Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/O7-RaETQqDxlZgbviDtA22w2s1g.roa
File: O7-RaETQqDxlZgbviDtA22w2s1g.roa (raw, json)
Hash identifier: Ykn9OoYPgZpegBjmRy7eesLBmNZ2u9DeO+Zq6HwHznQ=
Subject key identifier: 3B:BF:91:68:44:D0:A8:3C:65:66:06:EF:88:3B:40:DB:6C:36:B3:58
Certificate issuer: /CN=8f8d7ea47d1b700c3d6b799358aa7ea5eca8b3d2
Certificate serial: 01939260FC93AB73D9D8B0269531C43D93C5
Authority key identifier: 8F:8D:7E:A4:7D:1B:70:0C:3D:6B:79:93:58:AA:7E:A5:EC:A8:B3:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j41-pH0bcAw9a3mTWKp-peyos9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/O7-RaETQqDxlZgbviDtA22w2s1g.roa
Signing time: Wed 04 Dec 2024 15:54:09 +0000
ROA not before: Wed 04 Dec 2024 15:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212378
IP address blocks: 193.169.143.0/24 maxlen: 24
2001:678:9e4::/48 maxlen: 48
2001:678:ec0::/48 maxlen: 48
2001:678:ec4::/48 maxlen: 48
2001:67c:11f0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:60:fc:93:ab:73:d9:d8:b0:26:95:31:c4:3d:93:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8d7ea47d1b700c3d6b799358aa7ea5eca8b3d2
Validity
Not Before: Dec 4 15:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bbf916844d0a83c656606ef883b40db6c36b358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:54:e6:55:fd:f3:ee:be:c0:e4:84:95:d6:04:
33:cd:a2:56:3e:c0:85:05:6c:6f:32:1e:79:6a:55:
4e:d3:17:73:0b:cc:c1:19:d8:71:69:06:f6:01:d3:
6a:cd:95:30:5b:ea:7f:aa:45:68:8b:06:71:90:cf:
48:03:81:dd:c9:4c:29:73:2e:2e:23:80:3b:84:7d:
7d:13:76:bb:85:dc:cc:f2:68:57:e7:4d:bd:46:70:
55:65:65:7c:97:3d:43:57:b3:17:5f:f8:4c:f9:b8:
b7:9d:11:97:70:ec:ff:7a:d0:30:98:df:05:cb:37:
fc:96:c8:8a:43:8b:ce:4b:cf:5a:43:37:9a:25:1b:
65:4a:0e:0e:2f:8a:e7:40:7b:c1:a3:3f:29:33:7a:
cc:2a:66:31:08:eb:13:4a:91:af:b1:69:e5:17:3e:
13:5f:e9:a8:13:5a:23:39:37:8d:91:ee:68:82:59:
c6:28:1d:ff:fc:5c:43:3c:d5:52:ca:48:71:f6:3e:
92:75:de:1f:84:ac:65:1b:91:1e:62:2e:d6:46:ef:
0c:f9:8f:7a:ff:fe:9c:de:c5:ae:af:8c:ef:ad:1f:
0d:88:3b:37:89:45:f0:3b:ba:ce:16:03:b3:db:63:
1e:b0:5e:2c:48:2b:03:c6:1d:a5:17:fd:8d:50:f9:
14:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BF:91:68:44:D0:A8:3C:65:66:06:EF:88:3B:40:DB:6C:36:B3:58
X509v3 Authority Key Identifier:
keyid:8F:8D:7E:A4:7D:1B:70:0C:3D:6B:79:93:58:AA:7E:A5:EC:A8:B3:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j41-pH0bcAw9a3mTWKp-peyos9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/O7-RaETQqDxlZgbviDtA22w2s1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/j41-pH0bcAw9a3mTWKp-peyos9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.143.0/24
IPv6:
2001:678:9e4::/48
2001:678:ec0::/48
