Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/owUHZh6zDadwWYaTORfm-jkHfmc.roa
File: owUHZh6zDadwWYaTORfm-jkHfmc.roa (raw, json)
Hash identifier: WgaJ+u3GifDQVMmMXhgo/Xn9938qV4ZC16Vu6OTaVEY=
Subject key identifier: A3:05:07:66:1E:B3:0D:A7:70:59:86:93:39:17:E6:FA:39:07:7E:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EAEAD440C2A0A7312DA75823666DDF15A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/owUHZh6zDadwWYaTORfm-jkHfmc.roa
Signing time: Fri 05 Apr 2024 14:32:54 +0000
ROA not before: Fri 05 Apr 2024 14:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 82.153.1.0/24 maxlen: 24
212.38.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 13:13:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:ad:44:0c:2a:0a:73:12:da:75:82:36:66:dd:f1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 5 14:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30507661eb30da7705986933917e6fa39077e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:02:ee:39:80:00:52:a9:d3:48:a2:a0:32:d5:
a5:d2:9f:9b:97:7c:60:22:a8:ad:db:19:19:72:61:
21:93:8d:f2:32:5a:bf:6d:ea:fb:7d:f4:e9:d7:96:
b5:17:1a:e8:3c:09:f0:dd:5c:06:c7:2c:53:8a:83:
41:21:48:10:46:fc:4e:be:25:f3:d7:4c:a6:ba:25:
a2:19:e0:72:3b:9a:6b:0b:74:ef:7d:9c:63:0c:8e:
21:b4:86:ef:75:ed:46:95:79:75:6b:60:c8:5a:ba:
6d:18:af:68:fe:d6:2c:5d:b7:c8:be:a5:02:e7:9d:
85:0f:cb:cf:b2:93:b3:a8:e5:8b:3d:75:e8:7c:72:
a5:7a:24:bf:08:f9:9b:1d:94:55:4c:dc:b4:b7:ae:
77:09:ad:ba:60:7d:25:5e:98:3d:78:21:9d:d5:de:
34:ce:82:f4:0f:af:12:8a:91:4a:7a:17:47:79:e5:
a7:00:dc:c3:80:4c:fb:b8:89:d3:c4:1d:df:00:98:
8a:48:b4:5b:32:0a:db:ef:a5:06:97:94:a4:62:63:
83:1d:1f:d3:7f:4f:26:49:20:fb:41:19:52:a3:3c:
87:c3:76:02:59:01:49:ab:14:a6:79:9b:de:fc:dc:
0f:b0:ac:c8:d5:0d:24:9f:59:19:37:23:3d:7d:3a:
94:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:05:07:66:1E:B3:0D:A7:70:59:86:93:39:17:E6:FA:39:07:7E:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/owUHZh6zDadwWYaTORfm-jkHfmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.1.0/24
212.38.68.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:62:ee:ef:c1:b1:4b:8f:54:76:15:ed:79:f1:95:62:e2:cb:
bb:69:e9:de:90:5d:88:b6:fc:79:49:40:c3:07:c8:03:be:69:
9a:14:8b:a6:06:97:4f:bd:bf:fa:d2:3b:98:c4:a1:6c:07:c5:
9c:60:72:be:dd:99:da:84:ee:31:82:46:19:31:b9:a2:dc:38:
d7:2a:03:06:89:db:66:e1:91:ae:0e:0f:2c:07:31:dd:54:28:
74:d9:93:c6:10:0b:2a:4b:b5:c9:91:79:5b:b5:26:6e:7e:e1:
5c:d4:b6:67:2f:2c:8f:ac:da:ef:7b:fe:55:78:d4:3d:0c:0e:
ba:ad:4f:fd:4e:ac:cb:d0:80:47:be:24:12:77:4e:bc:ce:f5:
f4:9c:3d:04:59:1b:c4:58:e2:65:a2:d2:a9:87:66:f1:dc:3d:
64:75:b1:2a:9b:b4:60:fe:f0:60:75:7e:3f:9e:31:7a:62:31:
ae:53:94:06:fb:29:31:a9:2b:8b:4c:8e:c9:f7:da:ac:39:60:
53:66:3a:38:bc:12:3a:57:24:78:da:4c:20:6b:48:64:1f:e0:
6e:c3:1c:34:a2:ca:4f:3c:b8:b3:15:6a:87:2d:d5:cd:16:26:
5c:ee:8e:15:ad:dc:a6:62:7d:ca:65:75:b3:0f:29:d8:4d:1b:
3e:b1:df:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6urUQMKgpzEtp1gjZm3fFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA1MTQzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzA1MDc2NjFlYjMwZGE3NzA1OTg2OTMzOTE3ZTZmYTM5MDc3ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwLuOYAAUqnTSKKgMtWl0p+bl3xg
Iqit2xkZcmEhk43yMlq/ber7ffTp15a1FxroPAnw3VwGxyxTioNBIUgQRvxOviXz
10ymuiWiGeByO5prC3TvfZxjDI4htIbvde1GlXl1a2DIWrptGK9o/tYsXbfIvqUC
552FD8vPspOzqOWLPXXofHKleiS/CPmbHZRVTNy0t653Ca26YH0lXpg9eCGd1d40
zoL0D68SipFKehdHeeWnANzDgEz7uInTxB3fAJiKSLRbMgrb76UGl5SkYmODHR/T
f08mSSD7QRlSozyHw3YCWQFJqxSmeZve/NwPsKzI1Q0kn1kZNyM9fTqUXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKMFB2Yesw2ncFmGkzkX5vo5B35nMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3dVSFpoNnpEYWR3V1lhVE9SZm0tamtIZm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpkBAwQA
1CZEMA0GCSqGSIb3DQEBCwUAA4IBAQBdYu7vwbFLj1R2Fe158ZVi4su7aenekF2I
tvx5SUDDB8gDvmmaFIumBpdPvb/60juYxKFsB8WcYHK+3ZnahO4xgkYZMbmi3DjX
KgMGidtm4ZGuDg8sBzHdVCh02ZPGEAsqS7XJkXlbtSZufuFc1LZnLyyPrNrve/5V
eNQ9DA66rU/9TqzL0IBHviQSd068zvX0nD0EWRvEWOJlotKph2bx3D1kdbEqm7Rg
/vBgdX4/njF6YjGuU5QG+ykxqSuLTI7J99qsOWBTZjo4vBI6VyR42kwga0hkH+Bu
wxw0ospPPLizFWqHLdXNFiZc7o4VrdymYn3KZXWzDynYTRs+sd8N
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:08 2025 by rpki-client