Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oXNl63pEEQYgOnT02n16WwVy2X4.roa
File: oXNl63pEEQYgOnT02n16WwVy2X4.roa (raw, json)
Hash identifier: 6lmbYKZik+n4eWEEc/sto/5gYn4MKgzj1FrvnQ/OMr4=
Subject key identifier: A1:73:65:EB:7A:44:11:06:20:3A:74:F4:DA:7D:7A:5B:05:72:D9:7E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0190FA5EF1B9F5D26535D91EC933EB9ABD83
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oXNl63pEEQYgOnT02n16WwVy2X4.roa
Signing time: Sun 28 Jul 2024 17:24:04 +0000
ROA not before: Sun 28 Jul 2024 17:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.141.234.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 07:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fa:5e:f1:b9:f5:d2:65:35:d9:1e:c9:33:eb:9a:bd:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 28 17:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a17365eb7a441106203a74f4da7d7a5b0572d97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c2:35:65:7b:1b:cc:b2:d0:ec:08:f9:70:de:
48:88:a9:ad:6c:56:e4:33:d9:7e:b8:63:e1:ee:53:
af:67:66:10:d1:02:55:78:73:2c:32:d6:1f:6f:75:
50:ff:d7:7e:fd:b5:e5:2a:bf:b9:6b:a0:fb:de:33:
d2:76:94:5c:d4:23:7d:36:78:8f:8c:61:f7:bc:47:
c3:cd:df:1e:e1:07:c0:52:91:a6:b8:cf:fd:a4:e2:
c4:6d:15:d5:c9:ed:72:e0:e1:07:3a:0c:b0:22:84:
7d:7a:54:47:ee:3d:4a:aa:1a:7e:bb:98:83:ca:52:
40:30:8e:a5:51:42:ce:b7:24:ba:41:e9:12:11:9d:
57:30:0c:b5:d1:d2:0f:f7:e8:33:c8:c4:8e:8d:28:
30:14:65:dc:20:0f:0b:d4:29:36:93:07:a0:92:4b:
f4:e7:d6:39:83:33:1d:e7:b8:c8:4f:aa:7a:c9:79:
83:d6:47:16:f5:17:83:74:56:b7:12:c9:f6:b4:a6:
cf:8d:d0:21:63:f0:e2:26:5b:37:1d:c8:5f:b7:6e:
4c:0c:0d:f5:5d:be:bd:f1:e2:9e:7b:f9:7c:be:10:
d5:80:75:e9:49:79:96:54:7c:b4:72:f3:36:12:3b:
bf:27:92:f3:6d:b3:4a:54:bb:f7:d9:4b:ce:e9:3e:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:73:65:EB:7A:44:11:06:20:3A:74:F4:DA:7D:7A:5B:05:72:D9:7E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/oXNl63pEEQYgOnT02n16WwVy2X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
91.92.35.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:fa:65:09:d2:7b:f5:af:c5:6f:f4:29:25:a9:32:5d:fd:fd:
dd:32:eb:6e:a8:5b:2c:f7:ba:00:de:a3:bf:9f:63:d2:3d:6b:
1e:b0:71:b0:be:a6:48:42:b4:32:41:26:e7:79:0e:b8:a6:ff:
65:6b:06:4d:37:00:e6:ce:1d:30:64:28:90:62:54:4a:ef:99:
02:0b:cc:0c:cb:92:88:0d:0b:e4:b2:f8:80:13:e9:bb:fb:45:
6b:68:4f:db:fb:fc:77:cf:21:72:a9:bf:5b:8b:86:fb:ef:fe:
c8:c1:43:5a:7d:27:1e:36:7c:e7:f9:0b:ae:08:9e:d8:2c:90:
5b:54:0b:14:7f:15:a3:38:86:7d:a1:bb:d0:ad:8e:44:00:f1:
41:7b:f4:42:37:74:9b:f5:e9:a6:b9:ee:ca:27:74:0e:b0:39:
bf:2d:82:6c:34:84:66:61:60:22:cc:d0:42:60:69:8f:13:5d:
36:f8:71:ce:f8:ba:92:fb:c6:a8:34:e5:29:bb:1a:45:32:a8:
c2:9a:79:5f:03:6a:d8:38:68:67:93:d0:46:c6:c7:98:ad:39:
78:79:a3:7e:67:0f:1b:ac:a1:00:7f:3a:c8:cd:44:c3:e1:c2:
d2:dd:7b:35:fc:2a:11:1b:32:c6:20:c3:c5:22:a8:67:9f:e6:
8f:11:0b:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZD6XvG59dJlNdkeyTPrmr2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwNzI4MTcyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTczNjVlYjdhNDQxMTA2MjAzYTc0ZjRkYTdkN2E1YjA1NzJkOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cI1ZXsbzLLQ7Aj5cN5IiKmtbFbk
M9l+uGPh7lOvZ2YQ0QJVeHMsMtYfb3VQ/9d+/bXlKr+5a6D73jPSdpRc1CN9NniP
jGH3vEfDzd8e4QfAUpGmuM/9pOLEbRXVye1y4OEHOgywIoR9elRH7j1Kqhp+u5iD
ylJAMI6lUULOtyS6QekSEZ1XMAy10dIP9+gzyMSOjSgwFGXcIA8L1Ck2kwegkkv0
59Y5gzMd57jIT6p6yXmD1kcW9ReDdFa3Esn2tKbPjdAhY/DiJls3Hchft25MDA31
Xb698eKee/l8vhDVgHXpSXmWVHy0cvM2Eju/J5LzbbNKVLv32UvO6T4oLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKFzZet6RBEGIDp09Np9elsFctl+MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvb1hObDYzcEVFUVlnT25UMDJuMTZXd1Z5Mlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY3qAwQA
W1wjAwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQBK+mUJ0nv1r8Vv9CklqTJd/f3d
MutuqFss97oA3qO/n2PSPWsesHGwvqZIQrQyQSbneQ64pv9lawZNNwDmzh0wZCiQ
YlRK75kCC8wMy5KIDQvksviAE+m7+0VraE/b+/x3zyFyqb9bi4b77/7IwUNafSce
Nnzn+QuuCJ7YLJBbVAsUfxWjOIZ9obvQrY5EAPFBe/RCN3Sb9emmue7KJ3QOsDm/
LYJsNIRmYWAizNBCYGmPE102+HHO+LqS+8aoNOUpuxpFMqjCmnlfA2rYOGhnk9BG
xseYrTl4eaN+Zw8brKEAfzrIzUTD4cLS3Xs1/CoRGzLGIMPFIqhnn+aPEQsl
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:30 2025 by rpki-client