Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/08b59b-4fd3-4569-9b56-1e0cc5e158fa/1/OwFZcocb5WMDzw0fFISz1Tkfy6E.roa
File: OwFZcocb5WMDzw0fFISz1Tkfy6E.roa (raw, json)
Hash identifier: ts08NJWE1XMXY/G5wA0nLhhai2bPkd24RT4miIKsIdg=
Subject key identifier: 3B:01:59:72:87:1B:E5:63:03:CF:0D:1F:14:84:B3:D5:39:1F:CB:A1
Certificate issuer: /CN=943e827f66d5b3955fe6d73ba0f15fbaac8b5150
Certificate serial: 018CC3B6777E71DE0F9F9B00E7B2E9401EDA
Authority key identifier: 94:3E:82:7F:66:D5:B3:95:5F:E6:D7:3B:A0:F1:5F:BA:AC:8B:51:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD6Cf2bVs5Vf5tc7oPFfuqyLUVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/08b59b-4fd3-4569-9b56-1e0cc5e158fa/1/OwFZcocb5WMDzw0fFISz1Tkfy6E.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21212
IP address blocks: 185.153.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:77:7e:71:de:0f:9f:9b:00:e7:b2:e9:40:1e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e827f66d5b3955fe6d73ba0f15fbaac8b5150
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b015972871be56303cf0d1f1484b3d5391fcba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2b:7b:6d:1a:03:f3:36:5f:69:70:36:61:39:
d4:2e:3f:2f:d8:f4:03:c7:44:99:3a:f9:74:da:d0:
cd:6b:e2:ef:bd:d3:2b:6b:21:cf:e8:0f:42:b9:c1:
1f:77:6e:16:da:96:03:44:67:3a:0d:57:82:7f:d2:
67:ac:eb:3c:35:9a:24:b7:4f:8a:c8:1a:28:8a:39:
2e:76:a5:44:ca:97:61:f3:d8:b0:52:3c:ec:ab:65:
7d:bb:3f:71:03:ee:ed:cb:96:04:6c:6c:e6:4d:36:
b1:9f:2d:9d:50:43:f9:8c:94:fc:f6:4e:dd:38:47:
08:ef:ca:d9:11:45:e9:ce:8e:f7:2a:eb:99:77:e4:
6c:e7:25:68:c0:04:0b:bb:52:8f:8d:9c:bf:48:26:
64:18:58:63:a1:60:c7:bd:e5:3c:a7:f9:cf:eb:66:
4b:7a:bc:f7:47:90:8b:86:ed:33:45:06:ad:75:89:
b3:64:94:71:bd:9b:b6:83:a4:70:ea:7c:f7:25:90:
e0:9c:e5:6f:16:31:da:a4:97:f7:b2:d2:81:2c:a4:
21:5f:6e:d4:a5:1b:bb:e2:fd:76:9b:13:5f:46:dc:
23:17:ca:6b:be:ae:8e:1e:ba:02:23:78:0e:6b:02:
fd:77:28:c5:bd:28:7e:8f:94:f5:2c:5d:3c:f8:7b:
49:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:01:59:72:87:1B:E5:63:03:CF:0D:1F:14:84:B3:D5:39:1F:CB:A1
X509v3 Authority Key Identifier:
keyid:94:3E:82:7F:66:D5:B3:95:5F:E6:D7:3B:A0:F1:5F:BA:AC:8B:51:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD6Cf2bVs5Vf5tc7oPFfuqyLUVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/08b59b-4fd3-4569-9b56-1e0cc5e158fa/1/OwFZcocb5WMDzw0fFISz1Tkfy6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/08b59b-4fd3-4569-9b56-1e0cc5e158fa/1/lD6Cf2bVs5Vf5tc7oPFfuqyLUVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.137.0/24
