Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/odB_fNOHcTyI2smwYuxntxbc4e8.roa
File: odB_fNOHcTyI2smwYuxntxbc4e8.roa (raw, json)
Hash identifier: qMDO0gfabs+HcArzEwldf1+cou3BtQSXvePDG38VaKI=
Subject key identifier: A1:D0:7F:7C:D3:87:71:3C:88:DA:C9:B0:62:EC:67:B7:16:DC:E1:EF
Certificate issuer: /CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Certificate serial: 019445DF73C3A16C0B2CCBB7CB13B465CA85
Authority key identifier: A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/odB_fNOHcTyI2smwYuxntxbc4e8.roa
Signing time: Wed 08 Jan 2025 12:24:19 +0000
ROA not before: Wed 08 Jan 2025 12:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20694
IP address blocks: 185.166.200.0/22 maxlen: 24
188.94.24.0/21 maxlen: 21
217.114.64.0/20 maxlen: 20
2a01:688::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Jan 2025 08:53:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:df:73:c3:a1:6c:0b:2c:cb:b7:cb:13:b4:65:ca:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a34f365e78064b58c44d48cfb39291d3fb1d9e10
Validity
Not Before: Jan 8 12:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1d07f7cd387713c88dac9b062ec67b716dce1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:c0:9b:b4:53:29:18:f4:bb:40:3d:73:29:
55:9c:0e:f5:6a:12:fe:af:8a:c8:7b:ab:ab:8e:81:
1b:cf:20:7c:84:4f:a4:cb:ae:48:d8:4d:7b:4f:55:
78:e5:a7:8b:b8:4a:75:38:2e:67:5e:b2:f2:dc:a0:
11:c5:c1:27:25:6e:15:36:e8:93:b8:01:50:c9:ef:
7e:43:32:8a:80:9d:54:d2:16:3f:3b:3c:7a:82:fe:
2a:8f:75:56:00:2b:57:74:71:84:78:c3:f9:29:bb:
30:3c:87:92:9d:41:25:80:05:bd:33:69:b8:d8:e6:
30:7b:59:db:6a:d2:1e:e1:cb:14:44:49:47:9d:f4:
0f:f2:63:5d:35:4e:fc:86:b1:bc:4c:5d:b4:58:94:
fb:07:94:d2:4a:59:79:d8:fb:05:b3:26:21:3e:2b:
10:85:c7:d9:03:a7:36:76:06:d0:49:0a:f2:52:fb:
5d:73:51:a2:b2:fd:45:1c:70:c4:fd:94:45:97:55:
34:c2:c7:32:c4:28:1f:1c:d9:1a:1e:5a:0b:76:4d:
cf:08:5f:62:6b:68:96:87:e2:a9:c8:c0:8e:93:1c:
c6:ae:33:09:1c:bb:28:5f:70:8a:34:9c:19:9f:4b:
05:56:35:64:3c:63:27:77:d5:3d:4c:6a:31:b6:79:
f7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D0:7F:7C:D3:87:71:3C:88:DA:C9:B0:62:EC:67:B7:16:DC:E1:EF
X509v3 Authority Key Identifier:
keyid:A3:4F:36:5E:78:06:4B:58:C4:4D:48:CF:B3:92:91:D3:FB:1D:9E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o082XngGS1jETUjPs5KR0_sdnhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/odB_fNOHcTyI2smwYuxntxbc4e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3ee7c5-1264-47e9-8a12-041b78ada215/1/o082XngGS1jETUjPs5KR0_sdnhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.200.0/22
