Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/cce5ba-ff93-4438-a8e3-4a637c6d9938/1/onjYBThlflnw_yiwKbUTLqHvL2c.roa
File: onjYBThlflnw_yiwKbUTLqHvL2c.roa (raw, json)
Hash identifier: 9oYzHalRNi/M+Sr/eyV0CRCydWA16XtD4CKKapHAgK8=
Subject key identifier: A2:78:D8:05:38:65:7E:59:F0:FF:28:B0:29:B5:13:2E:A1:EF:2F:67
Certificate issuer: /CN=4d0d5943c2403730de818e31b9b5ff1d8c1c9c47
Certificate serial: 018CC8703AB0EC4923D61A440A90370303EE
Authority key identifier: 4D:0D:59:43:C2:40:37:30:DE:81:8E:31:B9:B5:FF:1D:8C:1C:9C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQ1ZQ8JANzDegY4xubX_HYwcnEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/cce5ba-ff93-4438-a8e3-4a637c6d9938/1/onjYBThlflnw_yiwKbUTLqHvL2c.roa
Signing time: Tue 02 Jan 2024 04:30:47 +0000
ROA not before: Tue 02 Jan 2024 04:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209385
IP address blocks: 185.232.124.0/22 maxlen: 24
2a0c:a500::/32 maxlen: 44
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:3a:b0:ec:49:23:d6:1a:44:0a:90:37:03:03:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0d5943c2403730de818e31b9b5ff1d8c1c9c47
Validity
Not Before: Jan 2 04:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a278d80538657e59f0ff28b029b5132ea1ef2f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a4:fd:f7:fa:93:be:87:ac:d7:0f:7e:bc:55:
b6:5e:57:3e:a0:93:96:8e:13:0a:9d:24:a7:50:3a:
20:86:58:22:f4:38:65:25:18:2e:df:c2:52:b6:f8:
56:ab:f9:a6:bb:c2:cd:64:86:7e:24:87:79:9a:b2:
3b:76:94:d4:56:2d:93:00:73:44:24:d1:f8:08:81:
fc:bb:ff:f1:b6:f4:21:7d:21:ed:00:06:ac:15:bc:
ee:98:7b:83:f0:2d:44:86:23:65:8c:d5:5c:ce:5e:
36:08:43:4a:47:6b:8f:d9:e2:11:11:1b:b3:81:d1:
fa:b6:8b:5f:8e:99:5d:b4:68:3b:4c:8f:87:ba:b1:
7c:6d:cb:47:47:81:01:fe:89:a3:5c:7b:12:29:39:
06:bd:4d:3f:00:96:f5:ee:cf:94:36:7b:79:25:b8:
52:19:cd:dd:cd:ea:a3:18:d1:a7:93:d1:42:db:03:
2a:30:a6:94:e2:22:15:b6:67:50:9c:c4:37:5a:db:
f9:70:c7:05:b1:a8:88:9a:8a:02:6c:a6:c7:2e:a3:
4e:0e:56:2c:8e:51:9c:b6:d7:ba:79:40:f5:3e:c5:
fc:22:b2:dc:1c:95:ac:6a:c1:80:f5:62:f6:82:71:
8c:4a:15:9d:12:cc:5b:82:62:4e:44:34:3c:cd:79:
46:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:78:D8:05:38:65:7E:59:F0:FF:28:B0:29:B5:13:2E:A1:EF:2F:67
X509v3 Authority Key Identifier:
keyid:4D:0D:59:43:C2:40:37:30:DE:81:8E:31:B9:B5:FF:1D:8C:1C:9C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ1ZQ8JANzDegY4xubX_HYwcnEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cce5ba-ff93-4438-a8e3-4a637c6d9938/1/onjYBThlflnw_yiwKbUTLqHvL2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/cce5ba-ff93-4438-a8e3-4a637c6d9938/1/TQ1ZQ8JANzDegY4xubX_HYwcnEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.124.0/22
