Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oVTl59i3y-XJP7B4lk6uP2PXRj0.roa
File: oVTl59i3y-XJP7B4lk6uP2PXRj0.roa (raw, json)
Hash identifier: 9v4iCmicjkac0FYcLZM1m6Ev0lFo2By3RexycRWkPfs=
Subject key identifier: A1:54:E5:E7:D8:B7:CB:E5:C9:3F:B0:78:96:4E:AE:3F:63:D7:46:3D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E8561890D38BB8E86E63EEB9485F79509
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oVTl59i3y-XJP7B4lk6uP2PXRj0.roa
Signing time: Thu 28 Mar 2024 14:05:45 +0000
ROA not before: Thu 28 Mar 2024 14:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 185.49.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 07:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:61:89:0d:38:bb:8e:86:e6:3e:eb:94:85:f7:95:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 28 14:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a154e5e7d8b7cbe5c93fb078964eae3f63d7463d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6b:28:50:b9:f2:4e:70:6e:e5:e0:b7:e9:bf:
3d:5e:63:5c:e9:1a:e6:85:d1:65:4d:40:f6:4e:70:
25:28:3d:ac:c9:17:c0:ba:a2:44:26:ee:e1:e5:75:
07:b7:7c:02:e3:3b:a4:58:a7:20:a6:d0:5d:c1:df:
6e:86:18:6b:fd:a9:e6:2b:e1:5f:eb:63:59:c3:16:
c6:b3:38:df:56:b8:b7:e3:7e:8a:28:43:bc:ef:ad:
05:f9:48:17:6c:e6:8b:51:1c:da:b0:31:da:b3:eb:
73:a6:c5:58:06:34:bc:a9:03:14:d5:e4:a5:7d:95:
35:8e:b1:ae:81:16:68:f9:6a:7a:4e:a7:35:2e:b1:
18:85:25:6b:76:2d:4e:10:1a:05:96:30:5e:cc:15:
bd:62:ec:78:35:d9:73:63:dc:7f:e8:f3:bd:12:36:
f9:23:14:1a:5b:50:9e:b9:97:c3:13:05:70:c5:2b:
ca:20:c7:cd:83:de:23:43:87:9c:bc:ee:8b:65:99:
ad:ff:11:8c:6d:ae:72:44:74:33:b7:66:28:66:a3:
1d:f8:9e:b1:41:31:3f:ab:5b:9c:48:cb:da:d2:a6:
f7:f4:99:91:60:cf:5a:14:a6:31:0e:2b:84:e3:af:
12:20:e3:1c:4e:28:f5:35:d1:61:f6:c9:6f:64:7d:
a7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:54:E5:E7:D8:B7:CB:E5:C9:3F:B0:78:96:4E:AE:3F:63:D7:46:3D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oVTl59i3y-XJP7B4lk6uP2PXRj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.127.0/24
Signature Algorithm: sha256WithRSAEncryption
92:7a:1c:dd:50:a3:72:a1:2b:79:eb:40:e1:4e:74:19:90:01:
31:81:92:c3:6a:7c:f9:69:9d:78:4d:59:07:ac:49:ed:38:f5:
45:c7:b1:44:e6:ee:bf:3c:57:e0:0b:bb:a7:63:2d:fb:d1:2b:
0f:c6:dc:27:e3:0c:87:e7:99:28:d5:83:48:15:c1:30:6e:a5:
19:a3:75:68:c8:e7:42:23:c3:c0:27:fd:74:b7:2e:aa:76:9e:
da:52:b6:d3:d7:76:1a:09:37:5e:6a:0d:df:5a:c0:32:73:bc:
80:b2:20:3f:be:4f:af:93:91:a7:1a:de:71:c4:d2:f6:28:e7:
43:65:90:a2:40:a5:e7:61:62:8d:61:a7:93:d4:64:40:ce:34:
0c:b8:d2:99:4b:e4:f4:ef:ae:de:55:b6:6c:77:52:59:df:ef:
c5:4b:0c:19:53:f5:e9:6d:ce:bb:7d:a5:76:b5:a2:cf:fd:3a:
15:ba:6e:2f:9e:69:a9:d1:6d:df:e5:ac:96:92:4f:e7:74:10:
46:5e:88:4c:e5:0e:39:4a:c9:f5:e9:d1:e4:94:e6:af:06:01:
be:38:d3:7e:59:c5:3e:14:f3:f7:8e:1e:48:2f:19:87:0e:8c:
65:18:51:12:aa:86:07:f2:e9:de:76:31:6e:77:e9:d1:67:7f:
cf:a4:5c:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6FYYkNOLuOhuY+65SF95UJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI4MTQwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU0ZTVlN2Q4YjdjYmU1YzkzZmIwNzg5NjRlYWUzZjYzZDc0NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2soULnyTnBu5eC36b89XmNc6Rrm
hdFlTUD2TnAlKD2syRfAuqJEJu7h5XUHt3wC4zukWKcgptBdwd9uhhhr/anmK+Ff
62NZwxbGszjfVri3436KKEO8760F+UgXbOaLURzasDHas+tzpsVYBjS8qQMU1eSl
fZU1jrGugRZo+Wp6Tqc1LrEYhSVrdi1OEBoFljBezBW9Yux4NdlzY9x/6PO9Ejb5
IxQaW1CeuZfDEwVwxSvKIMfNg94jQ4ecvO6LZZmt/xGMba5yRHQzt2YoZqMd+J6x
QTE/q1ucSMva0qb39JmRYM9aFKYxDiuE468SIOMcTij1NdFh9slvZH2nmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFU5efYt8vlyT+weJZOrj9j10Y9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1ZUbDU5aTN5LVhKUDdCNGxrNnVQMlBYUmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTF/MA0G
CSqGSIb3DQEBCwUAA4IBAQCSehzdUKNyoSt560DhTnQZkAExgZLDanz5aZ14TVkH
rEntOPVFx7FE5u6/PFfgC7unYy370SsPxtwn4wyH55ko1YNIFcEwbqUZo3VoyOdC
I8PAJ/10ty6qdp7aUrbT13YaCTdeag3fWsAyc7yAsiA/vk+vk5GnGt5xxNL2KOdD
ZZCiQKXnYWKNYaeT1GRAzjQMuNKZS+T0767eVbZsd1JZ3+/FSwwZU/Xpbc67faV2
taLP/ToVum4vnmmp0W3f5ayWkk/ndBBGXohM5Q45Ssn16dHklOavBgG+ONN+WcU+
FPP3jh5ILxmHDoxlGFESqoYH8unedjFud+nRZ3/PpFwP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:01 2025 by rpki-client