Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OpaGGha2XxjZ-3nMrsZn78EMcb8.roa
File: OpaGGha2XxjZ-3nMrsZn78EMcb8.roa (raw, json)
Hash identifier: hfIy3mLMs8o2yNXHfeA+LZpfVYkIE6rR6CXvUfG/do0=
Subject key identifier: 3A:96:86:1A:16:B6:5F:18:D9:FB:79:CC:AE:C6:67:EF:C1:0C:71:BF
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 0192B8756F87EC1BFE041E962C6540C7CA55
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OpaGGha2XxjZ-3nMrsZn78EMcb8.roa
Signing time: Wed 23 Oct 2024 08:19:16 +0000
ROA not before: Wed 23 Oct 2024 08:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.1.0/24 maxlen: 24
146.0.2.0/24 maxlen: 24
146.0.5.0/24 maxlen: 24
146.0.8.0/24 maxlen: 24
146.0.9.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:75:6f:87:ec:1b:fe:04:1e:96:2c:65:40:c7:ca:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Oct 23 08:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a96861a16b65f18d9fb79ccaec667efc10c71bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c7:d2:c6:29:10:f5:29:3a:8e:d3:e4:c4:99:
54:ec:1c:9a:7f:06:e8:24:91:08:97:b4:b2:07:86:
80:e3:a7:c8:8d:0e:72:50:e6:90:d2:e1:78:3f:86:
25:76:93:73:b1:34:f4:97:29:d6:f2:ac:49:8c:55:
b2:8d:40:d2:4d:79:f9:23:7b:16:7d:4c:54:8a:7e:
1f:26:42:53:8e:e6:9b:31:45:8d:94:e5:1a:93:28:
f1:21:1f:1b:40:26:9a:5a:7d:e4:66:e4:1e:0c:16:
00:0c:d3:7f:bb:23:f0:87:fd:f1:89:25:73:56:d5:
96:c0:4a:1c:99:47:61:69:92:f0:a7:da:1f:b2:59:
52:a3:26:01:32:f6:93:bf:10:a3:46:1e:08:39:fa:
80:a8:2c:ac:ae:b8:71:fc:ac:f4:a8:75:56:f6:3b:
d5:b1:59:3e:23:8a:c0:6e:28:a1:2b:38:8a:ed:15:
d1:af:bc:2b:ca:d9:95:2d:18:e6:8b:b7:19:fd:86:
06:6a:3b:87:53:06:d2:7a:cd:d0:fd:4c:b9:ac:5b:
f6:45:71:72:92:3b:b4:2a:c1:4e:d5:6a:6d:63:a4:
43:89:00:bb:9f:b3:1b:0c:24:40:ee:22:91:bc:ba:
2b:1b:5a:cd:07:8c:02:f5:d5:14:b8:b0:74:55:ee:
54:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:86:1A:16:B6:5F:18:D9:FB:79:CC:AE:C6:67:EF:C1:0C:71:BF
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OpaGGha2XxjZ-3nMrsZn78EMcb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0-146.0.2.255
146.0.5.0/24
146.0.8.0/23
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
87:1b:b3:98:29:fd:46:7c:64:74:2f:dc:7b:5d:cb:5a:75:36:
15:f3:a9:ec:3d:04:51:93:74:ec:1a:b4:38:f1:67:5f:d0:52:
56:60:b7:75:4e:d5:93:7b:63:c9:d8:95:63:b6:2e:30:54:bd:
81:59:e2:5e:9b:b1:c9:28:2b:78:9b:f0:2f:06:72:59:53:ee:
49:bb:0c:18:45:c3:00:51:ef:03:ae:13:91:ca:0b:b1:82:69:
99:90:5c:99:8e:0b:3a:91:39:38:ac:39:da:c7:91:71:db:30:
0e:86:c4:e9:ec:ac:37:1b:4d:2b:d7:81:2d:db:16:47:44:36:
92:1f:45:25:b2:b7:55:67:4b:5d:f9:4e:67:94:54:52:ad:f9:
6a:da:24:95:70:cd:a7:73:93:37:6e:6c:a7:d2:ff:b0:41:48:
15:2f:20:29:f5:16:82:23:08:7b:6d:61:b6:85:3b:b2:9a:c1:
66:55:82:a8:0e:46:b8:d5:90:98:90:65:ae:33:7f:09:f7:5f:
63:a0:a5:7e:dd:e0:db:76:99:63:a7:c5:34:b0:ad:83:bc:f9:
87:12:e3:bf:b8:47:f8:d2:0a:c3:96:ad:ea:75:58:9b:66:09:
a2:b0:8c:90:50:58:80:d6:48:ec:52:2a:be:c5:c7:59:1d:73:
00:6c:04:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZK4dW+H7Bv+BB6WLGVAx8pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjQxMDIzMDgxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2ODYxYTE2YjY1ZjE4ZDlmYjc5Y2NhZWM2NjdlZmMxMGM3MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncfSxikQ9Sk6jtPkxJlU7Byafwbo
JJEIl7SyB4aA46fIjQ5yUOaQ0uF4P4YldpNzsTT0lynW8qxJjFWyjUDSTXn5I3sW
fUxUin4fJkJTjuabMUWNlOUakyjxIR8bQCaaWn3kZuQeDBYADNN/uyPwh/3xiSVz
VtWWwEocmUdhaZLwp9ofsllSoyYBMvaTvxCjRh4IOfqAqCysrrhx/Kz0qHVW9jvV
sVk+I4rAbiihKziK7RXRr7wrytmVLRjmi7cZ/YYGajuHUwbSes3Q/Uy5rFv2RXFy
kju0KsFO1WptY6RDiQC7n7MbDCRA7iKRvLorG1rNB4wC9dUUuLB0Ve5UwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDqWhhoWtl8Y2ft5zK7GZ+/BDHG/MB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEvT3BhR0doYTJYeGpaLTNuTXJzWm43OEVNY2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeMAoDAgGSAwQA
kgACAwQAkgAFAwQBkgAIAwQAkgAPMA0GCSqGSIb3DQEBCwUAA4IBAQCHG7OYKf1G
fGR0L9x7XctadTYV86nsPQRRk3TsGrQ48Wdf0FJWYLd1TtWTe2PJ2JVjti4wVL2B
WeJem7HJKCt4m/AvBnJZU+5JuwwYRcMAUe8DrhORyguxgmmZkFyZjgs6kTk4rDna
x5Fx2zAOhsTp7Kw3G00r14Et2xZHRDaSH0UlsrdVZ0td+U5nlFRSrflq2iSVcM2n
c5M3bmyn0v+wQUgVLyAp9RaCIwh7bWG2hTuymsFmVYKoDka41ZCYkGWuM38J919j
oKV+3eDbdpljp8U0sK2DvPmHEuO/uEf40grDlq3qdVibZgmisIyQUFiA1kjsUiq+
xcdZHXMAbARK
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:16 2025 by rpki-client