Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/OVVurWILl50Wy3vmdlTcF5dWlBs.roa
File: OVVurWILl50Wy3vmdlTcF5dWlBs.roa (raw, json)
Hash identifier: WH46Gjn1b5TE0+ygCKYQqS/Gls2Z1w/Tvg7QJf/4DGI=
Subject key identifier: 39:55:6E:AD:62:0B:97:9D:16:CB:7B:E6:76:54:DC:17:97:56:94:1B
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 018CC801FBFF6AB103B4C348D0F74EF43442
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/OVVurWILl50Wy3vmdlTcF5dWlBs.roa
Signing time: Tue 02 Jan 2024 02:30:22 +0000
ROA not before: Tue 02 Jan 2024 02:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15525
IP address blocks: 158.162.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:fb:ff:6a:b1:03:b4:c3:48:d0:f7:4e:f4:34:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 02:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39556ead620b979d16cb7be67654dc179756941b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cf:4c:ff:25:8e:c0:8c:44:b1:85:36:4b:73:
18:33:3d:2c:c5:86:4f:2d:76:1e:2f:dc:56:ba:e7:
6e:77:b7:d3:7e:5c:5e:83:e7:3b:b9:69:17:7a:5b:
a6:a4:b7:c8:b1:c7:d1:c6:d1:9c:3a:96:66:6d:5d:
2d:a5:e8:e1:80:72:68:2d:86:fb:29:6f:b6:17:39:
da:6d:95:1f:a4:5e:86:4a:71:33:af:c3:1e:1c:c2:
8f:6b:82:31:19:2f:e3:f0:78:d7:56:b0:14:12:18:
c2:a2:7d:d0:c7:15:03:88:fb:83:ce:18:56:39:5d:
47:b4:b8:91:2d:49:5e:a1:ba:3f:bc:ec:a2:81:fe:
63:f8:0c:13:07:3e:17:3c:9b:8d:9e:7b:2f:cb:27:
25:18:7a:d6:cd:ec:f0:e1:3e:e8:fd:66:09:8a:10:
af:a5:b5:3d:e8:fe:11:3e:08:4d:3e:f3:46:17:2c:
77:3c:2f:a7:9b:6b:d9:df:fe:17:16:dc:49:e6:28:
24:f5:e3:05:df:a5:4b:82:c3:a5:02:c0:53:61:e6:
37:db:78:6d:dc:d5:57:c7:7f:e8:d7:fb:a3:e1:43:
88:ce:98:36:80:ce:9b:84:d5:1f:d2:f4:c1:d1:9b:
56:bc:32:a1:b6:cb:91:42:9c:8a:ef:1c:83:5d:16:
96:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:55:6E:AD:62:0B:97:9D:16:CB:7B:E6:76:54:DC:17:97:56:94:1B
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/OVVurWILl50Wy3vmdlTcF5dWlBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:05:74:ff:e8:f0:be:bd:86:76:07:0f:b7:73:bd:b8:1f:f4:
17:db:c5:ce:7f:12:f4:f2:e3:ec:d5:69:c3:b6:04:a6:be:bd:
46:78:5c:27:39:ec:09:fd:9a:7f:4d:49:ec:67:24:92:ac:bf:
86:fd:5a:e0:88:2b:45:2c:34:f6:f0:9b:0a:76:f9:cf:40:d9:
53:c6:50:37:3c:be:51:d4:d3:b9:04:ee:ff:46:9a:b7:50:6a:
35:80:9d:ff:3e:d9:45:c8:c5:73:45:e9:38:0e:51:02:d5:9e:
68:20:b4:80:81:b6:b5:0d:d3:39:c3:66:38:65:61:a2:f2:11:
68:de:16:8a:14:02:bb:8e:8c:e4:ee:9e:8d:dd:d5:35:36:82:
ad:e2:1e:e0:ba:67:e1:62:31:75:d7:8a:61:11:fb:c0:ec:f6:
81:91:f6:e6:78:d9:99:56:f5:7d:e1:27:7b:68:9c:fc:0a:af:
87:10:b2:bc:6e:76:49:04:0b:d5:4e:94:1c:53:26:79:7e:bb:
a9:e9:66:e8:5c:47:83:69:a2:1d:c4:b7:69:79:65:4b:83:da:
5b:33:be:d8:bc:b4:fa:3c:38:56:19:68:45:5d:83:4a:20:8c:
4c:d9:d3:dc:d3:cf:8f:6f:d9:c9:69:a0:66:01:cb:03:fe:d6:
76:3f:e3:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAfv/arEDtMNI0PdO9DRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjQwMTAyMDIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTU1NmVhZDYyMGI5NzlkMTZjYjdiZTY3NjU0ZGMxNzk3NTY5NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn89M/yWOwIxEsYU2S3MYMz0sxYZP
LXYeL9xWuudud7fTflxeg+c7uWkXelumpLfIscfRxtGcOpZmbV0tpejhgHJoLYb7
KW+2FznabZUfpF6GSnEzr8MeHMKPa4IxGS/j8HjXVrAUEhjCon3QxxUDiPuDzhhW
OV1HtLiRLUleobo/vOyigf5j+AwTBz4XPJuNnnsvyyclGHrWzezw4T7o/WYJihCv
pbU96P4RPghNPvNGFyx3PC+nm2vZ3/4XFtxJ5igk9eMF36VLgsOlAsBTYeY323ht
3NVXx3/o1/uj4UOIzpg2gM6bhNUf0vTB0ZtWvDKhtsuRQpyK7xyDXRaWDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlVbq1iC5edFst75nZU3BeXVpQbMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvT1ZWdXJXSUxsNTBXeTN2bWRsVGNGNWRXbEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQBKBXT/6PC+vYZ2Bw+3c724H/QX28XOfxL08uPs1WnD
tgSmvr1GeFwnOewJ/Zp/TUnsZySSrL+G/VrgiCtFLDT28JsKdvnPQNlTxlA3PL5R
1NO5BO7/Rpq3UGo1gJ3/PtlFyMVzRek4DlEC1Z5oILSAgba1DdM5w2Y4ZWGi8hFo
3haKFAK7jozk7p6N3dU1NoKt4h7gumfhYjF114phEfvA7PaBkfbmeNmZVvV94Sd7
aJz8Cq+HELK8bnZJBAvVTpQcUyZ5frup6WboXEeDaaIdxLdpeWVLg9pbM77YvLT6
PDhWGWhFXYNKIIxM2dPc08+Pb9nJaaBmAcsD/tZ2P+OL
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:35 2025 by rpki-client