.0/19
31.47.160.0/19
37.49.160.0/19
141.105.32.0-141.105.55.255
164.215.80.0/20
185.13.120.0/22
IPv6:
2a01:b580::/32
Signature Algorithm: sha256WithRSAEncryption
d8:9a:f1:8f:d4:30:7d:ad:41:09:cb:93:a3:41:96:b1:96:b1:
1b:b4:b6:77:9d:58:73:e6:51:86:0d:10:22:9e:a7:6c:cc:77:
91:0f:a2:43:56:69:37:fe:c1:ca:e5:4c:9b:e0:1b:1f:fa:e8:
09:81:4e:bf:f4:ac:2e:9c:e3:17:63:2e:84:cb:dc:9b:7a:b7:
3f:e4:a2:74:d6:72:9a:b7:7e:2c:50:1c:98:44:d8:21:ab:ac:
39:b7:69:47:7d:df:50:cb:e5:02:87:df:73:55:1b:cf:be:ea:
cc:6a:81:c1:bb:9a:46:73:d3:f0:ac:8f:32:b4:bd:64:5c:0e:
82:e7:e9:6b:c9:d0:31:b6:e5:81:5c:fb:18:5b:b3:a9:26:e0:
da:e7:09:69:4b:aa:f3:2c:88:0a:72:69:32:a3:e9:c5:2c:e6:
dc:73:4d:f8:cb:30:34:4f:5f:34:f8:f4:6c:b5:4a:83:9a:f6:
3d:a3:c0:c0:4a:22:6e:b6:10:8c:36:1a:57:2a:37:b3:85:fe:
23:cf:af:27:fe:89:09:e2:3c:2d:f0:90:b6:70:7d:7b:e7:d2:
07:f8:4d:7e:cc:fd:65:55:bb:97:0e:97:48:f4:5e:1f:13:86:
01:92:14:f9:bc:88:f9:ff:f2:2d:c1:ca:24:96:92:a8:bf:af:
79:f0:7e:80
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzDt0JO9hK9ZKd3X0YXc5ZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzEyOTY0NTZkNGRkYTBjM2M4NjJkYjJkZmU1ZTc1YWJiN2Q2MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPRPFuGillgbPtyLhTBY5Had5v8N
4LeseDtNZzPEtjD6bIXlgUEsKAGn7TXWPKWtjIRG6wXy3/Il+D6LCpJdv/mfYQ8B
cYqWV7gjb3OVmDpX5B3cWyqHhQoY4sAUcGrPNpcaUa21yOFbehgChKckvs1/0DNL
qh2rNRaNJTjL7jhPID5L5wamfnPyAXNh4fVMetuaVojM7rlWesVKtdfMtZRAuqe7
sXwI4Oaf0a3f02+VxbwvMpmLU9IJW6fAdZW9XZGqE+PYvdeLA0nCCa3gB945JBUQ
rJBuoih6Hhg9pU1XDsNVFCJCzwqiKFAVgTr7xyXSBm0ie5OZxtz/ho6FiQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKMSlkVtTdoMPIYtst/l51q7fWKMMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvb3hLV1JXMU4yZ3c4aGkyeTMtWG5XcnQ5WW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFBf7gAwQF
Hy+gAwQFJTGgMAwDBAWNaSADBAONaTADBASk11ADBAK5DXgwDQQCAAIwBwMFACoB
tYAwDQYJKoZIhvcNAQELBQADggEBANia8Y/UMH2tQQnLk6NBlrGWsRu0tnedWHPm
UYYNECKep2zMd5EPokNWaTf+wcrlTJvgGx/66AmBTr/0rC6c4xdjLoTL3Jt6tz/k
onTWcpq3fixQHJhE2CGrrDm3aUd931DL5QKH33NVG8++6sxqgcG7mkZz0/CsjzK0
vWRcDoLn6WvJ0DG25YFc+xhbs6km4NrnCWlLqvMsiApyaTKj6cUs5txzTfjLMDRP
XzT49Gy1SoOa9j2jwMBKIm62EIw2GlcqN7OF/iPPryf+iQniPC3wkLZwfXvn0gf4
TX7M/WVVu5cOl0j0Xh8ThgGSFPm8iPn/8i3ByiSWkqi/r3nwfoA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:46 2025 by rpki-client