Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/OC4Uwb6Q5kJno2ZoIyHvySKw6nE.roa
File: OC4Uwb6Q5kJno2ZoIyHvySKw6nE.roa (raw, json)
Hash identifier: Fhzek0bV1WEoR+uZe5kkOvhCOnecsM7zDF1ScprjRNs=
Subject key identifier: 38:2E:14:C1:BE:90:E6:42:67:A3:66:68:23:21:EF:C9:22:B0:EA:71
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018EC96BC4A5183B66140CB3F42F5E52254B
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/OC4Uwb6Q5kJno2ZoIyHvySKw6nE.roa
Signing time: Wed 10 Apr 2024 19:11:06 +0000
ROA not before: Wed 10 Apr 2024 19:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 87.236.165.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:6b:c4:a5:18:3b:66:14:0c:b3:f4:2f:5e:52:25:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Apr 10 19:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=382e14c1be90e64267a366682321efc922b0ea71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:61:d9:19:c3:3b:ae:50:42:a3:3d:06:a0:f3:
16:39:66:28:2a:13:e1:94:04:cd:bd:fa:bb:32:de:
a2:94:cd:69:76:6f:3d:54:ab:80:c9:6d:c9:5d:77:
76:48:fe:15:92:b1:1c:05:9e:1a:1c:0e:3d:81:72:
72:1f:c9:1d:9b:65:ec:8a:55:52:01:45:9b:cf:7f:
f7:a0:eb:c9:ff:f4:4f:d1:df:89:d2:b6:41:1b:a9:
bb:8e:26:76:3b:ba:b2:fc:b0:c3:f6:c3:15:d3:44:
b7:70:63:2c:3f:68:1a:21:a3:99:1e:4f:64:fe:20:
98:a4:b8:fe:5d:24:28:62:ed:20:48:b5:ad:0e:2b:
51:44:2a:5c:7a:e4:27:77:c8:68:90:4d:c4:8d:8a:
1a:98:61:82:c8:5a:70:11:e1:9b:da:12:c2:0c:49:
4a:67:43:ea:cf:50:36:18:94:e5:49:4d:81:9c:06:
1e:31:d6:96:9b:cd:79:08:30:d7:29:b9:58:f9:04:
a5:0d:b1:ce:c0:40:58:e3:90:a8:02:73:8b:92:ff:
ac:46:ce:52:4c:b9:8b:c0:16:cf:ea:d2:8a:a5:fd:
b0:33:af:5a:1d:36:a9:01:b8:58:e4:4f:a8:aa:ae:
c7:cd:c3:d9:39:80:04:8b:ae:58:72:e0:e8:c4:ac:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2E:14:C1:BE:90:E6:42:67:A3:66:68:23:21:EF:C9:22:B0:EA:71
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/OC4Uwb6Q5kJno2ZoIyHvySKw6nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.165.0/24
Signature Algorithm: sha256WithRSAEncryption
88:39:db:11:64:e4:59:08:05:88:5f:49:61:9e:6f:9a:f6:42:
29:e5:2a:95:39:18:af:49:54:19:d5:88:1e:e5:b6:d6:9a:8f:
9f:b6:20:a2:88:7d:6c:9c:8f:ed:7a:02:68:b8:00:1d:f8:78:
82:86:26:d1:6e:31:05:4c:3d:ba:8f:8e:5b:ba:0d:51:b1:75:
86:aa:77:c7:67:32:3d:cc:df:72:d0:71:6e:60:d9:a7:0f:29:
aa:49:cf:9e:b2:20:ea:20:d6:df:d8:d8:7e:3e:d8:93:de:44:
18:f1:24:2a:4e:c0:5b:58:ad:67:71:a7:54:d6:bc:b5:ad:0a:
73:ca:dc:f6:2a:0b:87:6b:09:64:06:bc:80:8a:66:0e:a9:cf:
8c:6f:72:08:e6:dd:b9:80:f8:82:fd:e2:d6:0d:40:9c:ca:f3:
31:7a:80:a1:7c:64:49:bd:3c:5d:9e:04:81:74:70:21:92:63:
6a:6e:65:3a:d3:63:22:3a:b4:7b:51:7b:e9:ed:dc:d0:26:75:
ad:16:b4:b3:50:aa:8a:79:ba:ee:73:e3:7f:5d:0d:65:b3:bd:
79:82:1a:3c:38:97:fb:a3:95:8a:61:66:a1:dc:bf:9d:7d:1f:
29:89:5a:04:9f:ea:76:10:91:70:4f:50:80:85:57:91:4f:f7:
bd:5b:e1:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7Ja8SlGDtmFAyz9C9eUiVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwNDEwMTkxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODJlMTRjMWJlOTBlNjQyNjdhMzY2NjgyMzIxZWZjOTIyYjBlYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmHZGcM7rlBCoz0GoPMWOWYoKhPh
lATNvfq7Mt6ilM1pdm89VKuAyW3JXXd2SP4VkrEcBZ4aHA49gXJyH8kdm2XsilVS
AUWbz3/3oOvJ//RP0d+J0rZBG6m7jiZ2O7qy/LDD9sMV00S3cGMsP2gaIaOZHk9k
/iCYpLj+XSQoYu0gSLWtDitRRCpceuQnd8hokE3EjYoamGGCyFpwEeGb2hLCDElK
Z0Pqz1A2GJTlSU2BnAYeMdaWm815CDDXKblY+QSlDbHOwEBY45CoAnOLkv+sRs5S
TLmLwBbP6tKKpf2wM69aHTapAbhY5E+oqq7HzcPZOYAEi65YcuDoxKyCCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDguFMG+kOZCZ6NmaCMh78kisOpxMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvT0M0VXdiNlE1a0pubzJab0l5SHZ5U0t3Nm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ylMA0G
CSqGSIb3DQEBCwUAA4IBAQCIOdsRZORZCAWIX0lhnm+a9kIp5SqVORivSVQZ1Yge
5bbWmo+ftiCiiH1snI/tegJouAAd+HiChibRbjEFTD26j45bug1RsXWGqnfHZzI9
zN9y0HFuYNmnDymqSc+esiDqINbf2Nh+PtiT3kQY8SQqTsBbWK1ncadU1ry1rQpz
ytz2KguHawlkBryAimYOqc+Mb3II5t25gPiC/eLWDUCcyvMxeoChfGRJvTxdngSB
dHAhkmNqbmU602MiOrR7UXvp7dzQJnWtFrSzUKqKebruc+N/XQ1ls715gho8OJf7
o5WKYWah3L+dfR8piVoEn+p2EJFwT1CAhVeRT/e9W+Ev
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:30 2025 by rpki-client