Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/omwRpSma_MSJD1EEBBe2PAucn8E.roa
File: omwRpSma_MSJD1EEBBe2PAucn8E.roa (raw, json)
Hash identifier: q2z6I18z5UFWUbOdBBc0oDU7cawtFGGvAZy943NWj4s=
Subject key identifier: A2:6C:11:A5:29:9A:FC:C4:89:0F:51:04:04:17:B6:3C:0B:9C:9F:C1
Certificate issuer: /CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Certificate serial: 018CC94D9D778832C6491789D9A915A3CC3C
Authority key identifier: 47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/omwRpSma_MSJD1EEBBe2PAucn8E.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20694
IP address blocks: 185.45.110.0/23 maxlen: 23
46.30.24.0/21 maxlen: 21
2a02:22f0:12::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9d:77:88:32:c6:49:17:89:d9:a9:15:a3:cc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a26c11a5299afcc4890f51040417b63c0b9c9fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:52:2d:e6:f1:9d:b7:36:8d:70:7e:55:0a:f4:
d4:ef:38:da:10:9a:77:d5:76:13:c0:31:cd:63:71:
a6:8d:39:7b:e6:93:3a:19:e1:5c:55:3c:9a:85:a0:
73:3f:39:bb:96:19:fa:f0:58:d5:79:b4:a7:79:ad:
c8:e0:61:04:28:03:a6:8b:5d:5b:8f:df:ea:be:25:
5f:dc:fd:93:87:04:54:9b:c2:0c:2c:81:a3:8c:88:
f7:a1:67:50:6a:5f:29:df:9a:49:11:ca:05:4f:9d:
be:35:67:77:d4:fe:23:7e:cc:60:82:8e:12:43:57:
68:f7:fe:f3:e5:4c:ad:4c:62:41:9c:9b:c7:be:7c:
7d:0d:84:69:9b:07:f8:94:35:d7:11:61:e9:79:90:
3e:92:10:e1:17:ec:4e:11:f9:a2:b5:05:68:8a:69:
1a:4f:99:aa:0d:a5:da:10:b5:7f:30:a1:7f:cf:52:
f5:d5:e2:45:be:9a:eb:d8:f9:b8:39:42:77:2f:30:
97:f2:b3:98:2f:85:4a:d1:35:b3:27:9f:af:ee:82:
56:c6:df:d1:43:98:25:80:65:5d:ec:bb:70:9f:d9:
15:57:01:b0:ba:80:8d:8f:9b:35:18:f7:01:c0:44:
18:40:fb:90:3d:7d:0c:ac:88:54:98:a8:f8:4a:86:
8f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:11:A5:29:9A:FC:C4:89:0F:51:04:04:17:B6:3C:0B:9C:9F:C1
X509v3 Authority Key Identifier:
keyid:47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/omwRpSma_MSJD1EEBBe2PAucn8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/R2bG2a0hzUEYoESCZNb7NdVfFMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.24.0/21
185.45.110.0/23
IPv6:
2a02:22f0:12::/48
Signature Algorithm: sha256WithRSAEncryption
56:63:43:8e:df:11:df:a1:fc:1e:fc:e5:31:ff:1a:b3:7a:45:
60:3f:53:7f:53:9b:41:09:3b:ec:20:8c:7e:29:ef:43:3c:a8:
6b:35:47:7b:b1:61:19:ed:05:74:0f:12:29:27:1b:ea:50:40:
4d:61:a4:f0:35:56:d3:6c:e2:b7:2e:5c:55:0f:d9:2e:bb:09:
b7:de:6d:3f:85:4b:0a:b6:d7:2c:b3:b4:03:ef:1e:cb:50:90:
30:e3:23:ea:d6:b7:20:d1:25:c8:77:fa:7c:5c:eb:25:75:8d:
10:76:60:3f:10:4a:af:fc:17:2f:99:4a:7f:c0:12:08:71:ff:
b9:36:00:b8:ec:70:2d:21:01:a3:5a:5c:49:fe:5a:03:23:e8:
73:8a:6e:8f:ba:52:60:d4:76:ab:cf:16:1b:50:45:ee:1f:73:
3a:5b:0d:b6:0c:cd:0f:25:2a:d0:ab:05:85:99:b4:51:6a:a4:
5b:76:61:6d:0a:c7:c4:de:90:f8:42:cf:23:9b:22:3d:05:f3:
fb:8c:37:74:09:a8:cb:e3:80:c0:5c:f1:28:5d:ab:4b:8f:87:
2d:78:35:18:e3:ea:4e:55:2b:86:5f:36:be:75:28:00:ea:77:
ef:77:54:ed:0c:6a:76:f9:ce:ab:e2:10:1f:17:ec:db:16:65:
e3:e3:6b:ea
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTZ13iDLGSReJ2akVo8w8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjZjNmQ5YWQyMWNkNDExOGEwNDQ4MjY0ZDZmYjM1ZDU1
ZjE0YzAwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZjMTFhNTI5OWFmY2M0ODkwZjUxMDQwNDE3YjYzYzBiOWM5ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslIt5vGdtzaNcH5VCvTU7zjaEJp3
1XYTwDHNY3GmjTl75pM6GeFcVTyahaBzPzm7lhn68FjVebSnea3I4GEEKAOmi11b
j9/qviVf3P2ThwRUm8IMLIGjjIj3oWdQal8p35pJEcoFT52+NWd31P4jfsxggo4S
Q1do9/7z5UytTGJBnJvHvnx9DYRpmwf4lDXXEWHpeZA+khDhF+xOEfmitQVoimka
T5mqDaXaELV/MKF/z1L11eJFvprr2Pm4OUJ3LzCX8rOYL4VK0TWzJ5+v7oJWxt/R
Q5glgGVd7Ltwn9kVVwGwuoCNj5s1GPcBwEQYQPuQPX0MrIhUmKj4SoaPmQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKJsEaUpmvzEiQ9RBAQXtjwLnJ/BMB8GA1UdIwQY
MBaAFEdmxtmtIc1BGKBEgmTW+zXVXxTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMt
ZjVlYzQwM2ZkYWNmLzEvb213UnBTbWFfTVNKRDFFRUJCZTJQQXVjbjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMtZjVlYzQwM2ZkYWNm
LzEvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDLh4YAwQB
uS1uMA8EAgACMAkDBwAqAiLwABIwDQYJKoZIhvcNAQELBQADggEBAFZjQ47fEd+h
/B785TH/GrN6RWA/U39Tm0EJO+wgjH4p70M8qGs1R3uxYRntBXQPEiknG+pQQE1h
pPA1VtNs4rcuXFUP2S67CbfebT+FSwq21yyztAPvHstQkDDjI+rWtyDRJch3+nxc
6yV1jRB2YD8QSq/8Fy+ZSn/AEghx/7k2ALjscC0hAaNaXEn+WgMj6HOKbo+6UmDU
dqvPFhtQRe4fczpbDbYMzQ8lKtCrBYWZtFFqpFt2YW0Kx8TekPhCzyObIj0F8/uM
N3QJqMvjgMBc8Shdq0uPhy14NRjj6k5VK4ZfNr51KADqd+93VO0Manb5zqviEB8X
7NsWZePja+o=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:54 2025 by rpki-client