Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/o80n6Qz7pVNgGzPhHNU2MS14QOk.roa
File: o80n6Qz7pVNgGzPhHNU2MS14QOk.roa (raw, json)
Hash identifier: C8b52w8ieYcAzHjigdSlzRtxKU+/UlpKmT2y1RBZXBo=
Subject key identifier: A3:CD:27:E9:0C:FB:A5:53:60:1B:33:E1:1C:D5:36:31:2D:78:40:E9
Certificate issuer: /CN=a14e499240cea588541a7dc74f321c9141744bb6
Certificate serial: 019197CBD12A28197A1C4A148569FA9EBAC4
Authority key identifier: A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/o80n6Qz7pVNgGzPhHNU2MS14QOk.roa
Signing time: Wed 28 Aug 2024 07:03:22 +0000
ROA not before: Wed 28 Aug 2024 07:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49603
IP address blocks: 46.19.152.0/21 maxlen: 24
89.207.248.0/21 maxlen: 24
185.88.60.0/22 maxlen: 24
185.92.152.0/22 maxlen: 24
2a05:ca80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Dec 2024 14:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:cb:d1:2a:28:19:7a:1c:4a:14:85:69:fa:9e:ba:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14e499240cea588541a7dc74f321c9141744bb6
Validity
Not Before: Aug 28 07:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3cd27e90cfba553601b33e11cd536312d7840e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bf:4a:11:04:eb:15:31:73:83:23:a5:a9:10:
c8:5b:0f:49:ff:25:72:de:6c:21:5b:6f:df:5f:a3:
b7:42:f6:76:0e:72:82:eb:46:85:88:d2:40:9c:09:
32:87:f9:af:5d:6a:ae:ef:90:f1:24:4a:b1:39:85:
09:52:32:4e:84:6f:36:92:56:14:39:71:86:66:78:
40:b1:31:cd:60:8a:e3:d2:04:b5:af:11:fe:7f:5e:
85:e7:58:66:6c:88:39:50:c2:88:81:43:ea:8d:80:
fe:43:79:af:30:6c:4e:d0:d2:12:59:9f:4d:af:28:
af:01:56:7d:d3:5a:6d:b2:b9:36:f3:99:00:c2:e3:
76:b5:63:4e:21:7c:4f:01:bc:1a:10:cc:98:ae:8f:
8f:fa:a9:37:f2:d5:4b:6e:91:a5:e4:fc:37:8c:e8:
00:32:40:a4:65:f2:f9:3e:8b:f0:c7:b1:cb:a8:80:
12:12:02:05:eb:29:60:68:c9:27:f1:57:8e:46:28:
1c:23:b1:9a:46:00:bb:50:2b:2c:a6:6f:11:59:4d:
f0:ea:f5:25:7f:bc:40:52:45:b8:44:42:c4:a7:95:
93:62:a0:6c:7e:8e:c3:82:9d:1d:5c:65:97:fe:6d:
a7:9c:27:78:18:c3:10:d8:6e:70:f5:06:23:38:48:
b9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CD:27:E9:0C:FB:A5:53:60:1B:33:E1:1C:D5:36:31:2D:78:40:E9
X509v3 Authority Key Identifier:
keyid:A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/o80n6Qz7pVNgGzPhHNU2MS14QOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.152.0/21
89.207.248.0/21
185.88.60.0/22
185.92.152.0/22
IPv6:
2a05:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
53:71:45:1c:9d:f7:dd:f3:28:8a:42:f7:f4:55:94:14:70:ed:
d7:47:7c:5f:11:00:e0:d4:b3:10:a4:b8:ea:cd:7c:ae:f6:91:
bd:1d:dd:6b:70:8e:5b:f7:61:e7:31:ba:ce:8e:51:10:b6:38:
71:62:9c:49:43:ce:a9:b0:52:8a:72:c2:c3:07:0d:e1:0d:6d:
ce:41:f1:76:f7:64:72:fa:01:f7:9c:df:f8:e4:15:b8:95:d4:
6f:b4:5e:f3:39:54:e5:cf:9d:a1:34:9c:a3:88:df:fd:d4:91:
ff:3d:55:c8:c6:87:94:57:f5:72:06:e7:b3:1e:10:52:fa:48:
48:fe:48:a7:7c:96:98:be:90:64:e7:0d:69:dd:a8:71:f6:0e:
3c:5b:11:cb:54:8b:66:63:40:7e:f2:4d:54:4a:74:ea:82:a6:
e0:06:fe:47:ee:ac:5e:a9:9f:bf:19:f8:e6:f7:db:0d:46:b3:
44:74:10:68:6c:34:84:95:3b:74:f2:07:aa:a8:c1:d0:3c:f8:
41:9e:60:1e:52:49:3f:e7:99:55:60:91:cc:e7:f9:3d:bf:74:
b1:ee:b1:0a:b5:77:26:46:80:aa:d3:cd:41:c4:7e:06:e1:48:
41:02:51:14:a1:1e:77:d9:93:a1:1f:c1:8e:0d:e5:9c:02:14:
81:58:67:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZGXy9EqKBl6HEoUhWn6nrrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGU0OTkyNDBjZWE1ODg1NDFhN2RjNzRmMzIxYzkxNDE3
NDRiYjYwHhcNMjQwODI4MDcwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NkMjdlOTBjZmJhNTUzNjAxYjMzZTExY2Q1MzYzMTJkNzg0MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb9KEQTrFTFzgyOlqRDIWw9J/yVy
3mwhW2/fX6O3QvZ2DnKC60aFiNJAnAkyh/mvXWqu75DxJEqxOYUJUjJOhG82klYU
OXGGZnhAsTHNYIrj0gS1rxH+f16F51hmbIg5UMKIgUPqjYD+Q3mvMGxO0NISWZ9N
ryivAVZ901ptsrk285kAwuN2tWNOIXxPAbwaEMyYro+P+qk38tVLbpGl5Pw3jOgA
MkCkZfL5Povwx7HLqIASEgIF6ylgaMkn8VeORigcI7GaRgC7UCsspm8RWU3w6vUl
f7xAUkW4RELEp5WTYqBsfo7Dgp0dXGWX/m2nnCd4GMMQ2G5w9QYjOEi5oQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKPNJ+kM+6VTYBsz4RzVNjEteEDpMB8GA1UdIwQY
MBaAFKFOSZJAzqWIVBp9x08yHJFBdEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEt
MzZhODA4ZjNkMTRkLzEvbzgwbjZRejdwVk5nR3pQaEhOVTJNUzE0UU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEtMzZhODA4ZjNkMTRk
LzEvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhOYAwQD
Wc/4AwQCuVg8AwQCuVyYMA0EAgACMAcDBQMqBcqAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTcUUcnffd8yiKQvf0VZQUcO3XR3xfEQDg1LMQpLjqzXyu9pG9Hd1rcI5b92Hn
MbrOjlEQtjhxYpxJQ86psFKKcsLDBw3hDW3OQfF292Ry+gH3nN/45BW4ldRvtF7z
OVTlz52hNJyjiN/91JH/PVXIxoeUV/VyBuezHhBS+khI/kinfJaYvpBk5w1p3ahx
9g48WxHLVItmY0B+8k1USnTqgqbgBv5H7qxeqZ+/Gfjm99sNRrNEdBBobDSElTt0
8geqqMHQPPhBnmAeUkk/55lVYJHM5/k9v3Sx7rEKtXcmRoCq081BxH4G4UhBAlEU
oR532ZOhH8GODeWcAhSBWGc6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:59 2025 by rpki-client