Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/oGWO2Au6qGYSZTV9oLrxQbNPyxY.roa
File: oGWO2Au6qGYSZTV9oLrxQbNPyxY.roa (raw, json)
Hash identifier: 4IKKF7muXnIXyuRFRt0aROLXOBnbtUw5YhRukdviZhE=
Subject key identifier: A0:65:8E:D8:0B:BA:A8:66:12:65:35:7D:A0:BA:F1:41:B3:4F:CB:16
Certificate issuer: /CN=20b830833878b6c861269a0e2a45837aa9485be1
Certificate serial: 01920469B2418DC53E0CF2B33BB4B20D2892
Authority key identifier: 20:B8:30:83:38:78:B6:C8:61:26:9A:0E:2A:45:83:7A:A9:48:5B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILgwgzh4tshhJpoOKkWDeqlIW-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/oGWO2Au6qGYSZTV9oLrxQbNPyxY.roa
Signing time: Wed 18 Sep 2024 09:14:48 +0000
ROA not before: Wed 18 Sep 2024 09:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60987
IP address blocks: 185.198.184.0/22 maxlen: 22
185.198.184.0/24 maxlen: 24
185.198.185.0/24 maxlen: 24
185.198.186.0/24 maxlen: 24
185.198.187.0/24 maxlen: 24
193.238.175.0/24 maxlen: 24
2a0a:8d40::/29 maxlen: 29
2a11:880::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:69:b2:41:8d:c5:3e:0c:f2:b3:3b:b4:b2:0d:28:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b830833878b6c861269a0e2a45837aa9485be1
Validity
Not Before: Sep 18 09:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0658ed80bbaa8661265357da0baf141b34fcb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:da:e1:7a:9a:8d:2b:6d:7e:e9:45:a1:79:60:
00:31:e4:40:84:ec:ad:26:6e:e9:e5:62:5c:8b:15:
58:36:fb:0f:98:b1:53:05:58:a1:21:4b:fb:36:03:
50:c6:46:f4:cb:2c:99:f2:2f:ad:e7:75:5b:fb:0d:
67:1f:08:b2:f1:d7:8e:ae:77:df:5a:17:e0:40:cb:
26:a9:d5:1b:67:2d:b2:31:4f:21:21:3b:18:e4:ab:
80:d0:36:38:d3:6f:c0:e0:62:43:64:d2:a9:73:fb:
91:46:51:bd:30:90:53:80:ef:52:29:29:f6:c1:d2:
2c:96:32:bb:03:ab:73:04:2d:ea:ea:b1:01:48:44:
91:de:23:59:6b:3d:ec:88:0b:55:92:ec:0e:62:60:
c6:04:45:21:c0:43:ce:d8:66:72:41:74:e6:58:4f:
3b:1d:bd:0e:61:f2:4e:f0:72:80:09:a5:53:e8:89:
41:ec:c9:b8:3f:0d:c2:1f:a5:91:4d:ad:9f:81:c2:
a3:f5:41:91:5b:db:08:47:23:e5:19:f6:07:e4:49:
84:e1:57:b9:26:bd:ce:3c:b2:32:e3:30:21:8a:a2:
8d:b7:69:ed:03:47:fc:06:96:d3:60:0b:91:cf:24:
63:72:c7:10:71:ca:50:96:43:ea:76:3f:ab:80:46:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:65:8E:D8:0B:BA:A8:66:12:65:35:7D:A0:BA:F1:41:B3:4F:CB:16
X509v3 Authority Key Identifier:
keyid:20:B8:30:83:38:78:B6:C8:61:26:9A:0E:2A:45:83:7A:A9:48:5B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILgwgzh4tshhJpoOKkWDeqlIW-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/oGWO2Au6qGYSZTV9oLrxQbNPyxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/64ff0f-e356-48b3-830f-156497bfe93f/1/ILgwgzh4tshhJpoOKkWDeqlIW-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.184.0/22
