Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/oYRYWJhCTRZ8qyuevOxDGR6H8I4.roa
File: oYRYWJhCTRZ8qyuevOxDGR6H8I4.roa (raw, json)
Hash identifier: GV20ahooJgc6q3w/b7ddBykE2FdpJWricR+KGwUzA30=
Subject key identifier: A1:84:58:58:98:42:4D:16:7C:AB:2B:9E:BC:EC:43:19:1E:87:F0:8E
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 01938CC7454C34B446DD93A2324A5BD80B8A
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/oYRYWJhCTRZ8qyuevOxDGR6H8I4.roa
Signing time: Tue 03 Dec 2024 13:48:09 +0000
ROA not before: Tue 03 Dec 2024 13:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
91.197.108.0/22 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.174.64.0/22 maxlen: 24
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
2001:4c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Dec 2024 18:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:c7:45:4c:34:b4:46:dd:93:a2:32:4a:5b:d8:0b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 3 13:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a184585898424d167cab2b9ebcec43191e87f08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:2f:90:da:bc:2a:46:86:2c:f4:4f:6b:9d:
91:9b:1e:a5:04:00:da:84:e3:12:58:7d:fd:1a:dd:
01:17:d9:05:28:c9:fe:3c:f5:04:f3:0d:fd:48:e1:
de:f4:61:89:82:be:12:e7:5a:55:36:ef:97:46:d9:
a3:0d:db:78:5d:c0:50:ec:43:c9:c4:18:d1:cb:8d:
38:ba:05:f4:c6:2b:30:68:18:ce:db:4e:b0:58:16:
66:25:67:ec:b5:05:aa:85:b5:41:b8:cb:2d:d3:ac:
16:c3:4b:80:95:f0:9e:cb:c1:69:7e:ca:e8:09:5b:
9e:51:5f:bb:27:f4:fd:fd:00:b9:94:de:3c:c4:85:
46:b3:65:78:9b:6f:a0:3b:5f:fe:69:9f:4b:26:ea:
59:c3:4c:19:10:86:16:fd:f2:42:70:a3:a9:d5:36:
ae:cb:02:6f:f2:9b:50:d9:46:97:4e:3d:ff:41:98:
7d:d6:29:5a:45:9b:e3:52:d9:95:b7:55:ee:66:b1:
d3:ad:54:74:a9:2e:df:42:b1:37:50:48:db:37:a7:
8b:12:44:1a:f0:57:94:34:17:22:25:a9:f6:c9:ca:
56:bf:1a:64:bc:57:48:fa:6c:a2:f7:a4:2d:22:ef:
47:e1:22:aa:1e:3d:ba:08:9a:27:ff:0e:b8:48:22:
2e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:84:58:58:98:42:4D:16:7C:AB:2B:9E:BC:EC:43:19:1E:87:F0:8E
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/oYRYWJhCTRZ8qyuevOxDGR6H8I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/24
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.174.64.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
213.193.200.0/21
213.193.224.0/21
IPv6:
2001:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
68:fe:aa:c6:52:8e:74:83:9e:92:9f:a0:a1:bf:1a:c0:4b:5c:
5e:d3:12:5b:2f:46:98:23:72:8e:a3:a2:99:a5:d9:20:e0:6b:
4a:25:1f:82:51:72:f9:14:8b:2e:f8:23:18:b2:34:f7:ff:2a:
a4:e9:39:e0:bd:38:a7:a4:68:9c:03:f4:d2:c4:a6:1d:b5:60:
6e:72:f9:b6:0c:39:33:6f:cb:54:49:13:8b:e8:7a:cc:c1:a1:
57:5f:57:d0:1d:fc:47:7f:a4:0c:2f:d5:a5:14:21:0c:67:bd:
27:75:9a:81:e5:4d:14:b5:90:f0:8b:9f:da:66:ac:7c:12:1b:
77:c4:19:3b:a2:9d:20:55:b5:80:27:5c:11:36:86:ca:a3:1f:
f9:a7:2c:0f:0f:a3:bc:ad:b4:1c:96:e4:3d:bd:cb:24:47:61:
fe:13:6f:94:5f:1b:b6:23:25:c3:b5:68:50:92:88:54:1f:0d:
2e:19:86:fd:b8:6a:6a:92:ac:44:99:59:24:6a:da:b6:fa:71:
7c:fb:69:a7:27:ec:62:2b:88:81:b7:35:97:ec:19:88:13:b7:
7f:f8:1b:6b:f3:52:e9:3a:7f:c5:71:44:6e:bd:22:dd:20:60:
8f:10:f8:ed:a8:d8:d9:c9:1a:47:5a:f9:d5:e8:24:30:cb:65:
00:7a:5a:f7
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZOMx0VMNLRG3ZOiMkpb2AuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAzMTM0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg0NTg1ODk4NDI0ZDE2N2NhYjJiOWViY2VjNDMxOTFlODdmMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAsvkNq8KkaGLPRPa52Rmx6lBADa
hOMSWH39Gt0BF9kFKMn+PPUE8w39SOHe9GGJgr4S51pVNu+XRtmjDdt4XcBQ7EPJ
xBjRy404ugX0xiswaBjO206wWBZmJWfstQWqhbVBuMst06wWw0uAlfCey8Fpfsro
CVueUV+7J/T9/QC5lN48xIVGs2V4m2+gO1/+aZ9LJupZw0wZEIYW/fJCcKOp1Tau
ywJv8ptQ2UaXTj3/QZh91ilaRZvjUtmVt1XuZrHTrVR0qS7fQrE3UEjbN6eLEkQa
8FeUNBciJan2ycpWvxpkvFdI+myi96QtIu9H4SKqHj26CJon/w64SCIuDwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFKGEWFiYQk0WfKsrnrzsQxkeh/COMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvb1lSWVdKaENUUlo4cXl1ZXZPeERHUjZIOEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAMu
8xgDBANOKUADBAVSkmADBANVntADBANX7QgDBAVYUiADBANZIxADBARZ+rADBAJb
xWwDBAVejKADBABenvgDBAOyhAgDBAK5LwADBAK5MGQDBAK5TrQDBAK5UeADBAK5
rkADBAO8QEgDBAa8dgADBAHDbjYDBAPVwcgDBAPVweAwDQQCAAIwBwMFACABTEAw
DQYJKoZIhvcNAQELBQADggEBAGj+qsZSjnSDnpKfoKG/GsBLXF7TElsvRpgjco6j
opml2SDga0olH4JRcvkUiy74IxiyNPf/KqTpOeC9OKekaJwD9NLEph21YG5y+bYM
OTNvy1RJE4voeszBoVdfV9Ad/Ed/pAwv1aUUIQxnvSd1moHlTRS1kPCLn9pmrHwS
G3fEGTuinSBVtYAnXBE2hsqjH/mnLA8Po7yttByW5D29yyRHYf4Tb5RfG7YjJcO1
aFCSiFQfDS4Zhv24amqSrESZWSRq2rb6cXz7aacn7GIriIG3NZfsGYgTt3/4G2vz
Uuk6f8VxRG69It0gYI8Q+O2o2NnJGkda+dXoJDDLZQB6Wvc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:16 2025 by rpki-client