Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/oVNsu9BJY948S10EegZA6qCBx88.roa
File: oVNsu9BJY948S10EegZA6qCBx88.roa (raw, json)
Hash identifier: pw7EbkAv9zITjFoP0iQ25gCSUY62QdwrWwxtu8gIfBw=
Subject key identifier: A1:53:6C:BB:D0:49:63:DE:3C:4B:5D:04:7A:06:40:EA:A0:81:C7:CF
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 018FB6A8BC7A55F0FDCFB26BE68E5BA80DA9
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/oVNsu9BJY948S10EegZA6qCBx88.roa
Signing time: Sun 26 May 2024 20:47:42 +0000
ROA not before: Sun 26 May 2024 20:47:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.191.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 18:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b6:a8:bc:7a:55:f0:fd:cf:b2:6b:e6:8e:5b:a8:0d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: May 26 20:47:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1536cbbd04963de3c4b5d047a0640eaa081c7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7f:0a:aa:97:1b:75:69:3f:9b:2e:c5:0e:cf:
32:2b:16:0f:01:33:4f:71:f8:8b:07:0a:30:d7:3d:
d1:6a:a5:c1:66:ab:51:84:b2:fb:08:fc:80:09:95:
c2:9d:d6:0f:11:39:82:c3:94:b2:0a:3b:6d:94:0b:
1a:ec:04:5d:12:27:87:07:7a:27:48:40:2c:cb:56:
0a:c9:31:ec:31:00:4a:e6:8b:98:b1:c0:ec:aa:6e:
00:ab:29:c6:d2:46:99:c2:b0:25:de:21:4c:68:f1:
7b:79:cb:93:a8:ca:79:51:42:37:e0:92:5d:10:01:
68:ce:ea:42:5d:7e:b0:18:c0:4f:f8:0d:87:98:4a:
f2:0d:f9:f8:21:72:76:c4:e1:6f:55:e7:fc:48:56:
96:b7:f2:d1:94:46:b2:52:cd:e0:94:12:51:74:d2:
43:ae:a6:03:6e:1f:81:72:6f:a8:a0:2d:c2:d1:9a:
44:02:23:53:51:b0:91:9a:12:87:f7:1f:bd:da:c7:
7c:28:64:50:b1:d3:d0:db:66:79:c0:65:99:41:73:
92:0f:85:fb:f8:0e:d5:ef:c8:14:c3:31:d2:70:45:
e0:fd:33:2b:44:54:a1:24:3a:b0:2a:4f:c8:b7:a2:
19:22:1e:9c:aa:31:b3:a4:68:37:24:51:62:9b:8c:
7e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:53:6C:BB:D0:49:63:DE:3C:4B:5D:04:7A:06:40:EA:A0:81:C7:CF
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/oVNsu9BJY948S10EegZA6qCBx88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.145.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a5:f0:06:1e:69:c6:98:af:a4:b8:80:b2:e4:85:e2:ac:41:
a7:ba:10:a6:0e:b4:5a:de:5f:11:50:7a:e6:62:c4:8d:80:f5:
7e:90:d8:db:1f:1f:ff:8b:e9:92:d2:c6:5d:38:69:6c:41:72:
2c:1f:48:28:64:96:11:49:ee:83:f4:9e:74:f2:cd:01:09:ab:
e9:8b:94:70:e9:9d:da:42:47:e2:1f:ad:f7:e9:28:a6:d8:23:
07:81:b1:47:2d:e9:3c:4e:f0:cd:53:87:bf:19:71:2b:d7:2e:
0a:e6:4e:a9:e0:8c:a8:b7:fc:f6:0e:7a:e9:04:11:2d:20:59:
e6:b1:f4:3f:4b:e4:34:56:57:30:96:61:99:04:37:ed:19:05:
f8:4d:ea:08:90:5c:0a:eb:4e:bb:8b:d5:1e:9f:9a:ef:a2:ae:
ed:60:b8:a0:99:58:9e:ed:39:d6:b2:76:f6:9a:79:6a:ff:02:
92:14:dd:71:64:46:cb:eb:a8:3d:20:a4:ca:3b:0c:3f:71:66:
97:92:b1:c4:5a:48:70:d9:62:5a:6f:e4:a8:d4:a3:9c:87:a7:
44:55:5f:38:92:31:4b:fa:92:08:b5:dc:12:8e:97:09:cf:98:
34:fd:27:ab:dc:ac:f0:6e:a0:cd:df:f7:a2:e8:50:d6:99:9a:
42:ba:90:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+2qLx6VfD9z7Jr5o5bqA2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjQwNTI2MjA0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTUzNmNiYmQwNDk2M2RlM2M0YjVkMDQ3YTA2NDBlYWEwODFjN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5X8KqpcbdWk/my7FDs8yKxYPATNP
cfiLBwow1z3RaqXBZqtRhLL7CPyACZXCndYPETmCw5SyCjttlAsa7ARdEieHB3on
SEAsy1YKyTHsMQBK5ouYscDsqm4AqynG0kaZwrAl3iFMaPF7ecuTqMp5UUI34JJd
EAFozupCXX6wGMBP+A2HmEryDfn4IXJ2xOFvVef8SFaWt/LRlEayUs3glBJRdNJD
rqYDbh+Bcm+ooC3C0ZpEAiNTUbCRmhKH9x+92sd8KGRQsdPQ22Z5wGWZQXOSD4X7
+A7V78gUwzHScEXg/TMrRFShJDqwKk/It6IZIh6cqjGzpGg3JFFim4x+vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFTbLvQSWPePEtdBHoGQOqggcfPMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvb1ZOc3U5QkpZOTQ4UzEwRWVnWkE2cUNCeDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+RMA0G
CSqGSIb3DQEBCwUAA4IBAQBrpfAGHmnGmK+kuICy5IXirEGnuhCmDrRa3l8RUHrm
YsSNgPV+kNjbHx//i+mS0sZdOGlsQXIsH0goZJYRSe6D9J508s0BCavpi5Rw6Z3a
QkfiH6336Sim2CMHgbFHLek8TvDNU4e/GXEr1y4K5k6p4Iyot/z2DnrpBBEtIFnm
sfQ/S+Q0VlcwlmGZBDftGQX4TeoIkFwK6067i9Uen5rvoq7tYLigmVie7TnWsnb2
mnlq/wKSFN1xZEbL66g9IKTKOww/cWaXkrHEWkhw2WJab+So1KOch6dEVV84kjFL
+pIItdwSjpcJz5g0/Ser3KzwbqDN3/ei6FDWmZpCupCm
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:17:17 2025 by rpki-client