Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/OfOhWHH9IVkurcgvsq7uv2j3EUs.roa
File: OfOhWHH9IVkurcgvsq7uv2j3EUs.roa (raw, json)
Hash identifier: NmE7cjU0v8CKzRCGQLaZeDTpxYN6Dp6GzcAV4r0DCYc=
Subject key identifier: 39:F3:A1:58:71:FD:21:59:2E:AD:C8:2F:B2:AE:EE:BF:68:F7:11:4B
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0193B635D979152AC623FD5912EE6991C69F
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/OfOhWHH9IVkurcgvsq7uv2j3EUs.roa
Signing time: Wed 11 Dec 2024 14:53:22 +0000
ROA not before: Wed 11 Dec 2024 14:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 93.114.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:35:d9:79:15:2a:c6:23:fd:59:12:ee:69:91:c6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Dec 11 14:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39f3a15871fd21592eadc82fb2aeeebf68f7114b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f9:55:64:fa:a4:3c:76:76:1d:d5:ac:4f:ea:
e0:1f:13:5d:0d:97:60:e2:7d:e5:77:cd:9d:c7:dd:
fa:77:80:05:19:3a:c5:e9:82:63:50:6e:bd:24:2b:
85:85:f2:6d:c7:11:52:3d:58:ca:da:50:f2:c9:8e:
52:6c:ad:61:8f:b4:f9:c5:0a:20:f1:46:9d:31:be:
23:30:03:a2:f9:52:55:f4:31:ca:a3:89:e7:8e:76:
3d:f4:2c:69:9f:52:51:d0:a0:eb:39:e3:7f:ab:44:
71:44:85:a6:13:29:a7:3f:42:9a:db:2b:73:a9:01:
77:44:f0:23:2a:40:19:58:e5:81:96:61:2c:9f:0f:
4d:e5:1d:03:77:51:93:30:e6:b4:62:fa:32:83:17:
81:fd:6a:f2:b0:7f:45:11:a4:1d:e0:b1:8b:b5:49:
33:81:68:5c:d5:53:70:69:86:65:86:94:6f:a0:ba:
e4:72:23:a2:50:9d:48:7f:e0:bb:f5:0d:6d:3c:0e:
b7:e6:a8:e3:4c:1a:a5:b0:b9:ac:be:4d:59:87:a9:
1a:35:e5:f5:61:b5:04:02:92:c7:7b:34:7f:38:2c:
5d:85:81:c9:ba:5f:5b:ce:fa:61:bc:d8:7d:ff:ba:
62:22:9d:57:e3:5e:2d:99:aa:05:28:15:32:d2:30:
0c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F3:A1:58:71:FD:21:59:2E:AD:C8:2F:B2:AE:EE:BF:68:F7:11:4B
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/OfOhWHH9IVkurcgvsq7uv2j3EUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.54.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ba:56:10:22:4b:3f:3d:15:fe:fa:ec:37:2b:d9:5a:35:eb:
4f:c7:52:8d:1c:70:48:73:e7:38:40:11:43:72:1e:35:88:37:
e4:b4:12:4b:f7:84:74:fb:47:e4:f0:ff:ac:8c:51:e5:3d:bf:
32:02:b0:89:9c:5f:53:58:9c:ab:79:2d:57:50:2a:59:53:db:
f2:d0:2b:01:2a:95:e9:e8:4a:e4:18:08:6e:53:4c:a9:d5:f1:
81:ff:2f:d9:c2:b1:4a:5d:91:73:59:ef:40:29:30:d6:e7:60:
d4:b1:86:90:c2:85:4f:39:f2:81:d8:f5:23:2f:d0:85:58:ea:
ba:c9:32:d0:ac:77:40:c8:28:90:ad:58:ab:66:45:68:34:84:
42:84:4b:40:c1:89:33:6e:7f:f1:29:5f:f1:b5:e8:50:37:3c:
6e:36:82:e0:a6:cc:69:e9:d8:b7:c7:69:33:10:49:b5:6c:c5:
ba:11:f5:9d:96:d3:ed:dd:05:e0:8c:70:9f:f3:9f:48:9e:8d:
11:29:b8:da:d6:87:d0:05:5b:cb:d8:5f:ab:72:36:fa:98:b3:
38:70:48:70:1d:eb:d5:89:f9:14:02:74:05:72:d8:57:ab:72:
3b:5a:ac:fa:e4:f2:01:8b:42:2a:9a:f7:67:af:ba:e5:35:e2:
2d:04:55:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO2Ndl5FSrGI/1ZEu5pkcafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjQxMjExMTQ1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWYzYTE1ODcxZmQyMTU5MmVhZGM4MmZiMmFlZWViZjY4ZjcxMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvlVZPqkPHZ2HdWsT+rgHxNdDZdg
4n3ld82dx936d4AFGTrF6YJjUG69JCuFhfJtxxFSPVjK2lDyyY5SbK1hj7T5xQog
8UadMb4jMAOi+VJV9DHKo4nnjnY99Cxpn1JR0KDrOeN/q0RxRIWmEymnP0Ka2ytz
qQF3RPAjKkAZWOWBlmEsnw9N5R0Dd1GTMOa0YvoygxeB/WrysH9FEaQd4LGLtUkz
gWhc1VNwaYZlhpRvoLrkciOiUJ1If+C79Q1tPA635qjjTBqlsLmsvk1Zh6kaNeX1
YbUEApLHezR/OCxdhYHJul9bzvphvNh9/7piIp1X414tmaoFKBUy0jAMnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnzoVhx/SFZLq3IL7Ku7r9o9xFLMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvT2ZPaFdISDlJVmt1cmNndnNxN3V2MmozRVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXI2MA0G
CSqGSIb3DQEBCwUAA4IBAQCYulYQIks/PRX++uw3K9laNetPx1KNHHBIc+c4QBFD
ch41iDfktBJL94R0+0fk8P+sjFHlPb8yArCJnF9TWJyreS1XUCpZU9vy0CsBKpXp
6ErkGAhuU0yp1fGB/y/ZwrFKXZFzWe9AKTDW52DUsYaQwoVPOfKB2PUjL9CFWOq6
yTLQrHdAyCiQrVirZkVoNIRChEtAwYkzbn/xKV/xtehQNzxuNoLgpsxp6di3x2kz
EEm1bMW6EfWdltPt3QXgjHCf859Ino0RKbja1ofQBVvL2F+rcjb6mLM4cEhwHevV
ifkUAnQFcthXq3I7Wqz65PIBi0Iqmvdnr7rlNeItBFUk
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:06:48 2025 by rpki-client