Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/DoAFmvOhcrvcLwU7DebJkS837Ug.roa
File: DoAFmvOhcrvcLwU7DebJkS837Ug.roa (raw, json)
Hash identifier: lTXDZk5Ffi2GDsxdQJdD13SeMO/zq/6kC7Mmy5qlJjQ=
Subject key identifier: 0E:80:05:9A:F3:A1:72:BB:DC:2F:05:3B:0D:E6:C9:91:2F:37:ED:48
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBC5F38C421599095911665415B88B
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/DoAFmvOhcrvcLwU7DebJkS837Ug.roa
Signing time: Tue 02 Jan 2024 10:32:55 +0000
ROA not before: Tue 02 Jan 2024 10:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1902
IP address blocks: 145.236.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:c5:f3:8c:42:15:99:09:59:11:66:54:15:b8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e80059af3a172bbdc2f053b0de6c9912f37ed48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:70:8e:98:4d:39:1d:46:8a:c7:a3:02:79:92:
82:98:d2:d3:22:02:ad:3f:d3:90:42:0b:3b:e3:a2:
9d:93:76:bd:90:08:7f:92:b1:39:df:4e:09:b4:9a:
9c:ca:92:b4:5d:0a:5b:fe:b2:bb:d7:37:a3:13:ef:
d2:69:75:f5:d6:fe:ec:01:c6:c6:29:80:aa:37:d7:
2a:af:86:de:33:42:d8:16:22:f9:f9:b1:ac:2f:2c:
40:2d:74:73:51:87:cb:de:61:4a:bf:71:92:cc:ff:
f1:41:52:53:2a:2d:12:71:39:3a:c4:7f:9a:e2:4e:
b0:ec:6d:01:2b:a9:c4:b3:53:e6:78:67:51:36:a8:
09:9d:de:08:51:d0:73:f8:7d:bd:e6:c7:3c:03:85:
0e:86:67:f9:b9:d1:0f:f2:7a:7b:df:76:18:7a:24:
d6:f0:9b:a8:69:dc:fe:56:be:72:60:dd:7a:1b:21:
2a:c5:a9:50:6d:60:6f:53:48:3f:02:98:a3:8a:5c:
56:b8:ec:2d:2e:0d:c8:7a:04:ad:9d:09:b2:e9:0b:
00:66:ad:e8:da:f1:28:48:9f:5e:cd:39:db:2a:46:
90:e4:7a:9a:cb:d8:00:1e:ee:ce:ed:42:cf:2e:0c:
45:f8:8b:3f:be:20:c6:24:b5:75:36:8e:a1:ae:b8:
09:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:80:05:9A:F3:A1:72:BB:DC:2F:05:3B:0D:E6:C9:91:2F:37:ED:48
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/DoAFmvOhcrvcLwU7DebJkS837Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.236.24.0/24
Signature Algorithm: sha256WithRSAEncryption
61:70:3d:47:62:18:6a:fb:52:b2:8a:5f:61:14:e4:5b:5e:71:
0a:52:ba:49:14:15:9d:c9:34:e7:e4:6e:bb:d3:80:df:8b:48:
60:c4:fe:d7:e7:61:0d:18:3c:5b:35:31:e9:05:0c:74:11:63:
9d:2e:80:fd:bf:72:90:fe:f7:f7:a9:67:5a:bb:84:1c:6d:00:
7d:a3:41:a1:12:5e:b4:57:6b:b7:f8:75:e3:01:f6:43:6e:5b:
45:8b:5a:03:49:c1:f9:3f:21:52:d3:b5:45:e7:d2:84:4f:c4:
37:89:c7:19:bc:8c:0d:67:cc:13:6b:c1:1b:ff:de:1b:d5:2c:
ee:0e:07:d9:4a:9a:ea:70:ec:76:41:46:6a:2e:bb:5d:84:a6:
a4:bd:c3:ce:24:a7:b5:6f:0a:ad:41:c8:5b:16:5b:02:22:d7:
6d:a8:ad:a3:8b:73:26:04:ad:06:05:01:a1:6e:21:2d:c7:e2:
ec:32:54:9c:06:49:17:07:88:b1:d5:3d:4e:c6:d7:32:c4:9e:
3c:99:a4:0c:58:02:f1:50:6c:d2:b3:da:1c:16:d7:92:e3:a7:
d9:78:ca:ca:09:60:5c:2a:a2:77:4b:d5:12:a1:bb:47:20:bf:
31:d5:08:a8:c0:3d:63:b8:21:0f:38:97:c4:f5:86:bf:3f:ec:
fe:8b:7f:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu8XzjEIVmQlZEWZUFbiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgwMDU5YWYzYTE3MmJiZGMyZjA1M2IwZGU2Yzk5MTJmMzdlZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXCOmE05HUaKx6MCeZKCmNLTIgKt
P9OQQgs746Kdk3a9kAh/krE5304JtJqcypK0XQpb/rK71zejE+/SaXX11v7sAcbG
KYCqN9cqr4beM0LYFiL5+bGsLyxALXRzUYfL3mFKv3GSzP/xQVJTKi0ScTk6xH+a
4k6w7G0BK6nEs1PmeGdRNqgJnd4IUdBz+H295sc8A4UOhmf5udEP8np733YYeiTW
8Juoadz+Vr5yYN16GyEqxalQbWBvU0g/ApijilxWuOwtLg3IegStnQmy6QsAZq3o
2vEoSJ9ezTnbKkaQ5Hqay9gAHu7O7ULPLgxF+Is/viDGJLV1No6hrrgJPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6ABZrzoXK73C8FOw3myZEvN+1IMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvRG9BRm12T2hjcnZjTHdVN0RlYkprUzgzN1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkewYMA0G
CSqGSIb3DQEBCwUAA4IBAQBhcD1HYhhq+1Kyil9hFORbXnEKUrpJFBWdyTTn5G67
04Dfi0hgxP7X52ENGDxbNTHpBQx0EWOdLoD9v3KQ/vf3qWdau4QcbQB9o0GhEl60
V2u3+HXjAfZDbltFi1oDScH5PyFS07VF59KET8Q3iccZvIwNZ8wTa8Eb/94b1Szu
DgfZSprqcOx2QUZqLrtdhKakvcPOJKe1bwqtQchbFlsCItdtqK2ji3MmBK0GBQGh
biEtx+LsMlScBkkXB4ix1T1OxtcyxJ48maQMWALxUGzSs9ocFteS46fZeMrKCWBc
KqJ3S9USobtHIL8x1QiowD1juCEPOJfE9Ya/P+z+i39c
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:38:27 2025 by rpki-client