Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/OW1rz88NsXts4xgAxqkwm39dacQ.roa
File: OW1rz88NsXts4xgAxqkwm39dacQ.roa (raw, json)
Hash identifier: iFaY2RWJykzA2hkSRwPNGz27ajcZxCXe2ECudW0vunU=
Subject key identifier: 39:6D:6B:CF:CF:0D:B1:7B:6C:E3:18:00:C6:A9:30:9B:7F:5D:69:C4
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A8F9C1040B78003B05A73FDCC36D
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/OW1rz88NsXts4xgAxqkwm39dacQ.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34478
IP address blocks: 194.27.148.0/24 maxlen: 24
193.140.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a8:f9:c1:04:0b:78:00:3b:05:a7:3f:dc:c3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=396d6bcfcf0db17b6ce31800c6a9309b7f5d69c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:fe:2b:08:5a:5b:2a:30:38:a1:95:44:e7:
4c:e8:96:f5:12:ab:ef:ab:c1:b6:28:2d:ee:b3:7a:
81:3f:31:e9:4a:f8:4f:bf:06:29:d1:f7:e7:06:fe:
dc:6f:1c:70:c9:16:29:73:1d:c7:d0:30:3e:88:bf:
53:ae:a6:fd:b5:80:4c:1f:a6:ae:08:71:0e:6e:9c:
48:f2:e0:b9:d3:1e:8f:b9:b9:a0:0a:64:4f:5c:c6:
0e:38:c8:4c:ec:67:4f:6e:ba:2a:00:0f:f9:4d:cc:
00:41:ba:2e:7f:1c:5e:7e:96:ae:6a:4e:7c:a6:96:
ff:3b:e4:f4:e2:ab:3a:2c:b1:03:cd:2b:97:16:56:
b3:91:b2:03:1e:fe:04:bd:20:23:f5:93:df:c1:2a:
95:d0:b2:7b:39:20:eb:02:39:67:14:b8:5a:8a:6b:
22:f6:1f:c3:70:74:20:4c:fc:d7:b5:a9:fd:df:00:
68:85:c5:f3:8d:17:84:de:cc:be:fc:94:43:64:9c:
38:6d:9d:d7:bd:51:2a:7e:3f:f5:44:d9:7d:ac:c2:
4f:94:21:07:44:60:1a:dd:1d:a1:2f:ee:0a:31:ca:
7b:4d:ae:4a:da:1e:58:be:93:7f:29:d1:f9:6d:d9:
0f:a6:2d:dd:d7:82:c9:9b:31:46:ad:58:f1:0c:26:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6D:6B:CF:CF:0D:B1:7B:6C:E3:18:00:C6:A9:30:9B:7F:5D:69:C4
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/OW1rz88NsXts4xgAxqkwm39dacQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.71.0/24
194.27.148.0/24
Signature Algorithm: sha256WithRSAEncryption
31:85:66:1c:92:7e:e5:34:fb:b4:8d:b6:26:06:25:7f:88:ff:
1b:25:e0:a6:e1:b9:19:8f:6e:a7:ae:37:9c:ec:11:36:08:a2:
11:39:f1:b4:24:ae:84:3a:2e:97:8e:32:bd:ae:f2:32:2f:67:
39:d5:4f:b4:a3:88:67:3a:80:cf:96:aa:04:20:8b:aa:e3:f0:
bf:b7:c0:eb:7c:ba:d3:d4:b3:7a:e0:95:0d:21:e7:af:aa:89:
eb:88:7a:2a:18:39:45:8e:27:18:02:bc:de:16:36:e0:79:35:
e7:95:52:d0:38:af:18:00:aa:bb:4f:11:1c:32:b9:ea:b1:98:
71:86:0f:bc:3f:33:ca:b8:a8:8e:0b:60:4e:22:21:80:f9:51:
1b:f5:ec:c1:2f:53:c8:9e:47:15:23:31:82:19:bf:d7:fd:fe:
cb:48:da:1f:72:25:c1:bc:fe:11:15:47:ed:79:d7:55:12:50:
3e:4f:4b:6d:d3:17:a0:da:8f:84:c7:70:43:e4:b5:6c:2d:59:
88:54:21:bd:bb:b7:95:27:dd:7b:2d:96:1f:b1:98:6a:c2:18:
d1:9b:7b:88:af:5d:bb:d2:c2:47:c8:b2:f5:3b:14:8f:9b:e6:
59:93:6f:38:a0:9b:10:f4:09:ae:6a:2d:00:dd:a5:3b:7f:2f:
2a:73:82:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSKj5wQQLeAA7Bac/3MNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZkNmJjZmNmMGRiMTdiNmNlMzE4MDBjNmE5MzA5YjdmNWQ2OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFf+KwhaWyowOKGVROdM6Jb1Eqvv
q8G2KC3us3qBPzHpSvhPvwYp0ffnBv7cbxxwyRYpcx3H0DA+iL9Trqb9tYBMH6au
CHEObpxI8uC50x6PubmgCmRPXMYOOMhM7GdPbroqAA/5TcwAQboufxxefpauak58
ppb/O+T04qs6LLEDzSuXFlazkbIDHv4EvSAj9ZPfwSqV0LJ7OSDrAjlnFLhaimsi
9h/DcHQgTPzXtan93wBohcXzjReE3sy+/JRDZJw4bZ3XvVEqfj/1RNl9rMJPlCEH
RGAa3R2hL+4KMcp7Ta5K2h5YvpN/KdH5bdkPpi3d14LJmzFGrVjxDCYG9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlta8/PDbF7bOMYAMapMJt/XWnEMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvT1cxcno4OE5zWHRzNHhnQXhxa3dtMzlkYWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwYxHAwQA
whuUMA0GCSqGSIb3DQEBCwUAA4IBAQAxhWYckn7lNPu0jbYmBiV/iP8bJeCm4bkZ
j26nrjec7BE2CKIROfG0JK6EOi6XjjK9rvIyL2c51U+0o4hnOoDPlqoEIIuq4/C/
t8DrfLrT1LN64JUNIeevqonriHoqGDlFjicYArzeFjbgeTXnlVLQOK8YAKq7TxEc
MrnqsZhxhg+8PzPKuKiOC2BOIiGA+VEb9ezBL1PInkcVIzGCGb/X/f7LSNofciXB
vP4RFUfteddVElA+T0tt0xeg2o+Ex3BD5LVsLVmIVCG9u7eVJ917LZYfsZhqwhjR
m3uIr1270sJHyLL1OxSPm+ZZk284oJsQ9Amuai0A3aU7fy8qc4KK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:42 2025 by rpki-client