2001:678:ec4::/48
2001:67c:11f0::/48
Signature Algorithm: sha256WithRSAEncryption
36:b9:18:04:54:48:21:77:48:ff:6b:92:f5:5c:56:18:55:53:
8c:7c:1d:cf:5f:c1:9d:ff:fe:5e:ed:81:d1:f6:1a:e0:ea:23:
a1:55:2e:a0:13:84:16:b6:20:6a:6a:3a:ce:2b:56:8d:0b:1f:
0e:3d:44:91:cb:aa:6d:74:46:f8:fa:4e:b1:83:5b:b2:08:40:
6e:ad:ee:ad:2e:3f:0c:7a:8f:ed:ec:27:1b:37:dd:96:be:96:
36:18:fe:71:cf:c9:7e:49:f2:d5:06:2a:8f:fa:a6:e8:d7:dd:
48:c5:80:f8:c4:f4:1f:75:32:0e:4c:a6:a2:0c:99:c1:81:c2:
58:13:ac:d4:ef:fe:f2:65:fc:e1:09:45:3a:7c:e8:24:cb:c5:
7b:9a:14:9c:81:aa:d0:49:4d:ce:1b:ec:7a:8f:02:e1:3b:64:
43:2b:89:54:d6:b4:9d:69:89:6b:c2:54:37:c9:e2:88:f0:ad:
e7:c8:57:f9:68:e6:e1:bd:8d:9f:ea:2f:68:ea:ab:72:44:44:
1b:19:ba:f2:c6:c6:54:95:46:ff:c2:07:08:85:08:d9:f6:d9:
3f:d9:b5:da:92:54:9d:4f:e9:ae:0e:4a:84:c9:06:6d:37:86:
1a:b2:ca:c8:5f:d5:9b:07:94:25:d2:f7:ea:21:ca:47:e5:0b:
e1:e8:f6:05
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZOSYPyTq3PZ2LAmlTHEPZPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOGQ3ZWE0N2QxYjcwMGMzZDZiNzk5MzU4YWE3ZWE1ZWNh
OGIzZDIwHhcNMjQxMjA0MTU1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJmOTE2ODQ0ZDBhODNjNjU2NjA2ZWY4ODNiNDBkYjZjMzZiMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFTmVf3z7r7A5ISV1gQzzaJWPsCF
BWxvMh55alVO0xdzC8zBGdhxaQb2AdNqzZUwW+p/qkVoiwZxkM9IA4HdyUwpcy4u
I4A7hH19E3a7hdzM8mhX5029RnBVZWV8lz1DV7MXX/hM+bi3nRGXcOz/etAwmN8F
yzf8lsiKQ4vOS89aQzeaJRtlSg4OL4rnQHvBoz8pM3rMKmYxCOsTSpGvsWnlFz4T
X+moE1ojOTeNke5oglnGKB3//FxDPNVSykhx9j6Sdd4fhKxlG5EeYi7WRu8M+Y96
//6c3sWur4zvrR8NiDs3iUXwO7rOFgOz22MesF4sSCsDxh2lF/2NUPkUdQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDu/kWhE0Kg8ZWYG74g7QNtsNrNYMB8GA1UdIwQY
MBaAFI+NfqR9G3AMPWt5k1iqfqXsqLPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajQxLXBIMGJjQXc5YTNtVFdLcC1wZXlvczlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82MzE0ZTUtYTk2NC00NGY2LWFkYTEt
MjA1MjBlNmI2MTdhLzEvTzctUmFFVFFxRHhsWmdidmlEdEEyMncyczFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82MzE0ZTUtYTk2NC00NGY2LWFkYTEtMjA1MjBlNmI2MTdh
LzEvajQxLXBIMGJjQXc5YTNtVFdLcC1wZXlvczlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAwamPMCoE
AgACMCQDBwAgAQZ4CeQDBwAgAQZ4DsADBwAgAQZ4DsQDBwAgAQZ8EfAwDQYJKoZI
hvcNAQELBQADggEBADa5GARUSCF3SP9rkvVcVhhVU4x8Hc9fwZ3//l7tgdH2GuDq
I6FVLqAThBa2IGpqOs4rVo0LHw49RJHLqm10Rvj6TrGDW7IIQG6t7q0uPwx6j+3s
Jxs33Za+ljYY/nHPyX5J8tUGKo/6pujX3UjFgPjE9B91Mg5MpqIMmcGBwlgTrNTv
/vJl/OEJRTp86CTLxXuaFJyBqtBJTc4b7HqPAuE7ZEMriVTWtJ1piWvCVDfJ4ojw
refIV/lo5uG9jZ/qL2jqq3JERBsZuvLGxlSVRv/CBwiFCNn22T/ZtdqSVJ1P6a4O
SoTJBm03hhqyyshf1ZsHlCXS9+ohykflC+Ho9gU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:42:56 2025 by rpki-client