Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/o3zC9w0QXNJEn7JPGPpoyHWMP88.roa
File: o3zC9w0QXNJEn7JPGPpoyHWMP88.roa (raw, json)
Hash identifier: hi6Xiqi2sW30xJMifgzGElDQtPW5xyaq2xXSiy3beCE=
Subject key identifier: A3:7C:C2:F7:0D:10:5C:D2:44:9F:B2:4F:18:FA:68:C8:75:8C:3F:CF
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 018CC87095C42DF2B088808BA917EA5535D5
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/o3zC9w0QXNJEn7JPGPpoyHWMP88.roa
Signing time: Tue 02 Jan 2024 04:31:10 +0000
ROA not before: Tue 02 Jan 2024 04:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202931
IP address blocks: 80.245.95.0/24 maxlen: 24
80.245.93.0/24 maxlen: 24
79.140.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:95:c4:2d:f2:b0:88:80:8b:a9:17:ea:55:35:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 04:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a37cc2f70d105cd2449fb24f18fa68c8758c3fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9d:db:64:fb:6c:e0:44:d3:19:24:65:97:32:
32:c2:35:de:7a:5c:74:fe:32:0c:e8:25:92:a7:32:
98:28:93:15:15:f3:68:dd:b5:31:bf:ac:e3:55:11:
dd:7f:4b:f7:31:61:55:cb:69:2e:73:40:3f:a0:2b:
84:e6:84:53:17:ac:42:3c:b0:51:24:b6:e0:2e:3c:
72:09:6a:3e:07:24:87:77:23:e5:6b:8a:d0:8d:3c:
2d:03:f4:fa:01:45:d2:77:6b:34:a3:c4:01:d0:65:
6f:33:81:e6:dc:2a:bb:cd:f9:98:b9:77:dc:96:d6:
c7:22:bf:77:43:79:75:e1:15:ab:d0:bb:bd:1b:6f:
97:58:10:b4:d2:53:cd:c6:08:01:c7:6c:93:82:c2:
69:66:68:e3:b5:ee:4b:53:f5:a5:19:f0:fa:56:9d:
2d:e3:0e:cd:f6:dd:e7:6a:c1:96:72:e7:95:5e:0d:
11:45:6b:cf:1f:1d:f0:98:a9:88:75:90:68:ef:89:
72:31:f7:1f:a8:0b:64:6b:78:f8:ff:6d:67:8a:8e:
ed:c1:aa:2e:61:e5:af:5d:2e:05:20:eb:2e:b8:4e:
eb:fd:40:0c:80:74:b7:ac:09:a5:8c:03:fb:6a:ae:
8a:dc:4e:88:0f:af:58:2a:c3:37:53:54:2b:d9:c3:
f0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7C:C2:F7:0D:10:5C:D2:44:9F:B2:4F:18:FA:68:C8:75:8C:3F:CF
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/o3zC9w0QXNJEn7JPGPpoyHWMP88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.173.0/24
80.245.93.0/24
80.245.95.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8d:e7:aa:5f:8d:0f:db:ba:e3:68:4d:b4:90:ca:50:81:1f:
b4:e0:f2:ec:3a:28:76:c3:d2:29:d0:a8:d9:df:ca:ba:f0:44:
84:07:0b:59:f5:42:dd:aa:21:c7:50:8f:10:d8:35:86:ae:60:
df:bc:04:fa:25:b6:14:7d:86:d1:d2:7e:9c:78:29:2b:ce:7e:
49:cb:38:f8:e1:aa:51:9b:05:1d:5d:bf:3c:a1:de:f6:d1:0a:
91:3b:4e:d3:8e:6e:6c:c5:11:e0:fb:ab:44:18:ac:3c:45:51:
dd:c1:c3:03:94:7c:a8:da:0f:fe:93:e4:7a:e1:de:0f:62:21:
95:e8:56:d8:11:4f:6c:42:fa:b4:80:7b:3e:8b:45:d8:3c:1a:
ca:6d:67:58:89:7a:59:43:ad:59:0a:6a:2b:f5:88:11:14:af:
8d:43:e2:db:8a:8b:50:14:8f:6f:c6:48:97:a8:c1:29:05:7d:
c9:37:fe:9f:24:e6:a3:1e:b0:17:b2:7c:89:ee:4e:56:42:8c:
51:8a:76:9a:6a:ef:a4:b9:c3:1b:18:a0:c4:87:c6:a6:84:14:
58:dd:08:db:3b:2d:38:58:10:07:49:98:87:cc:8f:8a:08:74:
80:0b:71:2e:07:1b:25:0c:7a:05:46:8e:3f:e7:3f:7a:22:07:
cd:ef:ed:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIcJXELfKwiICLqRfqVTXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjQwMTAyMDQzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdjYzJmNzBkMTA1Y2QyNDQ5ZmIyNGYxOGZhNjhjODc1OGMzZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA053bZPts4ETTGSRllzIywjXeelx0
/jIM6CWSpzKYKJMVFfNo3bUxv6zjVRHdf0v3MWFVy2kuc0A/oCuE5oRTF6xCPLBR
JLbgLjxyCWo+BySHdyPla4rQjTwtA/T6AUXSd2s0o8QB0GVvM4Hm3Cq7zfmYuXfc
ltbHIr93Q3l14RWr0Lu9G2+XWBC00lPNxggBx2yTgsJpZmjjte5LU/WlGfD6Vp0t
4w7N9t3nasGWcueVXg0RRWvPHx3wmKmIdZBo74lyMfcfqAtka3j4/21nio7twaou
YeWvXS4FIOsuuE7r/UAMgHS3rAmljAP7aq6K3E6ID69YKsM3U1Qr2cPwGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKN8wvcNEFzSRJ+yTxj6aMh1jD/PMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvbzN6Qzl3MFFYTkpFbjdKUEdQcG95SFdNUDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT4ytAwQA
UPVdAwQAUPVfMA0GCSqGSIb3DQEBCwUAA4IBAQAIjeeqX40P27rjaE20kMpQgR+0
4PLsOih2w9Ip0KjZ38q68ESEBwtZ9ULdqiHHUI8Q2DWGrmDfvAT6JbYUfYbR0n6c
eCkrzn5Jyzj44apRmwUdXb88od720QqRO07Tjm5sxRHg+6tEGKw8RVHdwcMDlHyo
2g/+k+R64d4PYiGV6FbYEU9sQvq0gHs+i0XYPBrKbWdYiXpZQ61ZCmor9YgRFK+N
Q+LbiotQFI9vxkiXqMEpBX3JN/6fJOajHrAXsnyJ7k5WQoxRinaaau+kucMbGKDE
h8amhBRY3QjbOy04WBAHSZiHzI+KCHSAC3EuBxslDHoFRo4/5z96IgfN7+1p
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:17 2025 by rpki-client