Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/f4f0d5-7e43-46be-b092-5ba501e0b370/1/otOV2Kha4BBD0jNfnDoNUF1Q0Ww.roa
File: otOV2Kha4BBD0jNfnDoNUF1Q0Ww.roa (raw, json)
Hash identifier: 2vsa7yNSzL3L+wm/oGRGnr3A36z6oa1KPJJavXg30B0=
Subject key identifier: A2:D3:95:D8:A8:5A:E0:10:43:D2:33:5F:9C:3A:0D:50:5D:50:D1:6C
Certificate issuer: /CN=d7cef75e097a631886b33c81f64aa5ebbc0c32a0
Certificate serial: 019039B706A13C8E378121C9F94092F74ADA
Authority key identifier: D7:CE:F7:5E:09:7A:63:18:86:B3:3C:81:F6:4A:A5:EB:BC:0C:32:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1873Xgl6YxiGszyB9kql67wMMqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/f4f0d5-7e43-46be-b092-5ba501e0b370/1/otOV2Kha4BBD0jNfnDoNUF1Q0Ww.roa
Signing time: Fri 21 Jun 2024 07:33:34 +0000
ROA not before: Fri 21 Jun 2024 07:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8365
IP address blocks: 130.83.0.0/16 maxlen: 16
193.23.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:b7:06:a1:3c:8e:37:81:21:c9:f9:40:92:f7:4a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7cef75e097a631886b33c81f64aa5ebbc0c32a0
Validity
Not Before: Jun 21 07:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2d395d8a85ae01043d2335f9c3a0d505d50d16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:48:f0:c7:2e:a0:54:37:fa:b4:2c:23:72:0c:
73:60:1b:bd:48:19:49:35:3f:cc:86:6e:b0:48:21:
7c:f8:0a:42:9d:e6:fa:31:6e:08:e8:8c:5a:9f:a0:
e6:77:00:de:db:ba:59:81:d8:4c:6a:38:64:50:c7:
c1:c0:d7:14:92:af:dc:50:f7:af:4f:9d:f1:b0:fd:
26:1d:08:7c:a1:25:6c:f1:95:1e:9f:d9:f2:03:8e:
13:0b:38:ba:5c:e2:f2:58:bf:ff:15:b9:dd:b3:38:
4a:1b:6d:e8:dd:e7:96:a0:72:a1:ad:a3:d7:7a:ff:
3a:f3:e1:df:99:f3:23:ac:a0:47:49:c6:b0:51:8c:
eb:50:64:23:7a:41:f2:18:52:15:ea:24:1c:80:60:
94:ab:55:0c:aa:94:34:75:d0:26:31:9f:52:a3:ff:
57:81:42:e5:f5:4b:92:39:ce:c2:f9:10:0d:c6:ec:
9c:d5:ae:5a:28:b4:6f:1d:25:47:d0:ad:b4:7e:8a:
94:ba:bf:16:1d:20:7e:3a:87:e2:a8:6e:e6:79:ff:
ef:de:b1:0e:ca:8b:ae:da:02:ca:be:10:7d:91:ed:
83:71:4b:fe:81:5e:9a:64:64:e7:44:e2:9f:47:78:
59:bf:93:5c:f5:92:03:5e:de:0b:4e:e3:22:00:ee:
91:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:95:D8:A8:5A:E0:10:43:D2:33:5F:9C:3A:0D:50:5D:50:D1:6C
X509v3 Authority Key Identifier:
keyid:D7:CE:F7:5E:09:7A:63:18:86:B3:3C:81:F6:4A:A5:EB:BC:0C:32:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1873Xgl6YxiGszyB9kql67wMMqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/f4f0d5-7e43-46be-b092-5ba501e0b370/1/otOV2Kha4BBD0jNfnDoNUF1Q0Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/f4f0d5-7e43-46be-b092-5ba501e0b370/1/1873Xgl6YxiGszyB9kql67wMMqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.83.0.0/16
