Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/o83PvLWCdIAloGkuJVFOxZTQvn4.roa
File: o83PvLWCdIAloGkuJVFOxZTQvn4.roa (raw, json)
Hash identifier: udEEynvonrYYCr6m3Jgkz9KYqIybMvtQ6rYAWqOcSQU=
Subject key identifier: A3:CD:CF:BC:B5:82:74:80:25:A0:69:2E:25:51:4E:C5:94:D0:BE:7E
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018CC8021DC7994E7C85214C2C69E5D6F60E
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/o83PvLWCdIAloGkuJVFOxZTQvn4.roa
Signing time: Tue 02 Jan 2024 02:30:31 +0000
ROA not before: Tue 02 Jan 2024 02:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35112
IP address blocks: 217.119.129.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
146.19.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:41:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:1d:c7:99:4e:7c:85:21:4c:2c:69:e5:d6:f6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 2 02:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3cdcfbcb582748025a0692e25514ec594d0be7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0c:68:59:ec:e6:e0:48:0a:3e:15:32:a9:7e:
bb:f0:46:76:bf:fa:fc:e1:f9:91:9d:3c:3f:73:69:
62:c9:4a:d0:a5:cd:9a:82:77:02:fa:1e:7b:50:19:
1d:7e:e2:cc:11:5e:91:23:a5:58:c5:d5:8e:bb:69:
2f:c7:e4:ce:0d:bf:bb:df:7b:60:1f:df:f6:49:3e:
cd:3d:35:26:0c:62:aa:1c:52:f9:b1:5a:ac:44:e0:
a2:2a:89:70:37:21:aa:83:3f:e5:67:82:59:d2:75:
e4:53:cf:5a:a3:ae:c7:53:78:75:3c:26:dc:d7:4b:
32:71:af:4c:68:d8:e7:56:e3:23:b4:f7:87:08:4f:
2c:7b:66:e6:18:99:7d:1f:20:b6:1b:24:fe:83:dc:
ee:fe:12:74:f9:6c:10:e9:e8:7c:76:e6:9a:74:28:
c9:85:1a:e4:5b:2c:80:bc:4b:57:d3:67:19:6d:ea:
d8:9b:7d:1d:53:01:c8:64:7f:7b:97:89:f5:aa:4d:
5b:42:86:e2:00:3e:0e:c1:4c:6f:b8:ef:07:c2:4a:
d6:67:db:ee:14:14:45:c1:78:61:80:41:d9:85:a0:
c4:9c:0a:d8:5d:da:99:32:ca:b1:95:df:b8:e3:c0:
db:87:f5:fd:1e:90:44:d4:f2:57:e4:f1:ae:91:65:
64:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CD:CF:BC:B5:82:74:80:25:A0:69:2E:25:51:4E:C5:94:D0:BE:7E
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/o83PvLWCdIAloGkuJVFOxZTQvn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
193.163.203.0/24
217.119.129.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f9:03:6e:a0:1a:43:52:9f:b1:a3:70:5d:27:7c:08:31:43:
5d:98:3f:06:d7:d5:aa:7a:06:44:65:1e:15:2f:ae:9f:dc:bf:
44:5a:3f:88:b9:ff:5c:40:5e:70:81:67:e8:a6:0c:f3:97:f3:
f6:5b:b4:5d:69:fa:b2:c7:cf:db:8d:b2:5b:3e:4f:97:d2:42:
51:88:3b:a0:b3:85:0a:52:7c:fb:b9:ff:98:b7:91:a3:da:3b:
62:e2:72:85:29:9c:e0:07:b0:43:33:89:54:de:8b:ba:ac:61:
38:fc:48:64:a0:bf:46:e2:e5:7d:d4:bd:1d:c2:58:a3:22:e6:
31:74:87:99:18:b5:a0:0b:e8:95:07:da:c5:04:7f:a5:51:73:
50:67:fb:6d:ae:5a:fa:6c:e4:0f:8d:2a:ba:53:ab:2e:fa:0a:
d6:fd:14:06:66:ce:c1:ee:81:20:56:c9:ad:60:36:1d:5a:01:
51:b9:0c:3f:d4:ec:2d:b9:ca:a1:5e:f7:37:72:67:22:a9:62:
ba:4c:ec:51:4c:5f:c5:9e:ef:25:94:18:99:62:b8:f3:1c:c7:
6a:4e:01:3b:f5:32:83:3d:13:41:b6:6a:ab:3f:76:fc:e9:c9:
8c:44:2b:fb:49:75:37:59:9f:2e:0b:a1:ac:8d:5d:5f:f3:86:
32:fb:a6:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAh3HmU58hSFMLGnl1vYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTAyMDIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NkY2ZiY2I1ODI3NDgwMjVhMDY5MmUyNTUxNGVjNTk0ZDBiZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgxoWezm4EgKPhUyqX678EZ2v/r8
4fmRnTw/c2liyUrQpc2agncC+h57UBkdfuLMEV6RI6VYxdWOu2kvx+TODb+733tg
H9/2ST7NPTUmDGKqHFL5sVqsROCiKolwNyGqgz/lZ4JZ0nXkU89ao67HU3h1PCbc
10syca9MaNjnVuMjtPeHCE8se2bmGJl9HyC2GyT+g9zu/hJ0+WwQ6eh8duaadCjJ
hRrkWyyAvEtX02cZberYm30dUwHIZH97l4n1qk1bQobiAD4OwUxvuO8HwkrWZ9vu
FBRFwXhhgEHZhaDEnArYXdqZMsqxld+448Dbh/X9HpBE1PJX5PGukWVkcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKPNz7y1gnSAJaBpLiVRTsWU0L5+MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvbzgzUHZMV0NkSUFsb0drdUpWRk94WlRRdm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkhOAAwQA
waPLAwQA2XeBMA0GCSqGSIb3DQEBCwUAA4IBAQAp+QNuoBpDUp+xo3BdJ3wIMUNd
mD8G19WqegZEZR4VL66f3L9EWj+Iuf9cQF5wgWfopgzzl/P2W7Rdafqyx8/bjbJb
Pk+X0kJRiDugs4UKUnz7uf+Yt5Gj2jti4nKFKZzgB7BDM4lU3ou6rGE4/EhkoL9G
4uV91L0dwlijIuYxdIeZGLWgC+iVB9rFBH+lUXNQZ/ttrlr6bOQPjSq6U6su+grW
/RQGZs7B7oEgVsmtYDYdWgFRuQw/1OwtucqhXvc3cmciqWK6TOxRTF/Fnu8llBiZ
YrjzHMdqTgE79TKDPRNBtmqrP3b86cmMRCv7SXU3WZ8uC6GsjV1f84Yy+6aY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:47 2025 by rpki-client