Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/_ogO8Ns7Rej3N9sb3iwQRArRBMY.roa
File: _ogO8Ns7Rej3N9sb3iwQRArRBMY.roa (raw, json)
Hash identifier: +V0ChOxSXAJYpbALf0F0BvlkWS9WDpJq7fRSMi9qhno=
Subject key identifier: FE:88:0E:F0:DB:3B:45:E8:F7:37:DB:1B:DE:2C:10:44:0A:D1:04:C6
Certificate issuer: /CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Certificate serial: 018CC6B932D3691E6635853460C2F28DD186
Authority key identifier: 52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/_ogO8Ns7Rej3N9sb3iwQRArRBMY.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201299
IP address blocks: 217.198.189.0/24 maxlen: 24
2a11:ffc0::/29 maxlen: 42
Validation: Failed, certificate revoked on Fri 05 Apr 2024 14:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:32:d3:69:1e:66:35:85:34:60:c2:f2:8d:d1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52411e52dab7d0be2674313b6b5d2e74bd11360e
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe880ef0db3b45e8f737db1bde2c10440ad104c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7d:60:0f:49:f2:6d:4a:f8:66:2b:6e:bc:f1:
32:71:c6:38:b4:d5:d8:65:7d:ef:ab:4b:2a:e3:28:
00:df:82:94:74:99:7c:07:e1:08:77:f3:b9:e1:bd:
51:69:42:8f:07:fd:cd:0b:3c:b1:68:8b:ec:a0:cc:
87:65:56:05:4f:18:b2:4f:76:46:fa:84:8b:97:c8:
58:89:f3:a4:06:34:12:b7:d4:eb:a2:23:1f:61:8d:
38:9e:4b:bb:ec:75:fb:a0:e9:b2:f1:23:2a:4c:dd:
90:f3:a4:ff:22:69:3d:e3:7a:50:d8:4d:85:12:87:
30:65:26:dc:2d:69:af:73:e8:1a:5b:7a:94:ff:a0:
25:05:f7:1f:f8:a5:0d:4d:c0:28:c5:0b:d5:bb:ae:
5b:5a:fe:29:6a:61:24:3f:4e:f6:6f:d1:0f:1f:e4:
e6:72:f5:d0:3f:2a:b9:d2:60:54:8e:15:b2:1e:e2:
13:a9:2d:db:e7:c3:e8:9b:c4:54:50:cf:69:e4:8e:
15:09:b7:29:2c:93:07:73:2b:74:a7:f8:b3:f5:f4:
16:11:43:d6:59:0e:9a:20:00:6e:a3:d5:2a:c2:89:
6c:dd:54:ed:a2:ea:ed:9c:98:9d:87:4d:00:16:8d:
41:cf:b8:a5:b7:11:f3:64:30:51:1a:2d:a4:b4:35:
9f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:88:0E:F0:DB:3B:45:E8:F7:37:DB:1B:DE:2C:10:44:0A:D1:04:C6
X509v3 Authority Key Identifier:
keyid:52:41:1E:52:DA:B7:D0:BE:26:74:31:3B:6B:5D:2E:74:BD:11:36:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkEeUtq30L4mdDE7a10udL0RNg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/_ogO8Ns7Rej3N9sb3iwQRArRBMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9b1d85-7198-4af6-a632-d0cfe43016de/1/UkEeUtq30L4mdDE7a10udL0RNg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.189.0/24
IPv6:
2a11:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:ff:1b:54:57:5d:ba:7f:5d:25:f3:61:9d:63:42:c7:13:23:
db:2a:05:25:ef:55:19:f3:a0:c6:07:cd:46:9b:f1:0c:ca:af:
1e:45:8a:db:4f:0a:88:ce:06:f7:ae:88:a5:ee:c6:3a:0e:b9:
fd:96:86:01:82:7f:cf:79:29:0c:d0:ff:7e:77:21:fe:01:d9:
29:09:98:a6:4b:c5:77:41:21:7d:8a:96:79:6c:92:57:03:60:
51:64:65:0b:39:91:3f:2a:be:b5:ca:f8:18:98:c7:83:5d:8e:
9f:9c:48:84:00:d6:e2:c7:1c:d5:9f:be:c1:cd:1d:a1:23:f4:
6c:66:ba:36:d0:e1:ba:db:0d:53:79:ea:28:90:7a:a4:5b:6f:
47:d7:8d:95:11:cb:3a:b9:8e:b2:1f:3a:04:ec:3d:58:da:e1:
ec:a1:23:09:91:6d:bd:58:f4:84:d4:6e:6c:56:c4:05:16:9b:
45:1a:94:00:8d:1a:d4:8e:01:bf:8f:b9:23:25:78:3b:50:6c:
85:a4:c2:d5:da:df:da:d4:be:17:aa:71:57:5f:24:80:2b:a8:
66:36:08:22:ab:2d:2c:5e:b4:84:61:8f:ff:56:86:e1:f3:41:
a7:0c:63:f0:bd:5b:0f:6c:dc:64:10:86:9c:ab:2c:b6:32:d7:
3d:41:6d:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuTLTaR5mNYU0YMLyjdGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDExZTUyZGFiN2QwYmUyNjc0MzEzYjZiNWQyZTc0YmQx
MTM2MGUwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg4MGVmMGRiM2I0NWU4ZjczN2RiMWJkZTJjMTA0NDBhZDEwNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyn1gD0nybUr4ZituvPEyccY4tNXY
ZX3vq0sq4ygA34KUdJl8B+EId/O54b1RaUKPB/3NCzyxaIvsoMyHZVYFTxiyT3ZG
+oSLl8hYifOkBjQSt9TroiMfYY04nku77HX7oOmy8SMqTN2Q86T/Imk943pQ2E2F
EocwZSbcLWmvc+gaW3qU/6AlBfcf+KUNTcAoxQvVu65bWv4pamEkP072b9EPH+Tm
cvXQPyq50mBUjhWyHuITqS3b58Pom8RUUM9p5I4VCbcpLJMHcyt0p/iz9fQWEUPW
WQ6aIABuo9Uqwols3VTtourtnJidh00AFo1Bz7iltxHzZDBRGi2ktDWfpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP6IDvDbO0Xo9zfbG94sEEQK0QTGMB8GA1UdIwQY
MBaAFFJBHlLat9C+JnQxO2tdLnS9ETYOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzIt
ZDBjZmU0MzAxNmRlLzEvX29nTzhOczdSZWozTjlzYjNpd1FSQXJSQk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85YjFkODUtNzE5OC00YWY2LWE2MzItZDBjZmU0MzAxNmRl
LzEvVWtFZVV0cTMwTDRtZERFN2ExMHVkTDBSTmc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2ca9MA0E
AgACMAcDBQMqEf/AMA0GCSqGSIb3DQEBCwUAA4IBAQBu/xtUV126f10l82GdY0LH
EyPbKgUl71UZ86DGB81Gm/EMyq8eRYrbTwqIzgb3roil7sY6Drn9loYBgn/PeSkM
0P9+dyH+AdkpCZimS8V3QSF9ipZ5bJJXA2BRZGULOZE/Kr61yvgYmMeDXY6fnEiE
ANbixxzVn77BzR2hI/RsZro20OG62w1TeeookHqkW29H142VEcs6uY6yHzoE7D1Y
2uHsoSMJkW29WPSE1G5sVsQFFptFGpQAjRrUjgG/j7kjJXg7UGyFpMLV2t/a1L4X
qnFXXySAK6hmNggiqy0sXrSEYY//Vobh80GnDGPwvVsPbNxkEIacqyy2Mtc9QW0H
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:28 2025 by rpki-client