Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o5Rksw7aIlZ8a6-VSFg1guauLg8.roa
File: o5Rksw7aIlZ8a6-VSFg1guauLg8.roa (raw, json)
Hash identifier: Y2EbhgqnDcpwQRFAa9qWkqzBgUmN8PTE/FpcWYQbGyM=
Subject key identifier: A3:94:64:B3:0E:DA:22:56:7C:6B:AF:95:48:58:35:82:E6:AE:2E:0F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018F80FF9631360AEF65B756DF746D2992E0
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o5Rksw7aIlZ8a6-VSFg1guauLg8.roa
Signing time: Thu 16 May 2024 10:43:04 +0000
ROA not before: Thu 16 May 2024 10:43:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 07:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:ff:96:31:36:0a:ef:65:b7:56:df:74:6d:29:92:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 16 10:43:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a39464b30eda22567c6baf9548583582e6ae2e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:34:39:36:a9:4d:4d:e2:11:20:b4:9a:86:54:
3d:6a:98:7e:99:34:8c:6c:0a:1c:5e:5c:e8:ee:af:
9d:c6:aa:9a:6e:f9:19:9d:59:23:f4:47:a1:92:22:
a9:58:e7:39:78:35:b3:a2:43:80:1c:16:d2:ee:b1:
13:d9:2c:4a:7f:03:45:cc:54:b5:e8:d0:af:ec:66:
23:41:b8:79:14:ce:d3:8b:4c:12:9a:d4:f6:b5:58:
6b:bb:4a:e6:09:47:d4:9e:8b:f6:3a:49:05:70:22:
35:df:63:22:27:23:e2:2b:89:72:82:ac:57:a5:85:
3d:e3:b3:24:3c:89:0f:a5:ac:3d:d7:b6:8b:58:c8:
c0:d9:d3:e4:d8:82:4b:a8:ea:64:2d:1d:c4:7d:b4:
53:3f:93:19:d5:f7:76:da:6a:2f:62:3e:d4:d3:ba:
ea:81:0f:79:ca:67:80:9e:e6:2f:9f:52:a2:af:57:
32:88:3b:9e:11:52:3c:d6:90:51:c4:23:4f:9b:20:
25:43:af:f5:e1:42:2d:ad:5c:e4:af:f5:6e:e6:2b:
8c:e6:c7:94:91:7b:25:7f:5b:02:80:99:10:93:57:
4f:b7:c5:42:5b:7c:61:60:e8:49:5e:63:92:ad:fe:
71:5d:58:f8:91:2e:fb:ec:0b:4c:de:d1:f9:74:8a:
8a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:94:64:B3:0E:DA:22:56:7C:6B:AF:95:48:58:35:82:E6:AE:2E:0F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/o5Rksw7aIlZ8a6-VSFg1guauLg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.181.187.0/24
193.183.118.0/24
193.234.68.0/23
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:05:58:df:9e:9e:0c:87:d3:49:fd:d6:9a:09:ed:08:27:c8:
28:b5:57:fc:7b:fa:13:73:4d:6b:34:59:15:87:99:48:6d:b5:
f0:97:28:59:a5:d6:12:80:91:a8:15:8e:86:98:6b:0a:9f:7e:
cf:ff:cd:1c:ac:d6:51:61:c4:89:22:be:ae:ec:96:21:31:97:
c6:e4:1e:63:cd:83:29:bb:0f:cb:58:9d:c9:e3:91:2a:63:24:
ba:5a:35:0c:c0:2f:68:53:aa:24:cb:25:19:c0:3f:de:fd:a5:
dd:cd:cd:3a:ce:60:5f:c7:24:76:5c:de:2f:c3:1e:47:72:de:
32:17:39:56:c5:be:19:fb:c0:62:f2:1d:17:2e:01:37:9b:a2:
d8:6c:99:7b:62:ea:93:9e:bb:07:75:28:79:cc:84:b5:b0:2b:
23:7b:ef:c0:fe:eb:b8:d9:34:81:61:ca:38:fe:e3:87:7f:02:
c5:1b:c5:04:3d:f6:87:27:70:4c:a0:e3:a3:5a:67:91:34:38:
27:fc:36:82:1b:1c:97:3b:aa:b7:73:e8:80:5b:02:a1:81:07:
80:60:e6:37:1b:dd:cb:7d:ba:01:26:48:45:28:b8:b4:52:ef:
05:f3:e9:81:7b:e8:78:05:a5:b1:9d:72:8d:55:38:d4:3a:03:
76:ac:3e:ba
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY+A/5YxNgrvZbdW33RtKZLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNTE2MTA0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk0NjRiMzBlZGEyMjU2N2M2YmFmOTU0ODU4MzU4MmU2YWUyZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjQ5NqlNTeIRILSahlQ9aph+mTSM
bAocXlzo7q+dxqqabvkZnVkj9EehkiKpWOc5eDWzokOAHBbS7rET2SxKfwNFzFS1
6NCv7GYjQbh5FM7Ti0wSmtT2tVhru0rmCUfUnov2OkkFcCI132MiJyPiK4lygqxX
pYU947MkPIkPpaw917aLWMjA2dPk2IJLqOpkLR3EfbRTP5MZ1fd22movYj7U07rq
gQ95ymeAnuYvn1Kir1cyiDueEVI81pBRxCNPmyAlQ6/14UItrVzkr/Vu5iuM5seU
kXslf1sCgJkQk1dPt8VCW3xhYOhJXmOSrf5xXVj4kS777AtM3tH5dIqKcQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFKOUZLMO2iJWfGuvlUhYNYLmri4PMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbzVSa3N3N2FJbFo4YTYtVlNGZzFndWF1TGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADA
JCUDBADAR54DBADAeawDBADAecADBADBtD0DBADBtbsDBADBt3YDBAHB6kQDBADB
6u0DBADCDoEDBADCDtQDBAHCRDgDBADCRGMDBADCRH4DBAHCRMIDBADCRxsDBADC
R1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwDBAHChK4wDQYJKoZIhvcNAQELBQAD
ggEBAA4FWN+engyH00n91poJ7QgnyCi1V/x7+hNzTWs0WRWHmUhttfCXKFml1hKA
kagVjoaYawqffs//zRys1lFhxIkivq7sliExl8bkHmPNgym7D8tYncnjkSpjJLpa
NQzAL2hTqiTLJRnAP979pd3NzTrOYF/HJHZc3i/DHkdy3jIXOVbFvhn7wGLyHRcu
ATebothsmXti6pOeuwd1KHnMhLWwKyN778D+67jZNIFhyjj+44d/AsUbxQQ99ocn
cEyg46NaZ5E0OCf8NoIbHJc7qrdz6IBbAqGBB4Bg5jcb3ct9ugEmSEUouLRS7wXz
6YF76HgFpbGdco1VONQ6A3asPro=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:59 2025 by rpki-client