Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/_OCvBw599eB-_lAVwCzr9bidtEk.roa
File: _OCvBw599eB-_lAVwCzr9bidtEk.roa (raw, json)
Hash identifier: 6riUC/Yk3CBl6OJ1l/i0OXklv+sRTlhlQAKjWi8oxKw=
Subject key identifier: FC:E0:AF:07:0E:7D:F5:E0:7E:FE:50:15:C0:2C:EB:F5:B8:9D:B4:49
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 018CC86FA864BC6D7042C822ADB30A814356
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/_OCvBw599eB-_lAVwCzr9bidtEk.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47862
IP address blocks: 176.74.48.0/21 maxlen: 21
176.74.49.0/24 maxlen: 24
176.74.48.0/24 maxlen: 24
176.74.50.0/24 maxlen: 24
176.74.51.0/24 maxlen: 24
176.74.54.0/24 maxlen: 24
176.74.53.0/24 maxlen: 24
176.74.55.0/24 maxlen: 24
176.74.52.0/24 maxlen: 24
185.76.128.0/24 maxlen: 24
109.205.24.0/24 maxlen: 24
109.205.25.0/24 maxlen: 24
109.205.27.0/24 maxlen: 24
109.205.26.0/24 maxlen: 24
2a00:1b00::/48 maxlen: 48
2a00:1b00:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a8:64:bc:6d:70:42:c8:22:ad:b3:0a:81:43:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fce0af070e7df5e07efe5015c02cebf5b89db449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:4f:45:d0:91:7a:ca:b2:e2:bf:4f:3b:77:
be:ba:9f:71:24:c3:84:0d:86:a6:fd:ae:a7:d6:f7:
0f:69:ba:01:07:ba:e2:95:18:18:bc:97:57:8c:c0:
65:a9:b1:ca:91:1d:97:b7:2c:d9:50:1d:a0:60:4f:
26:ef:87:19:34:3f:d0:9d:cf:53:0d:b0:d4:ec:db:
db:66:cc:5f:1f:e5:98:e8:85:72:46:4c:3a:eb:70:
72:fe:52:cc:17:64:59:9a:24:a1:2d:2a:fa:13:ba:
43:5f:b7:f8:2b:06:88:9a:73:f5:29:bf:12:25:59:
3b:ac:64:6a:27:a3:d2:82:9f:45:7b:4f:79:6c:c0:
03:3f:73:4e:6b:a8:22:1b:4d:9d:a8:28:43:36:58:
06:d8:41:c2:6d:89:9a:f8:9b:d1:0e:d4:60:ec:76:
e0:ea:98:49:b7:ac:29:08:c4:3d:95:bc:a7:50:fe:
45:cf:ba:d4:64:bf:67:8b:b8:5c:4f:4e:a7:45:2a:
2a:f5:51:11:f7:83:1e:63:18:cb:78:4f:e0:1c:d8:
f5:d2:a9:52:b4:76:ee:5f:84:09:36:1c:a9:02:20:
38:45:b1:c9:5f:0c:7f:66:76:87:7e:e2:69:5d:f6:
1e:34:eb:d5:a8:bf:91:eb:5e:98:8b:94:f7:ba:6d:
ef:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E0:AF:07:0E:7D:F5:E0:7E:FE:50:15:C0:2C:EB:F5:B8:9D:B4:49
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/_OCvBw599eB-_lAVwCzr9bidtEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.24.0/22
176.74.48.0/21
185.76.128.0/24
IPv6:
2a00:1b00::/48
2a00:1b00:1000::/48
Signature Algorithm: sha256WithRSAEncryption
06:a0:dd:e9:26:ae:09:fa:13:b0:0f:46:86:b5:d4:74:07:49:
9f:4f:68:84:9f:6b:1a:28:46:07:88:9d:cf:22:eb:02:22:cf:
50:93:c4:bd:97:22:89:96:48:7f:49:f8:f8:82:b9:af:25:20:
69:3d:07:19:c1:c8:c5:8c:78:a7:47:38:26:7f:e9:53:a1:d9:
95:26:4d:b9:cc:42:8e:ae:0f:be:d7:ac:78:2f:b7:45:74:6b:
e3:22:b2:b4:26:b0:4c:97:4e:c9:70:05:7e:da:c5:e1:12:70:
dc:ad:73:b1:dd:95:33:03:72:80:1d:0e:60:9c:a5:d2:c4:6e:
45:5f:a1:7d:2f:10:bc:b5:af:23:5d:10:48:d6:f0:e3:74:21:
be:0a:af:37:76:fa:59:c7:de:f3:b5:78:06:27:cb:d5:bb:bf:
c3:77:d9:f1:ed:c6:47:89:cd:b3:e3:62:6c:cf:3c:04:82:0d:
7e:fe:e1:48:96:b8:c3:a4:b3:06:3c:c7:fe:0f:8c:6d:d5:57:
95:b0:73:54:d3:7e:19:1e:d1:4b:78:e6:ab:30:43:bd:17:11:
ea:63:57:35:98:b8:1e:b5:3e:fa:cf:b1:61:c4:d2:2f:98:f3:
6c:f0:85:a5:8c:12:30:25:20:0e:ca:65:9c:36:5e:a0:f2:3d:
18:38:cf:38
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzIb6hkvG1wQsgirbMKgUNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2UwYWYwNzBlN2RmNWUwN2VmZTUwMTVjMDJjZWJmNWI4OWRiNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZhPRdCResqy4r9PO3e+up9xJMOE
DYam/a6n1vcPaboBB7rilRgYvJdXjMBlqbHKkR2XtyzZUB2gYE8m74cZND/Qnc9T
DbDU7NvbZsxfH+WY6IVyRkw663By/lLMF2RZmiShLSr6E7pDX7f4KwaImnP1Kb8S
JVk7rGRqJ6PSgp9Fe095bMADP3NOa6giG02dqChDNlgG2EHCbYma+JvRDtRg7Hbg
6phJt6wpCMQ9lbynUP5Fz7rUZL9ni7hcT06nRSoq9VER94MeYxjLeE/gHNj10qlS
tHbuX4QJNhypAiA4RbHJXwx/ZnaHfuJpXfYeNOvVqL+R616Yi5T3um3vxwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPzgrwcOffXgfv5QFcAs6/W4nbRJMB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvX09DdkJ3NTk5ZUItX2xBVndDenI5YmlkdEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCbc0YAwQD
sEowAwQAuUyAMBgEAgACMBIDBwAqABsAAAADBwAqABsAEAAwDQYJKoZIhvcNAQEL
BQADggEBAAag3ekmrgn6E7APRoa11HQHSZ9PaISfaxooRgeInc8i6wIiz1CTxL2X
IomWSH9J+PiCua8lIGk9BxnByMWMeKdHOCZ/6VOh2ZUmTbnMQo6uD77XrHgvt0V0
a+MisrQmsEyXTslwBX7axeEScNytc7HdlTMDcoAdDmCcpdLEbkVfoX0vELy1ryNd
EEjW8ON0Ib4Krzd2+lnH3vO1eAYny9W7v8N32fHtxkeJzbPjYmzPPASCDX7+4UiW
uMOkswY8x/4PjG3VV5Wwc1TTfhke0Ut45qswQ70XEepjVzWYuB61PvrPsWHE0i+Y
82zwhaWMEjAlIA7KZZw2XqDyPRg4zzg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:21 2025 by rpki-client