Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/OT1WC93daMXIv8V6xgnOcLZ0Ix8.roa
File: OT1WC93daMXIv8V6xgnOcLZ0Ix8.roa (raw, json)
Hash identifier: vT+qXhaFzOj2G7/I/rtqx5s8u8yY2TYQxlHx/qBnXPs=
Subject key identifier: 39:3D:56:0B:DD:DD:68:C5:C8:BF:C5:7A:C6:09:CE:70:B6:74:23:1F
Certificate issuer: /CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Certificate serial: 018CC6B8BB2C9FACD114F08A16E2E86FE613
Authority key identifier: 64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/OT1WC93daMXIv8V6xgnOcLZ0Ix8.roa
Signing time: Mon 01 Jan 2024 20:30:44 +0000
ROA not before: Mon 01 Jan 2024 20:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9023
IP address blocks: 194.37.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:bb:2c:9f:ac:d1:14:f0:8a:16:e2:e8:6f:e6:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64753d20b98a0ee770c3b5166a3f4a07f0515bdd
Validity
Not Before: Jan 1 20:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=393d560bdddd68c5c8bfc57ac609ce70b674231f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:da:94:ee:24:4c:90:aa:11:38:8c:b2:89:
f0:6c:b0:d4:8e:0d:04:43:00:cb:e6:36:2e:1f:f3:
41:0f:28:43:cb:c1:9c:74:8a:71:b6:47:2d:91:3b:
30:3c:95:04:15:63:42:7c:3a:28:a4:51:42:ff:31:
1c:7d:2e:14:f5:37:3d:9b:60:d1:25:53:2d:16:81:
32:65:e9:15:86:00:ce:9c:7f:bb:4a:8c:8f:a5:57:
ea:9c:14:a3:be:88:09:98:f3:81:c6:0a:bb:7d:0f:
fb:e3:e9:02:7e:b8:55:d6:44:e5:f7:49:83:1a:cb:
52:97:d8:f8:d8:21:c0:55:84:8f:83:79:47:3e:48:
a0:b2:b4:76:00:60:77:bc:c9:0c:74:47:33:cc:6d:
f3:fa:be:11:cb:18:3c:c8:d4:f3:6a:23:18:05:af:
b3:84:2f:e9:64:7c:fe:07:32:13:f2:9b:bf:05:9d:
d5:64:5d:ab:74:40:f1:23:92:81:00:e0:1a:00:f5:
3e:f3:ec:8b:a2:c8:03:5b:38:34:12:6f:ee:c8:84:
79:31:2a:af:5f:38:24:d5:50:91:d0:86:eb:02:71:
b6:f8:e8:8c:8f:44:d3:e2:c2:9e:11:8f:48:e4:e9:
9e:e6:52:1a:71:56:8d:dc:24:6c:fa:a6:ac:8d:28:
84:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3D:56:0B:DD:DD:68:C5:C8:BF:C5:7A:C6:09:CE:70:B6:74:23:1F
X509v3 Authority Key Identifier:
keyid:64:75:3D:20:B9:8A:0E:E7:70:C3:B5:16:6A:3F:4A:07:F0:51:5B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHU9ILmKDudww7UWaj9KB_BRW90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/OT1WC93daMXIv8V6xgnOcLZ0Ix8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/ebed7d-5090-417a-b5b8-aa995902b84b/1/ZHU9ILmKDudww7UWaj9KB_BRW90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.253.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f7:8c:f1:bd:73:5e:77:c0:b3:e3:a0:78:09:e3:52:47:09:
