Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/OmE3GOI9hj9pxGtiqvBr0BPiTsM.roa
File: OmE3GOI9hj9pxGtiqvBr0BPiTsM.roa (raw, json)
Hash identifier: q6ywsEsbxUqA6CibLBVz87aJSZWE9f2llE9frOa7oXQ=
Subject key identifier: 3A:61:37:18:E2:3D:86:3F:69:C4:6B:62:AA:F0:6B:D0:13:E2:4E:C3
Certificate issuer: /CN=b1e59db1bdaf213cad21025f778fac9618fd4e91
Certificate serial: 018D6467BCDF23E2609E3762EF3014B69309
Authority key identifier: B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/OmE3GOI9hj9pxGtiqvBr0BPiTsM.roa
Signing time: Thu 01 Feb 2024 11:22:16 +0000
ROA not before: Thu 01 Feb 2024 11:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202433
IP address blocks: 194.35.248.0/24 maxlen: 24
194.35.249.0/24 maxlen: 24
194.35.250.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:67:bc:df:23:e2:60:9e:37:62:ef:30:14:b6:93:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1e59db1bdaf213cad21025f778fac9618fd4e91
Validity
Not Before: Feb 1 11:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a613718e23d863f69c46b62aaf06bd013e24ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d2:af:e4:d5:b4:83:19:3e:cb:f4:82:ba:35:
2d:57:6c:a3:54:3d:1f:a3:ee:ef:0b:fd:6c:fc:93:
b4:d7:f5:26:74:8d:37:59:69:f6:3a:ae:85:8a:15:
8d:c9:b0:87:a5:d6:c5:fe:08:a6:fd:dc:06:6d:0a:
69:23:15:96:ef:38:74:e8:08:82:51:64:83:65:9d:
d0:3a:0c:87:a1:b5:51:dd:7c:a8:7d:b5:0d:1a:e6:
46:46:33:d8:75:ed:1b:93:94:b2:b8:ba:a9:a5:05:
ae:19:2b:22:f7:3b:83:78:9a:3c:87:4b:e3:a0:c6:
78:90:0a:df:76:d8:1c:38:83:db:67:89:4d:75:cb:
26:88:8b:cf:05:22:66:04:45:bd:76:59:2d:e6:fd:
04:7d:e6:10:12:90:68:17:86:a8:05:42:07:04:e9:
fa:eb:cb:7b:bd:6e:eb:7c:4e:32:fb:a5:75:e5:70:
55:d0:af:81:38:6b:65:f9:9b:49:d0:4e:bb:16:f5:
6d:f7:8c:42:d4:d5:fe:b6:b7:79:ca:ac:e5:ed:ff:
b9:f4:e5:b6:4a:83:a2:01:e5:6d:23:8b:6a:3c:fb:
cb:93:df:c3:48:9e:84:dd:ab:5b:95:39:c5:4e:4b:
75:f8:39:15:32:c1:af:0e:11:87:bd:f8:8a:4f:c9:
e4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:61:37:18:E2:3D:86:3F:69:C4:6B:62:AA:F0:6B:D0:13:E2:4E:C3
X509v3 Authority Key Identifier:
keyid:B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/OmE3GOI9hj9pxGtiqvBr0BPiTsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.248.0/22
Signature Algorithm: sha256WithRSAEncryption
40:23:fa:d2:fb:6e:0d:a0:27:aa:f0:a7:69:63:41:b9:22:4b:
7d:63:d9:1c:c5:00:a0:e8:5b:ac:25:d0:37:42:53:f8:a3:56:
ea:03:e0:18:5e:eb:e4:2b:5d:59:27:64:76:f6:91:b0:38:ef:
f9:11:ae:cc:7b:7a:e7:77:1f:f2:5a:a1:29:a7:d7:ad:6a:eb:
cb:96:be:57:4c:b3:1c:df:4c:40:06:d7:94:49:20:be:96:ad:
c0:2a:f8:01:85:dc:0a:d2:a7:d4:bc:dd:fe:23:c6:f2:02:ae:
43:e9:7e:94:d5:33:e6:b1:ee:a2:7a:eb:39:25:b7:98:e5:44:
57:68:76:65:c8:c3:b5:6c:2c:6b:73:88:b1:3b:f0:a7:3c:aa:
e0:66:30:af:18:48:4c:5a:0b:c4:ec:46:85:15:ab:a6:bf:b5:
e2:4c:62:8f:b2:ac:13:b7:a1:5f:4c:77:27:e8:8f:d4:30:85:
95:ac:d0:91:8a:1e:fe:d0:e3:86:02:6b:5c:29:c8:c3:5f:1f:
5c:25:93:b0:1b:cd:26:77:23:f2:59:94:29:f2:cb:ee:56:49:
d5:ca:25:16:85:7d:79:38:ad:ca:da:86:68:12:2e:4a:01:01:
67:b0:33:40:b3:a3:f9:2c:2a:ce:f8:ae:aa:b5:81:38:40:b4:
a3:9b:4f:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1kZ7zfI+Jgnjdi7zAUtpMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZTU5ZGIxYmRhZjIxM2NhZDIxMDI1Zjc3OGZhYzk2MThm
ZDRlOTEwHhcNMjQwMjAxMTEyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYxMzcxOGUyM2Q4NjNmNjljNDZiNjJhYWYwNmJkMDEzZTI0ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9Kv5NW0gxk+y/SCujUtV2yjVD0f
o+7vC/1s/JO01/UmdI03WWn2Oq6FihWNybCHpdbF/gim/dwGbQppIxWW7zh06AiC
UWSDZZ3QOgyHobVR3XyofbUNGuZGRjPYde0bk5SyuLqppQWuGSsi9zuDeJo8h0vj
oMZ4kArfdtgcOIPbZ4lNdcsmiIvPBSJmBEW9dlkt5v0EfeYQEpBoF4aoBUIHBOn6
68t7vW7rfE4y+6V15XBV0K+BOGtl+ZtJ0E67FvVt94xC1NX+trd5yqzl7f+59OW2
SoOiAeVtI4tqPPvLk9/DSJ6E3atblTnFTkt1+DkVMsGvDhGHvfiKT8nkNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDphNxjiPYY/acRrYqrwa9AT4k7DMB8GA1UdIwQY
MBaAFLHlnbG9ryE8rSECX3ePrJYY/U6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMt
YmM0OTI5MWI0YWFhLzEvT21FM0dPSTloajlweEd0aXF2QnIwQlBpVHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMtYmM0OTI5MWI0YWFh
LzEvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBAI/rS+24NoCeq8KdpY0G5Ikt9Y9kcxQCg6FusJdA3
QlP4o1bqA+AYXuvkK11ZJ2R29pGwOO/5Ea7Me3rndx/yWqEpp9etauvLlr5XTLMc
30xABteUSSC+lq3AKvgBhdwK0qfUvN3+I8byAq5D6X6U1TPmse6ieus5JbeY5URX
aHZlyMO1bCxrc4ixO/CnPKrgZjCvGEhMWgvE7EaFFaumv7XiTGKPsqwTt6FfTHcn
6I/UMIWVrNCRih7+0OOGAmtcKcjDXx9cJZOwG80mdyPyWZQp8svuVknVyiUWhX15
OK3K2oZoEi5KAQFnsDNAs6P5LCrO+K6qtYE4QLSjm0+b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:53 2025 by rpki-client