Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/2otg_pOatyPKNdYl6dbKF7Bfq1M.roa
File: 2otg_pOatyPKNdYl6dbKF7Bfq1M.roa (raw, json)
Hash identifier: zo23hno8xDkmv/Rl/iRCuYmAYuV8gNNfxXrod9pBH78=
Subject key identifier: DA:8B:60:FE:93:9A:B7:23:CA:35:D6:25:E9:D6:CA:17:B0:5F:AB:53
Certificate issuer: /CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Certificate serial: 01942143F38252B43BE16464375540CBD6D7
Authority key identifier: EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/2otg_pOatyPKNdYl6dbKF7Bfq1M.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203712
IP address blocks: 37.18.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 22:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f3:82:52:b4:3b:e1:64:64:37:55:40:cb:d6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf36087c3fcecfb006f518d7811b255ea57c90d
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da8b60fe939ab723ca35d625e9d6ca17b05fab53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:81:35:0e:ee:92:16:6c:95:50:81:4d:52:
c3:b8:c4:7a:f8:1f:18:d7:80:21:29:fe:48:01:49:
ef:17:1b:d2:51:07:5b:e2:8d:a4:f0:55:18:6d:41:
a2:f9:7c:ee:78:05:2c:49:e7:73:5d:47:8b:0c:26:
6c:40:65:fc:94:cb:75:1f:af:eb:eb:32:59:c7:87:
d5:27:c2:f9:43:49:7d:02:ae:1c:14:e1:98:21:39:
0b:0f:b3:46:e1:c3:2a:7d:5a:91:1d:11:0a:a0:c4:
c1:c0:14:82:4b:46:7c:92:63:e5:01:5d:76:fc:4c:
ea:64:ba:5c:cc:37:7d:59:e5:a6:0b:42:24:91:52:
fa:f2:91:6b:af:25:a6:a4:2c:91:cd:15:48:8e:94:
25:35:01:87:9d:db:ae:9f:c8:4b:2f:55:40:fc:0e:
8e:1a:07:1c:2a:f8:e2:a8:51:e4:c8:2f:2b:c2:56:
e2:12:5b:aa:33:4d:7b:af:66:14:f7:4c:f4:7c:c2:
6c:a1:5a:f3:85:be:d1:25:7d:ab:c0:04:e2:1c:ae:
76:f2:cd:13:ed:dc:0e:35:1d:0d:f9:0c:d4:da:c9:
0d:d4:c4:ec:f5:a6:0d:7e:ad:22:61:a4:aa:d3:58:
bf:23:cd:bf:2f:eb:25:7d:41:8b:07:ac:91:03:6d:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8B:60:FE:93:9A:B7:23:CA:35:D6:25:E9:D6:CA:17:B0:5F:AB:53
X509v3 Authority Key Identifier:
keyid:EB:F3:60:87:C3:FC:EC:FB:00:6F:51:8D:78:11:B2:55:EA:57:C9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_Ngh8P87PsAb1GNeBGyVepXyQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/2otg_pOatyPKNdYl6dbKF7Bfq1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/46431e-4951-4e1a-9195-68a4551f68a8/1/6_Ngh8P87PsAb1GNeBGyVepXyQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.132.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:14:e9:8e:ad:7a:83:02:9f:f7:0a:ff:b2:4c:a0:7b:7c:cc:
2e:83:57:c4:cd:03:40:b6:21:ce:c8:f6:99:16:5f:fc:dd:d2:
25:cd:94:e4:41:ce:a5:84:79:7e:b6:ac:d7:b6:02:e2:d5:7c:
47:ba:72:50:94:b6:0f:2c:61:6c:17:2d:44:9f:24:de:09:06:
83:a2:77:8d:b9:dc:9d:8d:62:e9:b2:c5:c8:6b:c2:8f:3b:bb:
68:94:03:2c:f4:7f:c4:ac:4b:4e:b3:9c:77:fa:3e:93:d6:f3:
30:4a:67:da:d9:bc:31:99:61:a7:38:54:c2:71:39:1d:25:a5:
6c:5c:6f:25:0a:73:3a:58:43:b6:1c:f7:f6:9e:84:79:5a:a7:
0a:ca:c9:ee:bc:08:c2:46:b8:16:a6:fa:de:a9:7d:aa:1a:d6:
56:ba:6b:26:db:b7:62:9e:8c:72:38:50:df:92:5a:c8:38:2e:
e0:cf:fb:59:22:1c:fc:bf:a0:86:e3:85:73:89:d5:38:5c:e7:
13:fd:4e:d3:7f:92:9e:21:be:fc:46:1a:ca:9e:c6:a0:fd:2d:
a5:59:10:9d:fc:9c:e0:00:cc:e5:27:ad:9a:ce:30:62:4c:74:
7c:5d:c4:58:07:59:fb:d9:bc:f3:1f:80:0f:3a:ad:b4:4d:26:
71:6e:45:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/OCUrQ74WRkN1VAy9bXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjM2MDg3YzNmY2VjZmIwMDZmNTE4ZDc4MTFiMjU1ZWE1
N2M5MGQwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThiNjBmZTkzOWFiNzIzY2EzNWQ2MjVlOWQ2Y2ExN2IwNWZhYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfSBNQ7ukhZslVCBTVLDuMR6+B8Y
14AhKf5IAUnvFxvSUQdb4o2k8FUYbUGi+XzueAUsSedzXUeLDCZsQGX8lMt1H6/r
6zJZx4fVJ8L5Q0l9Aq4cFOGYITkLD7NG4cMqfVqRHREKoMTBwBSCS0Z8kmPlAV12
/EzqZLpczDd9WeWmC0IkkVL68pFrryWmpCyRzRVIjpQlNQGHnduun8hLL1VA/A6O
GgccKvjiqFHkyC8rwlbiEluqM017r2YU90z0fMJsoVrzhb7RJX2rwATiHK528s0T
7dwONR0N+QzU2skN1MTs9aYNfq0iYaSq01i/I82/L+slfUGLB6yRA21ETQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqLYP6TmrcjyjXWJenWyhewX6tTMB8GA1UdIwQY
MBaAFOvzYIfD/Oz7AG9RjXgRslXqV8kNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUt
NjhhNDU1MWY2OGE4LzEvMm90Z19wT2F0eVBLTmRZbDZkYktGN0JmcTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80NjQzMWUtNDk1MS00ZTFhLTkxOTUtNjhhNDU1MWY2OGE4
LzEvNl9OZ2g4UDg3UHNBYjFHTmVCR3lWZXBYeVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJRKEMA0G
CSqGSIb3DQEBCwUAA4IBAQA8FOmOrXqDAp/3Cv+yTKB7fMwug1fEzQNAtiHOyPaZ
Fl/83dIlzZTkQc6lhHl+tqzXtgLi1XxHunJQlLYPLGFsFy1EnyTeCQaDoneNudyd
jWLpssXIa8KPO7tolAMs9H/ErEtOs5x3+j6T1vMwSmfa2bwxmWGnOFTCcTkdJaVs
XG8lCnM6WEO2HPf2noR5WqcKysnuvAjCRrgWpvreqX2qGtZWumsm27dinoxyOFDf
klrIOC7gz/tZIhz8v6CG44VzidU4XOcT/U7Tf5KeIb78RhrKnsag/S2lWRCd/Jzg
AMzlJ62azjBiTHR8XcRYB1n72bzzH4APOq20TSZxbkUT
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:09:59 2025 by rpki-client