Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/o_no3uPzC_QLtG8YXLXOUH64mCg.roa
File: o_no3uPzC_QLtG8YXLXOUH64mCg.roa (raw, json)
Hash identifier: mgyNkd+RIY4aUEgudP424q1GOIjFVBtk1u6xPY8kacA=
Subject key identifier: A3:F9:E8:DE:E3:F3:0B:F4:0B:B4:6F:18:5C:B5:CE:50:7E:B8:98:28
Certificate issuer: /CN=7ec5d4828dc34199ef717cc03a48a0074c1443b8
Certificate serial: 018CC5DCF51C1D0BA643E3D4FF04DED5A1FE
Authority key identifier: 7E:C5:D4:82:8D:C3:41:99:EF:71:7C:C0:3A:48:A0:07:4C:14:43:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsXUgo3DQZnvcXzAOkigB0wUQ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/o_no3uPzC_QLtG8YXLXOUH64mCg.roa
Signing time: Mon 01 Jan 2024 16:30:41 +0000
ROA not before: Mon 01 Jan 2024 16:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39071
IP address blocks: 195.66.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:f5:1c:1d:0b:a6:43:e3:d4:ff:04:de:d5:a1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec5d4828dc34199ef717cc03a48a0074c1443b8
Validity
Not Before: Jan 1 16:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f9e8dee3f30bf40bb46f185cb5ce507eb89828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:15:04:69:4a:c5:81:73:33:23:05:b3:33:c2:
ac:9a:56:a8:f6:19:5d:2a:1b:5e:ee:a1:9b:99:a4:
34:55:c6:07:8d:ae:ba:fd:d8:ce:44:b8:d2:70:c4:
7a:3a:c9:71:be:04:77:6c:e8:bf:f1:f0:ea:68:a5:
85:e1:a7:24:2f:0f:0b:9c:c7:9b:01:9d:8d:8e:91:
d0:fc:35:4a:9c:31:ca:ba:21:e1:00:3d:88:84:2c:
45:97:4e:75:c7:6b:5f:a6:c4:ad:e2:bf:b9:f9:a2:
07:dc:6b:18:07:f2:29:89:61:49:35:49:7e:c2:bf:
4f:b4:ad:53:c4:7d:77:81:75:4b:dd:5f:cd:36:68:
9f:19:64:c7:93:81:d6:99:61:37:6c:e3:22:db:3f:
67:09:96:06:4a:ce:d0:8d:52:85:3b:11:3e:33:2c:
a3:e9:52:cb:77:58:0d:f3:ae:6d:5f:94:8f:fd:9f:
2b:77:62:a8:33:3c:9a:02:75:66:7f:15:29:8c:e2:
d6:9e:3a:a5:70:f8:17:5a:ac:a1:67:3f:8a:d1:19:
66:0a:28:75:34:30:a4:a8:2a:02:d0:27:21:da:1c:
48:ec:39:2b:5a:cf:1e:cf:29:7c:26:96:07:e7:79:
2c:77:8b:44:68:dd:29:65:a8:57:a9:58:69:d9:0a:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:E8:DE:E3:F3:0B:F4:0B:B4:6F:18:5C:B5:CE:50:7E:B8:98:28
X509v3 Authority Key Identifier:
keyid:7E:C5:D4:82:8D:C3:41:99:EF:71:7C:C0:3A:48:A0:07:4C:14:43:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsXUgo3DQZnvcXzAOkigB0wUQ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/o_no3uPzC_QLtG8YXLXOUH64mCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a00b89-b398-40d9-bdb5-427b2d4f9c82/1/fsXUgo3DQZnvcXzAOkigB0wUQ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.66.0/24
