Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFqy07Uab8jZH-A8mrtEuNEh-KI.roa
File: OFqy07Uab8jZH-A8mrtEuNEh-KI.roa (raw, json)
Hash identifier: hNfhu+SL1A5j/XOv6haqu8tikttYO0r/LNAtxEWxiXo=
Subject key identifier: 38:5A:B2:D3:B5:1A:6F:C8:D9:1F:E0:3C:9A:BB:44:B8:D1:21:F8:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B09BD755B985502FFF57689BA45BC23
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFqy07Uab8jZH-A8mrtEuNEh-KI.roa
Signing time: Sun 30 Jun 2024 21:25:18 +0000
ROA not before: Sun 30 Jun 2024 21:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215740
IP address blocks: 82.153.138.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:09:bd:75:5b:98:55:02:ff:f5:76:89:ba:45:bc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385ab2d3b51a6fc8d91fe03c9abb44b8d121f8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f0:14:60:60:87:7f:af:cf:b4:f7:ad:ec:9a:
f9:8a:aa:68:34:5b:d7:dc:fc:94:a5:3e:0f:e5:a7:
41:fa:6a:67:7a:f2:20:2f:7c:db:f4:6f:dd:6d:54:
ef:11:f3:16:c1:7a:fb:fe:ef:40:c9:e9:b2:d4:77:
11:c3:0a:87:9b:2c:d2:5b:70:e5:6f:1c:db:dd:aa:
15:cc:d2:66:b6:6e:3e:86:89:a6:e2:16:1e:7f:34:
5b:5f:74:f3:91:25:0a:3a:4a:ca:4d:f1:84:1e:73:
ac:11:5c:72:a9:31:81:28:d7:58:cb:64:18:8d:00:
76:f5:87:4c:13:b7:4b:ba:32:a9:96:15:d3:85:12:
1e:b2:52:aa:f2:f7:57:65:76:d0:a6:e0:cd:fc:c8:
f7:c4:4c:41:1b:70:8b:26:97:8a:4f:81:4b:50:8a:
b2:cd:99:6d:a4:29:28:1f:38:59:bd:5e:5f:ff:68:
02:ef:f2:0e:02:1d:20:fa:53:a6:49:2e:64:6b:b4:
9f:fd:34:e3:a9:ab:60:f5:2a:7f:e6:c1:d7:4f:d0:
ea:fe:f1:84:d0:a8:bd:87:89:6d:1e:76:0d:ba:da:
bb:f7:da:0f:c0:18:e2:61:e6:a8:e0:47:5b:73:e2:
3f:ba:a3:4e:17:93:55:a9:dd:7a:90:b8:a4:16:b3:
eb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5A:B2:D3:B5:1A:6F:C8:D9:1F:E0:3C:9A:BB:44:B8:D1:21:F8:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OFqy07Uab8jZH-A8mrtEuNEh-KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.138.0/24
89.213.174.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2c:28:c1:d6:00:2d:9f:04:92:a3:80:44:54:f3:3c:87:45:
df:08:c5:4e:88:43:56:f9:b7:6b:cc:87:f6:17:c6:ce:ea:7f:
eb:f6:6d:70:31:72:0c:58:b5:9f:0e:56:5c:34:79:b4:b0:8e:
2a:40:d7:f6:d2:91:7f:0d:b5:82:6b:a8:17:be:84:69:f2:7d:
5c:3b:7c:9b:95:29:9c:6d:8f:e1:57:4a:e8:24:1e:e6:5f:d1:
79:ca:d2:68:2a:50:17:ed:7b:71:6f:dc:c2:a7:09:dc:b0:1d:
36:b9:89:f4:f0:2f:af:6d:f6:13:af:c4:07:6e:fd:d9:be:f3:
8a:d7:25:78:39:d3:22:a7:4b:07:a7:01:54:04:03:19:71:90:
b1:f5:9b:17:6a:cb:2f:47:a6:c8:52:8c:40:ee:82:b7:ab:57:
17:be:94:9b:b5:e1:b3:78:1a:ee:45:a3:fa:8c:3d:87:7f:8f:
f1:b9:82:10:65:1b:36:eb:60:2f:77:61:60:a8:e9:57:27:78:
c7:5a:a5:c9:f9:a8:f9:7b:ba:3c:4c:d2:c5:1d:92:3d:fe:8b:
5c:52:f0:7b:54:cb:82:14:75:ba:d0:71:5e:bf:d6:2d:c6:f3:
4f:e8:18:47:c2:07:72:c0:3e:ea:19:9f:59:0a:e0:98:22:bc:
db:e5:8c:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBrCb11W5hVAv/1dom6RbwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjEyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVhYjJkM2I1MWE2ZmM4ZDkxZmUwM2M5YWJiNDRiOGQxMjFmOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfAUYGCHf6/PtPet7Jr5iqpoNFvX
3PyUpT4P5adB+mpnevIgL3zb9G/dbVTvEfMWwXr7/u9Ayemy1HcRwwqHmyzSW3Dl
bxzb3aoVzNJmtm4+homm4hYefzRbX3TzkSUKOkrKTfGEHnOsEVxyqTGBKNdYy2QY
jQB29YdME7dLujKplhXThRIeslKq8vdXZXbQpuDN/Mj3xExBG3CLJpeKT4FLUIqy
zZltpCkoHzhZvV5f/2gC7/IOAh0g+lOmSS5ka7Sf/TTjqatg9Sp/5sHXT9Dq/vGE
0Ki9h4ltHnYNutq799oPwBjiYeao4Edbc+I/uqNOF5NVqd16kLikFrPrmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhastO1Gm/I2R/gPJq7RLjRIfiiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT0ZxeTA3VWFiOGpaSC1BOG1ydEV1TkVoLUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpmKAwQA
WdWuMA0GCSqGSIb3DQEBCwUAA4IBAQCILCjB1gAtnwSSo4BEVPM8h0XfCMVOiENW
+bdrzIf2F8bO6n/r9m1wMXIMWLWfDlZcNHm0sI4qQNf20pF/DbWCa6gXvoRp8n1c
O3yblSmcbY/hV0roJB7mX9F5ytJoKlAX7Xtxb9zCpwncsB02uYn08C+vbfYTr8QH
bv3ZvvOK1yV4OdMip0sHpwFUBAMZcZCx9ZsXassvR6bIUoxA7oK3q1cXvpSbteGz
eBruRaP6jD2Hf4/xuYIQZRs262Avd2FgqOlXJ3jHWqXJ+aj5e7o8TNLFHZI9/otc
UvB7VMuCFHW60HFev9YtxvNP6BhHwgdywD7qGZ9ZCuCYIrzb5YxO
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:15 2025 by rpki-client