193.238.175.0/24
IPv6:
2a0a:8d40::/29
2a11:880::/29
Signature Algorithm: sha256WithRSAEncryption
65:dc:da:0f:be:35:c2:25:2e:12:e3:f2:64:fc:e8:15:dc:5a:
92:9f:e7:6e:b6:dd:4c:c3:3e:e6:ed:35:18:72:d8:a6:e9:5d:
7b:52:a9:b2:10:e5:91:dd:54:b2:d9:9b:1c:ac:a9:d5:01:42:
d6:a8:ee:ac:74:98:96:49:37:08:1f:b7:06:9f:2d:33:6e:12:
c0:17:d9:0f:4d:35:26:8b:8c:c9:90:50:a8:d8:ce:95:cb:85:
50:d1:ed:09:c6:c3:ac:bb:2c:4b:64:fb:f2:e5:38:60:69:d6:
d8:b1:dd:77:47:56:44:ae:1f:f7:56:ba:1b:fa:68:8f:59:fa:
23:73:0b:65:15:58:df:ef:42:16:1f:f1:df:53:7b:c1:ce:d3:
50:72:f4:85:b9:ad:e7:c1:24:62:e2:16:6a:da:af:45:17:e1:
f3:dd:2f:c4:26:93:44:a8:34:e2:bb:f8:6e:63:db:8f:e3:35:
09:33:bb:84:c9:fa:67:ab:8f:11:cb:ab:68:7a:45:5a:d2:57:
6b:91:24:fb:1d:71:31:18:3d:8a:31:1a:a2:19:b8:36:78:70:
e4:9a:2d:36:73:ab:09:ed:84:b0:d3:2c:1d:b7:15:7c:75:e9:
81:21:dd:51:25:bd:b8:a7:99:cb:9b:00:6a:bc:43:23:a3:49:
d2:88:00:8c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZIEabJBjcU+DPKzO7SyDSiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjgzMDgzMzg3OGI2Yzg2MTI2OWEwZTJhNDU4MzdhYTk0
ODViZTEwHhcNMjQwOTE4MDkxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY1OGVkODBiYmFhODY2MTI2NTM1N2RhMGJhZjE0MWIzNGZjYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotrhepqNK21+6UWheWAAMeRAhOyt
Jm7p5WJcixVYNvsPmLFTBVihIUv7NgNQxkb0yyyZ8i+t53Vb+w1nHwiy8deOrnff
WhfgQMsmqdUbZy2yMU8hITsY5KuA0DY402/A4GJDZNKpc/uRRlG9MJBTgO9SKSn2
wdIsljK7A6tzBC3q6rEBSESR3iNZaz3siAtVkuwOYmDGBEUhwEPO2GZyQXTmWE87
Hb0OYfJO8HKACaVT6IlB7Mm4Pw3CH6WRTa2fgcKj9UGRW9sIRyPlGfYH5EmE4Ve5
Jr3OPLIy4zAhiqKNt2ntA0f8BpbTYAuRzyRjcscQccpQlkPqdj+rgEYrLwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKBljtgLuqhmEmU1faC68UGzT8sWMB8GA1UdIwQY
MBaAFCC4MIM4eLbIYSaaDipFg3qpSFvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxnd2d6aDR0c2hoSnBvT0trV0RlcWxJVy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NGZmMGYtZTM1Ni00OGIzLTgzMGYt
MTU2NDk3YmZlOTNmLzEvb0dXTzJBdTZxR1lTWlRWOW9McnhRYk5QeXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NGZmMGYtZTM1Ni00OGIzLTgzMGYtMTU2NDk3YmZlOTNm
LzEvSUxnd2d6aDR0c2hoSnBvT0trV0RlcWxJVy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuca4AwQA
we6vMBQEAgACMA4DBQMqCo1AAwUDKhEIgDANBgkqhkiG9w0BAQsFAAOCAQEAZdza
D741wiUuEuPyZPzoFdxakp/nbrbdTMM+5u01GHLYpulde1KpshDlkd1UstmbHKyp
1QFC1qjurHSYlkk3CB+3Bp8tM24SwBfZD001JouMyZBQqNjOlcuFUNHtCcbDrLss
S2T78uU4YGnW2LHdd0dWRK4f91a6G/poj1n6I3MLZRVY3+9CFh/x31N7wc7TUHL0
hbmt58EkYuIWatqvRRfh890vxCaTRKg04rv4bmPbj+M1CTO7hMn6Z6uPEcuraHpF
WtJXa5Ek+x1xMRg9ijEaohm4Nnhw5JotNnOrCe2EsNMsHbcVfHXpgSHdUSW9uKeZ
y5sAarxDI6NJ0ogAjA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:35:58 2025 by rpki-client