Signature Algorithm: sha256WithRSAEncryption
75:be:34:3d:e0:b6:24:80:60:ce:68:09:e6:91:d1:d8:70:b1:
5d:56:46:3e:7d:dd:92:d2:de:a3:8e:b0:24:2b:b7:a2:90:fe:
61:23:05:68:8b:d6:f8:ad:02:16:eb:26:5b:1d:95:86:56:26:
2b:7a:fc:5f:93:5c:37:35:8f:de:43:9f:b3:d2:06:8a:65:22:
01:5c:19:be:9d:ef:ee:e1:29:41:45:01:fb:fb:38:06:a5:fd:
d4:19:03:64:51:7b:db:88:04:6e:ea:4f:b2:8e:f0:5b:42:f3:
0e:b2:e0:64:81:14:d3:6c:e4:c3:72:68:c8:ba:12:e6:fb:75:
8d:0f:bd:6d:f2:21:44:84:0f:62:7a:f1:e0:4b:c3:57:53:a4:
a4:77:fa:da:77:00:61:a4:db:e8:3e:ee:b0:4b:bb:a5:3e:09:
ed:0d:34:05:20:8f:83:1e:b6:af:d8:9c:7a:6f:38:f4:08:b8:
09:04:c0:ec:e0:6d:d1:fe:03:2b:0a:d5:65:65:53:7e:a2:14:
19:26:6d:c3:d0:43:e0:96:9f:e7:cb:4e:4b:41:08:ff:4d:37:
10:0e:c5:fe:10:bc:fa:8a:33:52:b2:66:a9:1f:4d:51:d3:bd:
57:79:55:97:7f:ea:1c:c8:62:01:7a:bf:53:eb:7a:17:96:74:
e7:2f:27:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnd+cd4Pn5sA57LpQB7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2U4MjdmNjZkNWIzOTU1ZmU2ZDczYmEwZjE1ZmJhYWM4
YjUxNTAwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAxNTk3Mjg3MWJlNTYzMDNjZjBkMWYxNDg0YjNkNTM5MWZjYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCt7bRoD8zZfaXA2YTnULj8v2PQD
x0SZOvl02tDNa+LvvdMrayHP6A9CucEfd24W2pYDRGc6DVeCf9JnrOs8NZokt0+K
yBooijkudqVEypdh89iwUjzsq2V9uz9xA+7ty5YEbGzmTTaxny2dUEP5jJT89k7d
OEcI78rZEUXpzo73KuuZd+Rs5yVowAQLu1KPjZy/SCZkGFhjoWDHveU8p/nP62ZL
erz3R5CLhu0zRQatdYmzZJRxvZu2g6Rw6nz3JZDgnOVvFjHapJf3stKBLKQhX27U
pRu74v12mxNfRtwjF8prvq6OHroCI3gOawL9dyjFvSh+j5T1LF08+HtJAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDsBWXKHG+VjA88NHxSEs9U5H8uhMB8GA1UdIwQY
MBaAFJQ+gn9m1bOVX+bXO6DxX7qsi1FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ2Q2YyYlZzNVZmNXRjN29QRmZ1cXlMVVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wOGI1OWItNGZkMy00NTY5LTliNTYt
MWUwY2M1ZTE1OGZhLzEvT3dGWmNvY2I1V01EencwZkZJU3oxVGtmeTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wOGI1OWItNGZkMy00NTY5LTliNTYtMWUwY2M1ZTE1OGZh
LzEvbEQ2Q2YyYlZzNVZmNXRjN29QRmZ1cXlMVVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZmJMA0G
CSqGSIb3DQEBCwUAA4IBAQB1vjQ94LYkgGDOaAnmkdHYcLFdVkY+fd2S0t6jjrAk
K7eikP5hIwVoi9b4rQIW6yZbHZWGViYrevxfk1w3NY/eQ5+z0gaKZSIBXBm+ne/u
4SlBRQH7+zgGpf3UGQNkUXvbiARu6k+yjvBbQvMOsuBkgRTTbOTDcmjIuhLm+3WN
D71t8iFEhA9ievHgS8NXU6Skd/radwBhpNvoPu6wS7ulPgntDTQFII+DHrav2Jx6
bzj0CLgJBMDs4G3R/gMrCtVlZVN+ohQZJm3D0EPglp/ny05LQQj/TTcQDsX+ELz6
ijNSsmapH01R071XeVWXf+ocyGIBer9T63oXlnTnLydi
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:54 2025 by rpki-client