Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/OY4Um0p5QtKSNDiwSQIqmriyD5A.roa
File: OY4Um0p5QtKSNDiwSQIqmriyD5A.roa (raw, json)
Hash identifier: EilJuvN5IDmeqVe4tVDMA+kRq8LW6G+Mx4n6VbqypoU=
Subject key identifier: 39:8E:14:9B:4A:79:42:D2:92:34:38:B0:49:02:2A:9A:B8:B2:0F:90
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 0193D57B37FD64DD57B2EC3B6855C7C69CF0
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/OY4Um0p5QtKSNDiwSQIqmriyD5A.roa
Signing time: Tue 17 Dec 2024 16:37:22 +0000
ROA not before: Tue 17 Dec 2024 16:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50599
IP address blocks: 185.235.68.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:7b:37:fd:64:dd:57:b2:ec:3b:68:55:c7:c6:9c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Dec 17 16:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=398e149b4a7942d2923438b049022a9ab8b20f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:f6:c7:90:a0:7c:d7:c8:d2:2e:df:8d:3a:
3d:a4:f7:cd:ce:cf:cc:a4:c7:4f:2d:28:d0:53:cc:
1e:79:5d:c9:69:4b:f6:f9:74:4f:59:ae:e2:48:99:
db:92:63:05:9f:ce:3e:e3:20:23:51:1b:84:ea:20:
ba:f8:ea:cc:3c:5b:ee:90:30:09:cd:58:bb:b1:55:
82:ca:2e:e6:6d:81:fb:85:fd:1f:ff:50:41:b6:4d:
65:0d:da:7f:61:d0:7d:ab:42:59:a1:f0:42:da:7a:
4b:d3:6e:6b:06:86:42:c8:18:b6:2d:fb:7c:4f:84:
af:d2:27:f0:9d:60:e9:85:f3:b8:82:6f:b5:78:c2:
99:af:6f:fc:96:5c:db:05:0e:53:03:28:e1:02:15:
f4:89:8d:70:f6:1b:fc:c5:1b:17:61:be:91:ab:36:
79:62:0e:20:21:a5:bf:13:6d:3b:54:e1:52:ec:f3:
78:72:45:c4:35:c6:a9:b8:95:9e:9b:c1:dd:aa:40:
79:8a:21:57:06:f7:57:61:47:f1:f1:a9:c0:93:34:
4f:90:4a:36:08:ea:4e:9f:61:b3:a8:a0:93:10:22:
c7:69:64:be:a5:75:92:53:ac:e8:73:e9:18:cc:1b:
ac:b4:2e:f4:c1:b3:f0:5b:3e:63:c3:ed:29:36:fd:
14:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8E:14:9B:4A:79:42:D2:92:34:38:B0:49:02:2A:9A:B8:B2:0F:90
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/OY4Um0p5QtKSNDiwSQIqmriyD5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.68.0/23
Signature Algorithm: sha256WithRSAEncryption
87:fc:fb:0b:e3:0e:e4:23:89:65:2a:61:ba:06:d3:45:c5:d6:
94:13:ab:d8:39:83:fd:f9:8f:0b:35:8d:09:d9:fa:9b:f5:58:
19:9c:36:5d:c3:fc:59:5c:d4:4e:f3:4b:ed:31:e2:c7:9c:5a:
5b:01:65:72:37:9d:e6:2c:2e:c4:fb:34:c8:3d:15:d2:83:5e:
cc:3b:fe:17:98:cb:b7:49:4c:a9:23:f2:71:5e:34:e3:b1:15:
6d:0b:5e:7d:06:71:28:bf:7b:04:98:69:1c:12:c8:fc:d2:6f:
21:2f:61:8b:7e:7d:57:b7:d9:b8:03:4d:1c:81:de:4d:a5:02:
ea:8b:af:1b:2d:02:67:7d:43:ec:06:f0:35:ee:6d:78:71:7b:
0b:c9:7e:2d:ba:0e:08:5a:0a:9d:9f:34:90:44:b8:ac:3d:9e:
a2:74:f0:d0:b8:43:7c:21:88:27:cd:bf:5b:2a:eb:6e:20:69:
23:45:40:22:1e:c5:1a:c2:a3:12:eb:6e:2a:2b:06:0a:ab:8b:
bf:62:7d:97:85:1d:54:30:24:5b:89:4e:cc:f1:d7:9d:5a:2d:
86:dd:c0:3a:45:fd:b8:34:b0:45:57:e3:54:9e:8f:d9:80:fb:
0f:b9:e9:88:43:09:40:8e:61:98:7f:b4:a7:64:68:81:2e:4e:
c0:74:f1:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPVezf9ZN1Xsuw7aFXHxpzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjQxMjE3MTYzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThlMTQ5YjRhNzk0MmQyOTIzNDM4YjA0OTAyMmE5YWI4YjIwZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJT2x5CgfNfI0i7fjTo9pPfNzs/M
pMdPLSjQU8weeV3JaUv2+XRPWa7iSJnbkmMFn84+4yAjURuE6iC6+OrMPFvukDAJ
zVi7sVWCyi7mbYH7hf0f/1BBtk1lDdp/YdB9q0JZofBC2npL025rBoZCyBi2Lft8
T4Sv0ifwnWDphfO4gm+1eMKZr2/8llzbBQ5TAyjhAhX0iY1w9hv8xRsXYb6RqzZ5
Yg4gIaW/E207VOFS7PN4ckXENcapuJWem8HdqkB5iiFXBvdXYUfx8anAkzRPkEo2
COpOn2GzqKCTECLHaWS+pXWSU6zoc+kYzBustC70wbPwWz5jw+0pNv0U/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmOFJtKeULSkjQ4sEkCKpq4sg+QMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvT1k0VW0wcDVRdEtTTkRpd1NRSXFtcml5RDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuetEMA0G
CSqGSIb3DQEBCwUAA4IBAQCH/PsL4w7kI4llKmG6BtNFxdaUE6vYOYP9+Y8LNY0J
2fqb9VgZnDZdw/xZXNRO80vtMeLHnFpbAWVyN53mLC7E+zTIPRXSg17MO/4XmMu3
SUypI/JxXjTjsRVtC159BnEov3sEmGkcEsj80m8hL2GLfn1Xt9m4A00cgd5NpQLq
i68bLQJnfUPsBvA17m14cXsLyX4tug4IWgqdnzSQRLisPZ6idPDQuEN8IYgnzb9b
KutuIGkjRUAiHsUawqMS624qKwYKq4u/Yn2XhR1UMCRbiU7M8dedWi2G3cA6Rf24
NLBFV+NUno/ZgPsPuemIQwlAjmGYf7SnZGiBLk7AdPEK
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:04 2025 by rpki-client