193.23.248.0/24
Signature Algorithm: sha256WithRSAEncryption
12:99:26:c7:bc:25:de:6a:45:71:37:66:27:cb:e5:c4:a5:1f:
39:f2:c5:57:1b:1a:51:b5:20:a0:b4:e7:a9:53:4f:d0:06:7e:
06:c2:0e:36:f3:50:7c:6d:3c:da:16:67:0f:8a:b5:8d:2a:84:
77:81:a1:65:bc:0f:32:08:ea:97:9a:25:7b:47:0b:8a:93:36:
25:17:3d:5a:37:d1:af:ad:d2:8d:43:7f:88:74:9f:71:1e:dd:
ad:bb:2a:4b:af:46:22:df:f7:8a:40:f3:34:29:47:bc:06:80:
66:61:15:a6:cc:8b:69:e7:8c:a3:39:d7:69:11:b1:af:2d:4b:
7c:8c:89:28:1a:86:bc:1a:19:33:df:b3:21:3e:3f:1e:5f:7c:
23:e8:f6:3a:be:eb:4e:48:99:18:7e:87:3a:7f:2a:a0:a5:34:
14:4e:6c:41:21:54:ab:9e:7b:c9:f2:10:30:fb:77:78:34:de:
85:5c:b2:18:42:2e:bb:e5:04:ed:9b:0d:6e:48:aa:34:1e:6c:
40:eb:0f:1d:87:5b:57:72:d5:d5:cd:1c:8e:de:02:90:a5:fe:
92:c3:92:32:b6:38:02:31:7d:fd:82:d6:7f:de:16:76:2c:57:
c3:41:6a:3c:5a:72:4a:2e:56:fc:7b:a3:30:84:e4:43:26:4b:
2d:84:c5:d4
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZA5twahPI43gSHJ+UCS90raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Y2VmNzVlMDk3YTYzMTg4NmIzM2M4MWY2NGFhNWViYmMw
YzMyYTAwHhcNMjQwNjIxMDczMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQzOTVkOGE4NWFlMDEwNDNkMjMzNWY5YzNhMGQ1MDVkNTBkMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0jwxy6gVDf6tCwjcgxzYBu9SBlJ
NT/Mhm6wSCF8+ApCneb6MW4I6Ixan6DmdwDe27pZgdhMajhkUMfBwNcUkq/cUPev
T53xsP0mHQh8oSVs8ZUen9nyA44TCzi6XOLyWL//FbndszhKG23o3eeWoHKhraPX
ev868+HfmfMjrKBHScawUYzrUGQjekHyGFIV6iQcgGCUq1UMqpQ0ddAmMZ9So/9X
gULl9UuSOc7C+RANxuyc1a5aKLRvHSVH0K20foqUur8WHSB+OofiqG7mef/v3rEO
youu2gLKvhB9ke2DcUv+gV6aZGTnROKfR3hZv5Nc9ZIDXt4LTuMiAO6RkQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKLTldioWuAQQ9IzX5w6DVBdUNFsMB8GA1UdIwQY
MBaAFNfO914JemMYhrM8gfZKpeu8DDKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTg3M1hnbDZZeGlHc3p5QjlrcWw2N3dNTXFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9mNGYwZDUtN2U0My00NmJlLWIwOTIt
NWJhNTAxZTBiMzcwLzEvb3RPVjJLaGE0QkJEMGpOZm5Eb05VRjFRMFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9mNGYwZDUtN2U0My00NmJlLWIwOTItNWJhNTAxZTBiMzcw
LzEvMTg3M1hnbDZZeGlHc3p5QjlrcWw2N3dNTXFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAglMDBADB
F/gwDQYJKoZIhvcNAQELBQADggEBABKZJse8Jd5qRXE3ZifL5cSlHznyxVcbGlG1
IKC056lTT9AGfgbCDjbzUHxtPNoWZw+KtY0qhHeBoWW8DzII6peaJXtHC4qTNiUX
PVo30a+t0o1Df4h0n3Ee3a27KkuvRiLf94pA8zQpR7wGgGZhFabMi2nnjKM512kR
sa8tS3yMiSgahrwaGTPfsyE+Px5ffCPo9jq+605ImRh+hzp/KqClNBRObEEhVKue
e8nyEDD7d3g03oVcshhCLrvlBO2bDW5IqjQebEDrDx2HW1dy1dXNHI7eApCl/pLD
kjK2OAIxff2C1n/eFnYsV8NBajxackouVvx7ozCE5EMmSy2ExdQ=
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:25:21 2025 by rpki-client