7f:c2:34:bf:fb:1e:d2:24:b0:f9:70:93:c7:1b:d7:49:f5:ce:
43:4f:85:ec:15:b8:6d:16:2e:47:68:00:c7:a8:47:48:97:58:
c9:f1:89:53:c1:af:b4:53:57:d5:c2:cf:57:7e:ab:0b:ae:5e:
59:25:88:f1:36:9c:41:5c:55:2a:41:28:84:73:d5:40:0c:05:
09:76:61:61:45:bc:c6:91:b4:2e:e8:31:d0:82:4c:41:ea:00:
c6:8f:5c:e9:c2:64:81:25:1f:71:96:63:b7:69:da:82:8e:89:
a0:bd:0a:83:8f:0d:c1:03:1e:68:07:33:e1:10:e0:c2:d7:55:
ce:c1:44:00:d9:7a:e0:0c:09:ad:6a:a7:10:d5:49:d1:07:d2:
fd:d9:ed:2b:17:16:82:13:80:e6:4a:fd:98:05:ce:ff:1d:76:
74:a7:d2:c2:75:65:b1:ea:98:72:ef:bd:e2:af:e1:21:e3:e7:
49:4e:db:39:db:9a:f4:0d:e3:29:c1:ed:7d:f1:38:24:7a:6e:
55:67:ef:d8:b4:6d:44:6b:96:5a:58:5f:98:22:c2:3d:80:c0:
3b:b2:d6:b6:66:65:d8:bf:7c:88:eb:fe:f2:85:cf:12:b2:78:
67:be:a3:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuLssn6zRFPCKFuLob+YTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NzUzZDIwYjk4YTBlZTc3MGMzYjUxNjZhM2Y0YTA3ZjA1
MTViZGQwHhcNMjQwMTAxMjAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNkNTYwYmRkZGQ2OGM1YzhiZmM1N2FjNjA5Y2U3MGI2NzQyMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1nalO4kTJCqETiMsonwbLDUjg0E
QwDL5jYuH/NBDyhDy8GcdIpxtkctkTswPJUEFWNCfDoopFFC/zEcfS4U9Tc9m2DR
JVMtFoEyZekVhgDOnH+7SoyPpVfqnBSjvogJmPOBxgq7fQ/74+kCfrhV1kTl90mD
GstSl9j42CHAVYSPg3lHPkigsrR2AGB3vMkMdEczzG3z+r4Ryxg8yNTzaiMYBa+z
hC/pZHz+BzIT8pu/BZ3VZF2rdEDxI5KBAOAaAPU+8+yLosgDWzg0Em/uyIR5MSqv
Xzgk1VCR0IbrAnG2+OiMj0TT4sKeEY9I5Ome5lIacVaN3CRs+qasjSiEbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk9Vgvd3WjFyL/FesYJznC2dCMfMB8GA1UdIwQY
MBaAFGR1PSC5ig7ncMO1Fmo/SgfwUVvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkhVOUlMbUtEdWR3dzdVV2FqOUtCX0JSVzkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lYmVkN2QtNTA5MC00MTdhLWI1Yjgt
YWE5OTU5MDJiODRiLzEvT1QxV0M5M2RhTVhJdjhWNnhnbk9jTFowSXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lYmVkN2QtNTA5MC00MTdhLWI1YjgtYWE5OTU5MDJiODRi
LzEvWkhVOUlMbUtEdWR3dzdVV2FqOUtCX0JSVzkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiX9MA0G
CSqGSIb3DQEBCwUAA4IBAQCH94zxvXNed8Cz46B4CeNSRwl/wjS/+x7SJLD5cJPH
G9dJ9c5DT4XsFbhtFi5HaADHqEdIl1jJ8YlTwa+0U1fVws9XfqsLrl5ZJYjxNpxB
XFUqQSiEc9VADAUJdmFhRbzGkbQu6DHQgkxB6gDGj1zpwmSBJR9xlmO3adqCjomg
vQqDjw3BAx5oBzPhEODC11XOwUQA2XrgDAmtaqcQ1UnRB9L92e0rFxaCE4DmSv2Y
Bc7/HXZ0p9LCdWWx6phy773ir+Eh4+dJTts525r0DeMpwe198Tgkem5VZ+/YtG1E
a5ZaWF+YIsI9gMA7sta2ZmXYv3yI6/7yhc8SsnhnvqPd
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:00:06 2025 by rpki-client