Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ObPyTxQfD1rGU4hzyu2913vzXvE.roa
File: ObPyTxQfD1rGU4hzyu2913vzXvE.roa (raw, json)
Hash identifier: k/yPdsBWBzHQ5a2gGAaeG76p8dgf+3SEbNSA92MwBNQ=
Subject key identifier: 39:B3:F2:4F:14:1F:0F:5A:C6:53:88:73:CA:ED:BD:D7:7B:F3:5E:F1
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC8030947E2E327477FBB0FF7340CB92B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ObPyTxQfD1rGU4hzyu2913vzXvE.roa
Signing time: Tue 02 Jan 2024 02:31:31 +0000
ROA not before: Tue 02 Jan 2024 02:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211353
IP address blocks: 193.182.244.0/24 maxlen: 24
193.182.243.0/24 maxlen: 24
194.103.46.0/24 maxlen: 24
193.183.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 08:54:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:09:47:e2:e3:27:47:7f:bb:0f:f7:34:0c:b9:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39b3f24f141f0f5ac6538873caedbdd77bf35ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:a8:0f:5d:93:c8:64:f7:c4:4c:57:d5:41:
77:95:8a:b3:f9:b7:f5:d7:1b:6c:59:13:5e:b6:35:
af:e5:46:41:d3:9a:6b:1b:1e:0f:86:1c:4c:67:e5:
06:48:fc:6c:e5:f2:4e:aa:3b:a4:cf:eb:9d:a9:75:
f9:7a:66:77:97:89:a7:15:d0:41:3e:71:9b:94:0d:
1b:b2:42:6a:c0:a8:8c:3b:5a:06:da:67:29:59:56:
71:61:b5:50:72:f9:be:a6:2c:1e:dd:da:02:f9:91:
2e:e4:02:1f:7a:d9:d4:91:20:d5:bd:d5:b4:b7:c7:
3b:29:a1:99:5c:78:50:a4:1f:06:97:9d:49:de:1f:
55:2c:eb:1e:4f:3a:24:26:d4:21:73:5d:3a:93:83:
94:33:71:41:64:39:f7:0b:58:cb:3f:d8:cc:3a:d9:
4e:ef:b9:26:7d:64:ef:c2:95:a5:39:c6:22:89:c3:
54:d6:8c:70:e5:c0:b3:7c:71:a7:bf:19:b7:a0:a3:
0a:c4:5e:03:00:93:4e:69:c2:1a:7d:e8:c6:2d:15:
7e:60:7d:32:b1:28:7f:9e:07:07:fa:32:83:9c:5e:
b0:5b:f2:72:28:1f:61:9c:5e:3d:03:7c:6a:7c:c6:
93:b7:ce:fb:5a:5c:d0:0f:e0:51:96:e7:1e:76:a4:
16:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B3:F2:4F:14:1F:0F:5A:C6:53:88:73:CA:ED:BD:D7:7B:F3:5E:F1
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ObPyTxQfD1rGU4hzyu2913vzXvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.243.0-193.182.244.255
193.183.85.0/24
194.103.46.0/24
Signature Algorithm: sha256WithRSAEncryption
44:dd:02:1a:ef:55:a4:c5:62:ee:28:56:9d:c3:7c:32:f9:4f:
02:0f:4c:19:46:db:93:3c:8b:70:20:33:06:a9:de:24:4a:51:
14:8e:1a:9e:53:8e:e9:44:d0:f3:26:05:c0:71:54:72:22:fb:
b7:c5:47:7e:1c:be:4b:bb:20:a1:69:7f:6e:9e:f4:cb:18:8a:
03:3b:90:5d:4c:c8:5a:02:83:f4:2f:d8:ab:13:80:4c:c8:fa:
68:2f:7e:1c:33:3a:2d:0e:68:42:2c:1d:76:6b:3b:49:4d:98:
25:68:3a:ae:73:7a:53:a2:89:c1:71:55:90:6b:19:b8:d8:fe:
ab:aa:2f:6b:16:f6:e8:10:a5:1f:ed:c0:9c:ad:9e:37:33:d2:
9c:19:d2:19:74:d4:b2:16:a9:85:8f:04:78:d9:cc:7d:30:98:
74:14:c3:9f:83:74:7f:5a:0e:64:91:b5:34:ba:a9:62:47:b6:
c5:f1:bb:25:25:5e:b8:f7:97:71:27:26:05:1e:07:25:f0:89:
52:08:06:75:07:ff:f1:81:24:c3:ff:d2:9e:a1:22:7e:5f:35:
ce:b4:a8:b7:95:1a:ab:90:11:4d:05:c5:d5:a6:2c:19:ef:43:
63:a2:23:78:55:7f:9a:e5:1e:ea:e6:b9:ec:54:e7:37:45:bf:
29:88:22:76
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIAwlH4uMnR3+7D/c0DLkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIzZjI0ZjE0MWYwZjVhYzY1Mzg4NzNjYWVkYmRkNzdiZjM1ZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaqoD12TyGT3xExX1UF3lYqz+bf1
1xtsWRNetjWv5UZB05prGx4PhhxMZ+UGSPxs5fJOqjukz+udqXX5emZ3l4mnFdBB
PnGblA0bskJqwKiMO1oG2mcpWVZxYbVQcvm+piwe3doC+ZEu5AIfetnUkSDVvdW0
t8c7KaGZXHhQpB8Gl51J3h9VLOseTzokJtQhc106k4OUM3FBZDn3C1jLP9jMOtlO
77kmfWTvwpWlOcYiicNU1oxw5cCzfHGnvxm3oKMKxF4DAJNOacIafejGLRV+YH0y
sSh/ngcH+jKDnF6wW/JyKB9hnF49A3xqfMaTt877WlzQD+BRlucedqQWowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDmz8k8UHw9axlOIc8rtvdd7817xMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvT2JQeVR4UWZEMXJHVTRoenl1MjkxM3Z6WHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBtvMD
BADBtvQDBADBt1UDBADCZy4wDQYJKoZIhvcNAQELBQADggEBAETdAhrvVaTFYu4o
Vp3DfDL5TwIPTBlG25M8i3AgMwap3iRKURSOGp5TjulE0PMmBcBxVHIi+7fFR34c
vku7IKFpf26e9MsYigM7kF1MyFoCg/Qv2KsTgEzI+mgvfhwzOi0OaEIsHXZrO0lN
mCVoOq5zelOiicFxVZBrGbjY/quqL2sW9ugQpR/twJytnjcz0pwZ0hl01LIWqYWP
BHjZzH0wmHQUw5+DdH9aDmSRtTS6qWJHtsXxuyUlXrj3l3EnJgUeByXwiVIIBnUH
//GBJMP/0p6hIn5fNc60qLeVGquQEU0FxdWmLBnvQ2OiI3hVf5rlHurmuexU5zdF
vymIInY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:10 2025 by rpki-client