Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/0aec1f-6065-4d88-8454-124d3fb3906a/1/OZajRPusqC9UFs0UWdGB8jgqD3M.roa
File: OZajRPusqC9UFs0UWdGB8jgqD3M.roa (raw, json)
Hash identifier: nNTqrfImRDoIL3s7gJW4SxxodqeqzRDeq7oK8GLgJ50=
Subject key identifier: 39:96:A3:44:FB:AC:A8:2F:54:16:CD:14:59:D1:81:F2:38:2A:0F:73
Certificate issuer: /CN=d45bab208653d4261ebf202f6036334119846055
Certificate serial: 018CC3B67906BB45DF6A6BD44C871B53A170
Authority key identifier: D4:5B:AB:20:86:53:D4:26:1E:BF:20:2F:60:36:33:41:19:84:60:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FurIIZT1CYevyAvYDYzQRmEYFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/0aec1f-6065-4d88-8454-124d3fb3906a/1/OZajRPusqC9UFs0UWdGB8jgqD3M.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41735
IP address blocks: 185.46.69.0/24 maxlen: 24
193.37.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:79:06:bb:45:df:6a:6b:d4:4c:87:1b:53:a1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bab208653d4261ebf202f6036334119846055
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3996a344fbaca82f5416cd1459d181f2382a0f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ee:18:a9:bc:b4:a0:73:01:f8:92:3b:5a:63:
bb:6b:83:ff:9b:b6:4c:98:c7:fa:f8:a7:88:59:1a:
73:7d:9a:ea:08:14:3b:c6:3b:59:24:68:0e:6d:8d:
00:02:67:88:3d:da:1d:ca:d2:39:4c:b0:49:4d:25:
a4:b3:aa:82:91:1b:34:4a:de:7b:3a:5e:34:7c:43:
d8:32:c7:cc:e9:9e:ee:6d:20:2b:72:13:d6:09:dc:
6f:47:5d:19:75:57:de:14:9e:d1:ee:f2:76:e5:8b:
e5:13:2e:7b:d0:f2:fb:9d:23:b1:94:35:2b:36:70:
1e:44:2b:3e:dc:6d:3e:23:92:cf:7a:db:db:f5:a7:
c3:8e:b9:f2:36:66:56:43:e6:82:c8:7a:2c:37:f8:
93:09:96:99:61:bb:e8:d0:7b:72:e9:cf:8e:52:13:
2a:68:b2:a7:99:fd:b8:18:12:f1:32:3d:2b:f4:5c:
ac:98:61:5a:13:b0:23:a8:c5:9a:84:3b:40:1c:46:
02:e9:87:30:94:07:60:a2:8b:92:fa:b1:33:d7:bb:
3a:1e:f6:b6:f2:13:76:21:43:e1:42:30:86:48:e6:
4e:c5:9f:be:ce:cc:a0:e3:ff:f1:85:ae:25:7b:84:
33:c4:02:20:b4:6b:44:c7:ed:96:cd:57:c8:4b:ae:
d4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:96:A3:44:FB:AC:A8:2F:54:16:CD:14:59:D1:81:F2:38:2A:0F:73
X509v3 Authority Key Identifier:
keyid:D4:5B:AB:20:86:53:D4:26:1E:BF:20:2F:60:36:33:41:19:84:60:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FurIIZT1CYevyAvYDYzQRmEYFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/0aec1f-6065-4d88-8454-124d3fb3906a/1/OZajRPusqC9UFs0UWdGB8jgqD3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/0aec1f-6065-4d88-8454-124d3fb3906a/1/1FurIIZT1CYevyAvYDYzQRmEYFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.69.0/24