IPv6:
2a0c:a500::/32
Signature Algorithm: sha256WithRSAEncryption
0b:f0:a8:91:87:92:13:14:39:dc:d0:2a:05:7d:e9:fc:2f:7a:
58:c5:cc:4f:78:5c:44:bd:ac:9e:d1:42:18:86:2a:82:5e:08:
9f:23:bb:a4:da:66:57:30:7b:54:f9:37:93:e3:95:8c:f8:7e:
9d:05:9c:fe:21:86:0f:42:8a:25:f8:57:e3:0c:10:bb:3c:fd:
d9:c1:3a:74:1c:db:94:e4:3a:50:3e:19:63:f2:55:11:a8:f0:
e0:28:a0:ee:3a:ec:40:e4:ba:6f:5c:54:11:df:43:c5:45:e0:
33:84:68:43:83:06:db:a7:bd:23:6a:64:76:e8:57:c5:cb:ae:
13:35:71:f6:be:99:07:d4:ec:83:1e:ac:b7:cc:8d:57:ee:68:
ff:bb:02:22:bd:b0:bd:81:f3:af:b5:f1:ea:05:cd:aa:9a:01:
ac:b9:cf:3a:04:3e:ca:ca:bd:0d:4f:34:d7:98:be:fd:00:5a:
75:e0:f1:34:6f:5b:0c:ba:1f:9a:11:42:db:ae:e7:5f:22:29:
07:de:bb:67:ca:a9:c8:3f:69:b0:e3:0c:a2:35:c7:a3:dc:e8:
b8:7e:8d:0e:45:b8:cd:d3:e8:e5:f7:eb:01:05:7f:94:7c:b9:
e1:bf:7d:37:40:b5:6c:88:1f:83:73:d0:fe:07:f7:e6:1a:e7:
9b:d9:6a:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcDqw7Ekj1hpECpA3AwPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGQ1OTQzYzI0MDM3MzBkZTgxOGUzMWI5YjVmZjFkOGMx
YzljNDcwHhcNMjQwMTAyMDQzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc4ZDgwNTM4NjU3ZTU5ZjBmZjI4YjAyOWI1MTMyZWExZWYyZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6T99/qTvoes1w9+vFW2Xlc+oJOW
jhMKnSSnUDoghlgi9DhlJRgu38JStvhWq/mmu8LNZIZ+JId5mrI7dpTUVi2TAHNE
JNH4CIH8u//xtvQhfSHtAAasFbzumHuD8C1EhiNljNVczl42CENKR2uP2eIRERuz
gdH6totfjpldtGg7TI+HurF8bctHR4EB/omjXHsSKTkGvU0/AJb17s+UNnt5JbhS
Gc3dzeqjGNGnk9FC2wMqMKaU4iIVtmdQnMQ3Wtv5cMcFsaiImooCbKbHLqNODlYs
jlGctte6eUD1PsX8IrLcHJWsasGA9WL2gnGMShWdEsxbgmJORDQ8zXlGqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJ42AU4ZX5Z8P8osCm1Ey6h7y9nMB8GA1UdIwQY
MBaAFE0NWUPCQDcw3oGOMbm1/x2MHJxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFExWlE4SkFOekRlZ1k0eHViWF9IWXdjbkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jY2U1YmEtZmY5My00NDM4LWE4ZTMt
NGE2MzdjNmQ5OTM4LzEvb25qWUJUaGxmbG53X3lpd0tiVVRMcUh2TDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jY2U1YmEtZmY5My00NDM4LWE4ZTMtNGE2MzdjNmQ5OTM4
LzEvVFExWlE4SkFOekRlZ1k0eHViWF9IWXdjbkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueh8MA0E
AgACMAcDBQAqDKUAMA0GCSqGSIb3DQEBCwUAA4IBAQAL8KiRh5ITFDnc0CoFfen8
L3pYxcxPeFxEvaye0UIYhiqCXgifI7uk2mZXMHtU+TeT45WM+H6dBZz+IYYPQool
+FfjDBC7PP3ZwTp0HNuU5DpQPhlj8lURqPDgKKDuOuxA5LpvXFQR30PFReAzhGhD
gwbbp70jamR26FfFy64TNXH2vpkH1OyDHqy3zI1X7mj/uwIivbC9gfOvtfHqBc2q
mgGsuc86BD7Kyr0NTzTXmL79AFp14PE0b1sMuh+aEULbrudfIikH3rtnyqnIP2mw
4wyiNcej3Oi4fo0ORbjN0+jl9+sBBX+UfLnhv303QLVsiB+Dc9D+B/fmGueb2WoO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:10 2025 by rpki-client