188.94.24.0/21
217.114.64.0/20
IPv6:
2a01:688::/32
Signature Algorithm: sha256WithRSAEncryption
00:06:e9:da:37:17:7f:ed:7d:a5:46:db:07:b0:08:7b:bd:e5:
16:57:35:54:a7:8a:73:c6:2d:9d:03:14:92:9c:d5:38:21:44:
37:bd:9b:10:97:5b:f5:9b:f4:70:6e:9c:cf:0a:51:28:59:dc:
06:17:b7:28:19:53:4d:06:0a:ef:11:c0:0c:f6:a9:f3:a1:86:
1e:f4:cf:8c:fa:30:64:18:9f:54:df:af:28:38:45:ff:fe:ba:
1c:db:3d:ce:ba:b0:d0:6b:0b:7a:d1:e1:af:17:58:15:05:45:
a5:cf:7d:3b:e4:91:4b:94:b9:e8:4b:0f:5f:f7:9e:46:b8:77:
df:9c:43:c3:66:72:a2:1f:4e:b8:be:d5:7e:a5:d5:12:0e:1a:
88:fa:41:1f:f9:c5:a5:66:0c:dd:91:31:8c:b0:ac:2f:20:c6:
94:c4:fd:da:82:a5:ee:cf:0d:b2:6c:d1:8c:26:9f:e9:17:33:
1f:f3:c4:e8:26:89:1b:47:20:0f:97:a1:a3:23:63:bf:53:40:
32:8b:9c:6e:fa:a1:ee:86:7e:91:e3:1e:fe:2c:1e:7f:a8:9d:
ff:5d:77:57:e3:1d:bc:03:f0:19:b8:b5:09:d4:72:39:18:06:
b0:58:29:27:83:9c:49:26:76:5b:e1:54:73:3a:f7:04:4f:a9:
8d:0d:26:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRF33PDoWwLLMu3yxO0ZcqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNGYzNjVlNzgwNjRiNThjNDRkNDhjZmIzOTI5MWQzZmIx
ZDllMTAwHhcNMjUwMTA4MTIyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQwN2Y3Y2QzODc3MTNjODhkYWM5YjA2MmVjNjdiNzE2ZGNlMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQrAm7RTKRj0u0A9cylVnA71ahL+
r4rIe6urjoEbzyB8hE+ky65I2E17T1V45aeLuEp1OC5nXrLy3KARxcEnJW4VNuiT
uAFQye9+QzKKgJ1U0hY/Ozx6gv4qj3VWACtXdHGEeMP5KbswPIeSnUElgAW9M2m4
2OYwe1nbatIe4csURElHnfQP8mNdNU78hrG8TF20WJT7B5TSSll52PsFsyYhPisQ
hcfZA6c2dgbQSQryUvtdc1Gisv1FHHDE/ZRFl1U0wscyxCgfHNkaHloLdk3PCF9i
a2iWh+KpyMCOkxzGrjMJHLsoX3CKNJwZn0sFVjVkPGMnd9U9TGoxtnn3EwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKHQf3zTh3E8iNrJsGLsZ7cW3OHvMB8GA1UdIwQY
MBaAFKNPNl54BktYxE1Iz7OSkdP7HZ4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTIt
MDQxYjc4YWRhMjE1LzEvb2RCX2ZOT0hjVHlJMnNtd1l1eG50eGJjNGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZWU3YzUtMTI2NC00N2U5LThhMTItMDQxYjc4YWRhMjE1
LzEvbzA4MlhuZ0dTMWpFVFVqUHM1S1IwX3NkbmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuabIAwQD
vF4YAwQE2XJAMA0EAgACMAcDBQAqAQaIMA0GCSqGSIb3DQEBCwUAA4IBAQAABuna
Nxd/7X2lRtsHsAh7veUWVzVUp4pzxi2dAxSSnNU4IUQ3vZsQl1v1m/RwbpzPClEo
WdwGF7coGVNNBgrvEcAM9qnzoYYe9M+M+jBkGJ9U368oOEX//roc2z3OurDQawt6
0eGvF1gVBUWlz3075JFLlLnoSw9f955GuHffnEPDZnKiH064vtV+pdUSDhqI+kEf
+cWlZgzdkTGMsKwvIMaUxP3agqXuzw2ybNGMJp/pFzMf88ToJokbRyAPl6GjI2O/
U0Ayi5xu+qHuhn6R4x7+LB5/qJ3/XXdX4x28A/AZuLUJ1HI5GAawWCkng5xJJnZb
4VRzOvcET6mNDSaC
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:59 2025 by rpki-client