Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/On0J3sxLAQB_1OfTr9lksY1V0Zw.roa
File: On0J3sxLAQB_1OfTr9lksY1V0Zw.roa (raw, json)
Hash identifier: s66zspajbhVEiX4y9DHiSjTZAQB1B6UP7FoZrUZ15qE=
Subject key identifier: 3A:7D:09:DE:CC:4B:01:00:7F:D4:E7:D3:AF:D9:64:B1:8D:55:D1:9C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802D546B19EECD25A3EF90E4B06E230
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/On0J3sxLAQB_1OfTr9lksY1V0Zw.roa
Signing time: Tue 02 Jan 2024 02:31:17 +0000
ROA not before: Tue 02 Jan 2024 02:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.68.123.0/24 maxlen: 24
194.68.128.0/24 maxlen: 24
194.68.130.0/23 maxlen: 23
194.68.133.0/24 maxlen: 24
194.68.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 12:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d5:46:b1:9e:ec:d2:5a:3e:f9:0e:4b:06:e2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7d09decc4b01007fd4e7d3afd964b18d55d19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:9f:75:68:d9:73:12:f4:2d:ec:7d:61:c2:
96:85:5b:2d:be:d5:f4:ed:99:9c:5e:22:c9:c3:65:
fe:bf:10:4e:8c:d5:0b:95:d3:3e:ab:ae:5e:cb:15:
22:fa:90:94:7c:65:28:7e:c7:7c:6f:ad:7e:50:4b:
a8:2a:27:85:6e:e4:63:76:21:53:8c:f2:d6:fc:c9:
6c:e4:7f:21:14:36:90:77:55:2f:24:26:5f:88:bf:
d2:2c:da:fc:08:ba:e6:b4:b3:fa:a3:20:aa:69:a8:
e6:75:23:94:35:aa:3c:11:4a:63:d8:8a:ea:f1:2d:
f7:85:48:e6:83:ba:75:e3:38:65:83:7e:20:c0:f2:
99:94:ee:99:e7:f4:cc:ce:a4:00:dc:df:fc:47:68:
f8:3e:e4:6a:bf:58:f3:e0:9a:bf:92:39:5e:d6:09:
62:12:b2:33:5e:9e:2d:08:12:d5:ec:12:3d:1c:6b:
73:fd:35:fe:bc:d2:89:e2:be:4a:9f:4d:67:cd:fa:
ef:21:98:67:20:d8:7d:4d:b8:3c:b9:2a:19:d6:09:
0e:db:62:25:c7:6a:b5:00:0e:49:90:68:8a:71:31:
0a:ce:ff:42:57:bb:db:35:fc:6d:71:9e:5a:5f:6c:
9e:80:ff:83:8a:26:e1:7d:0d:47:75:22:5d:c9:d8:
64:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7D:09:DE:CC:4B:01:00:7F:D4:E7:D3:AF:D9:64:B1:8D:55:D1:9C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/On0J3sxLAQB_1OfTr9lksY1V0Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.68.123.0/24
194.68.128.0/24
194.68.130.0/23
194.68.133.0/24
194.68.135.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f0:a3:99:4e:82:25:42:6c:ae:b0:84:9e:f2:5c:19:ab:a1:
3c:25:86:ef:d8:68:5d:19:5c:c8:69:d5:9a:ed:21:ca:24:8e:
19:c6:c3:6c:63:ba:59:8d:78:d5:69:ed:ca:11:8f:09:7b:fb:
fb:9f:34:f7:bc:55:bd:28:ff:64:59:a8:17:eb:6a:67:21:a8:
c2:53:12:88:6e:0c:47:7e:41:45:61:9d:f1:a7:a2:5a:2a:22:
f7:8b:c2:3e:ec:c9:37:ee:c7:b4:7d:63:2b:6d:53:10:c2:0a:
6c:27:70:48:9a:d8:3a:ca:3a:db:35:30:df:24:7e:23:93:70:
c0:1b:91:c2:b3:fc:c9:c9:6b:cc:04:51:dc:cc:b2:9d:4e:f6:
2d:7b:51:16:5d:87:2d:0a:6a:7b:d7:d6:6c:42:a8:e4:28:ba:
05:6b:5f:60:a4:e3:44:fb:e6:da:4a:d9:1c:55:86:9f:ad:fc:
49:b1:49:da:05:b8:dc:87:9c:d9:da:80:25:d8:d8:80:68:19:
5c:51:ec:e1:62:63:58:88:62:da:9c:9e:ac:f1:03:04:62:be:
e2:c3:61:35:65:f7:19:3a:89:b5:7e:35:5e:e1:08:f9:2f:8f:
0b:43:fa:da:6e:14:d1:20:de:d6:83:9e:e6:5e:bf:d1:bf:23:
58:47:4a:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAtVGsZ7s0lo++Q5LBuIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdkMDlkZWNjNGIwMTAwN2ZkNGU3ZDNhZmQ5NjRiMThkNTVkMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+OfdWjZcxL0Lex9YcKWhVstvtX0
7ZmcXiLJw2X+vxBOjNULldM+q65eyxUi+pCUfGUofsd8b61+UEuoKieFbuRjdiFT
jPLW/Mls5H8hFDaQd1UvJCZfiL/SLNr8CLrmtLP6oyCqaajmdSOUNao8EUpj2Irq
8S33hUjmg7p14zhlg34gwPKZlO6Z5/TMzqQA3N/8R2j4PuRqv1jz4Jq/kjle1gli
ErIzXp4tCBLV7BI9HGtz/TX+vNKJ4r5Kn01nzfrvIZhnINh9Tbg8uSoZ1gkO22Il
x2q1AA5JkGiKcTEKzv9CV7vbNfxtcZ5aX2yegP+DiibhfQ1HdSJdydhkzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDp9Cd7MSwEAf9Tn06/ZZLGNVdGcMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvT24wSjNzeExBUUJfMU9mVHI5bGtzWTFWMFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwkR7AwQA
wkSAAwQBwkSCAwQAwkSFAwQAwkSHMA0GCSqGSIb3DQEBCwUAA4IBAQBl8KOZToIl
QmyusISe8lwZq6E8JYbv2GhdGVzIadWa7SHKJI4ZxsNsY7pZjXjVae3KEY8Je/v7
nzT3vFW9KP9kWagX62pnIajCUxKIbgxHfkFFYZ3xp6JaKiL3i8I+7Mk37se0fWMr
bVMQwgpsJ3BImtg6yjrbNTDfJH4jk3DAG5HCs/zJyWvMBFHczLKdTvYte1EWXYct
Cmp719ZsQqjkKLoFa19gpONE++baStkcVYafrfxJsUnaBbjch5zZ2oAl2NiAaBlc
UezhYmNYiGLanJ6s8QMEYr7iw2E1ZfcZOom1fjVe4Qj5L48LQ/rabhTRIN7Wg57m
Xr/RvyNYR0oY
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:27:26 2025 by rpki-client