Signature Algorithm: sha256WithRSAEncryption
46:90:ad:bb:dd:f2:1d:ce:72:2f:fc:01:eb:ec:9d:e3:e6:ac:
48:fa:02:5c:13:bd:d7:a9:cf:ed:fd:8b:0f:01:4d:94:db:5e:
3c:b9:51:3b:a6:d7:09:f0:f2:d5:92:fa:2a:c5:21:4d:51:41:
f2:d4:76:03:e9:1e:27:f9:9f:82:11:e7:8f:5e:73:88:e0:29:
37:c8:13:de:06:2f:52:75:c3:c4:11:39:2e:97:c5:07:68:44:
7c:9a:b9:07:4e:71:65:12:5f:80:7c:f1:93:1d:09:65:91:51:
20:17:f5:fb:f7:9d:6b:aa:2c:9c:53:0e:7c:8a:50:b7:a3:0a:
35:1b:eb:1a:35:58:c4:2d:65:04:cd:84:4b:4f:6f:2e:55:4d:
92:39:ae:5f:60:56:fe:a4:08:88:88:71:ca:da:8a:af:d8:5b:
c8:a0:84:dd:c0:66:24:ad:ed:26:65:e7:f8:09:72:49:0a:18:
da:27:62:ec:e3:61:4d:a6:74:e2:21:bb:a9:44:b4:bc:23:e3:
61:21:24:87:86:24:8f:71:18:8d:a7:b1:e3:f6:52:ab:13:ae:
17:ea:80:5e:20:89:39:d1:78:d7:87:38:80:a5:0f:67:1b:52:
e8:a4:2a:d4:d2:77:7d:25:81:6e:89:8a:21:1e:b4:25:23:a2:
49:6a:24:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3PUcHQumQ+PU/wTe1aH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzVkNDgyOGRjMzQxOTllZjcxN2NjMDNhNDhhMDA3NGMx
NDQzYjgwHhcNMjQwMTAxMTYzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y5ZThkZWUzZjMwYmY0MGJiNDZmMTg1Y2I1Y2U1MDdlYjg5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhUEaUrFgXMzIwWzM8Ksmlao9hld
Khte7qGbmaQ0VcYHja66/djORLjScMR6OslxvgR3bOi/8fDqaKWF4ackLw8LnMeb
AZ2NjpHQ/DVKnDHKuiHhAD2IhCxFl051x2tfpsSt4r+5+aIH3GsYB/IpiWFJNUl+
wr9PtK1TxH13gXVL3V/NNmifGWTHk4HWmWE3bOMi2z9nCZYGSs7QjVKFOxE+Myyj
6VLLd1gN865tX5SP/Z8rd2KoMzyaAnVmfxUpjOLWnjqlcPgXWqyhZz+K0RlmCih1
NDCkqCoC0Cch2hxI7DkrWs8ezyl8JpYH53ksd4tEaN0pZahXqVhp2Qo/YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP56N7j8wv0C7RvGFy1zlB+uJgoMB8GA1UdIwQY
MBaAFH7F1IKNw0GZ73F8wDpIoAdMFEO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNYVWdvM0RRWm52Y1h6QU9raWdCMHdVUTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hMDBiODktYjM5OC00MGQ5LWJkYjUt
NDI3YjJkNGY5YzgyLzEvb19ubzN1UHpDX1FMdEc4WVhMWE9VSDY0bUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hMDBiODktYjM5OC00MGQ5LWJkYjUtNDI3YjJkNGY5Yzgy
LzEvZnNYVWdvM0RRWm52Y1h6QU9raWdCMHdVUTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JCMA0G
CSqGSIb3DQEBCwUAA4IBAQBGkK273fIdznIv/AHr7J3j5qxI+gJcE73Xqc/t/YsP
AU2U2148uVE7ptcJ8PLVkvoqxSFNUUHy1HYD6R4n+Z+CEeePXnOI4Ck3yBPeBi9S
dcPEETkul8UHaER8mrkHTnFlEl+AfPGTHQllkVEgF/X7951rqiycUw58ilC3owo1
G+saNVjELWUEzYRLT28uVU2SOa5fYFb+pAiIiHHK2oqv2FvIoITdwGYkre0mZef4
CXJJChjaJ2Ls42FNpnTiIbupRLS8I+NhISSHhiSPcRiNp7Hj9lKrE64X6oBeIIk5
0XjXhziApQ9nG1LopCrU0nd9JYFuiYohHrQlI6JJaiS1
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:54:32 2025 by rpki-client