193.37.135.0/24
Signature Algorithm: sha256WithRSAEncryption
50:14:30:ec:82:a1:08:41:76:93:18:d6:98:27:f6:f8:a2:6c:
0d:0f:14:af:f4:bb:2d:01:9a:52:96:52:3b:68:bb:6d:0d:de:
5b:d9:3d:a3:56:53:d9:e6:60:ed:8a:b0:56:21:c1:78:9e:48:
e1:11:9b:d4:31:92:e0:9f:05:b5:99:56:b4:08:4a:e6:28:ab:
d4:62:22:a3:3e:75:23:10:97:3f:0a:7d:51:ef:70:26:02:a7:
19:c0:ab:c7:87:9b:10:f4:91:9f:e4:0b:73:e7:54:b7:b5:a8:
c7:07:b7:7d:95:39:86:e0:83:3d:de:85:47:a6:3d:45:44:24:
1b:8f:05:ee:9d:d1:88:fa:5b:fb:63:97:a1:63:fb:b0:51:b1:
28:47:8f:45:2c:38:26:23:c7:f7:fc:e5:6f:59:c5:5d:de:96:
fd:0f:77:cd:21:8f:5f:b6:1a:17:f6:ec:fc:9f:9f:31:b7:ab:
c1:40:d1:33:7a:0c:14:1c:fd:d4:36:55:35:fa:8e:67:3b:bb:
09:dc:09:bd:a5:b9:3a:fb:7c:39:af:5f:b3:59:03:57:c9:d2:
5c:f7:f3:b0:c8:3e:b6:f6:01:39:b8:bd:8a:0b:c2:70:0c:86:
5d:ca:fc:39:d9:18:30:54:af:2c:11:3d:21:73:46:71:56:40:
b4:1d:f4:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtnkGu0XfamvUTIcbU6FwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJhYjIwODY1M2Q0MjYxZWJmMjAyZjYwMzYzMzQxMTk4
NDYwNTUwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk2YTM0NGZiYWNhODJmNTQxNmNkMTQ1OWQxODFmMjM4MmEwZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+4Yqby0oHMB+JI7WmO7a4P/m7ZM
mMf6+KeIWRpzfZrqCBQ7xjtZJGgObY0AAmeIPdodytI5TLBJTSWks6qCkRs0St57
Ol40fEPYMsfM6Z7ubSArchPWCdxvR10ZdVfeFJ7R7vJ25YvlEy570PL7nSOxlDUr
NnAeRCs+3G0+I5LPetvb9afDjrnyNmZWQ+aCyHosN/iTCZaZYbvo0Hty6c+OUhMq
aLKnmf24GBLxMj0r9FysmGFaE7AjqMWahDtAHEYC6YcwlAdgoouS+rEz17s6Hva2
8hN2IUPhQjCGSOZOxZ++zsyg4//xha4le4QzxAIgtGtEx+2WzVfIS67UYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmWo0T7rKgvVBbNFFnRgfI4Kg9zMB8GA1UdIwQY
MBaAFNRbqyCGU9QmHr8gL2A2M0EZhGBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ1cklJWlQxQ1lldnlBdllEWXpRUm1FWUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wYWVjMWYtNjA2NS00ZDg4LTg0NTQt
MTI0ZDNmYjM5MDZhLzEvT1phalJQdXNxQzlVRnMwVVdkR0I4amdxRDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wYWVjMWYtNjA2NS00ZDg4LTg0NTQtMTI0ZDNmYjM5MDZh
LzEvMUZ1cklJWlQxQ1lldnlBdllEWXpRUm1FWUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuS5FAwQA
wSWHMA0GCSqGSIb3DQEBCwUAA4IBAQBQFDDsgqEIQXaTGNaYJ/b4omwNDxSv9Lst
AZpSllI7aLttDd5b2T2jVlPZ5mDtirBWIcF4nkjhEZvUMZLgnwW1mVa0CErmKKvU
YiKjPnUjEJc/Cn1R73AmAqcZwKvHh5sQ9JGf5Atz51S3tajHB7d9lTmG4IM93oVH
pj1FRCQbjwXundGI+lv7Y5ehY/uwUbEoR49FLDgmI8f3/OVvWcVd3pb9D3fNIY9f
thoX9uz8n58xt6vBQNEzegwUHP3UNlU1+o5nO7sJ3Am9pbk6+3w5r1+zWQNXydJc
9/OwyD629gE5uL2KC8JwDIZdyvw52RgwVK8sET0hc0ZxVkC0HfQb
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:53:47 2025 by rpki-client