Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/oWs4I-J87MIxd8g8fV3o2oYJl6A.roa
File: oWs4I-J87MIxd8g8fV3o2oYJl6A.roa (raw, json)
Hash identifier: PTR+fX1YtkmuFscfoP1s/L3sWhPoWvF7fUT0B0CLVJI=
Subject key identifier: A1:6B:38:23:E2:7C:EC:C2:31:77:C8:3C:7D:5D:E8:DA:86:09:97:A0
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0192CA22E3A27539B3E6F9C05169F6E3DBC3
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/oWs4I-J87MIxd8g8fV3o2oYJl6A.roa
Signing time: Sat 26 Oct 2024 18:42:17 +0000
ROA not before: Sat 26 Oct 2024 18:42:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 45.86.156.0/24 maxlen: 24
85.117.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ca:22:e3:a2:75:39:b3:e6:f9:c0:51:69:f6:e3:db:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Oct 26 18:42:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a16b3823e27cecc23177c83c7d5de8da860997a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:72:82:b4:92:4c:44:ea:26:dc:0f:44:9b:2a:
41:2a:02:fb:e1:71:4b:02:c3:3a:67:ec:5d:92:54:
47:3c:97:0b:cc:5a:6b:50:b0:a6:85:27:25:6d:8b:
f6:a4:a0:46:c6:11:10:d5:e7:e5:44:c8:d5:82:56:
cd:db:d6:72:a7:f2:fe:f8:28:99:b6:13:5f:43:af:
a4:1c:fc:43:b3:fa:56:07:99:07:e1:52:30:83:a2:
fe:fb:c8:d3:5e:9f:54:77:e9:70:37:63:d4:8c:b2:
f2:80:47:a5:5f:c0:df:2f:96:aa:f8:74:53:3f:3d:
5d:e4:c6:5c:dc:74:8d:01:51:15:0b:7f:3f:ad:cc:
d1:69:6b:a7:5e:5d:60:31:e1:8d:73:b2:ad:3c:fd:
ef:d0:b0:7c:11:42:06:3f:19:71:05:a0:05:70:f6:
65:04:83:40:2e:2e:b4:3b:98:46:65:07:38:c9:ee:
e1:5b:e3:09:42:24:3a:c2:b3:8d:0a:0b:dd:03:dc:
2b:84:2c:aa:8a:b4:e9:29:2f:0c:b9:7c:7a:fa:14:
ac:15:f5:0a:36:7c:d5:1c:e5:86:25:c5:27:ab:09:
f7:00:fc:5d:0e:c6:0b:2c:0c:1b:7d:75:aa:1c:f8:
48:90:be:9b:89:23:28:8d:ca:4e:f6:2f:d5:c5:f0:
d7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6B:38:23:E2:7C:EC:C2:31:77:C8:3C:7D:5D:E8:DA:86:09:97:A0
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/oWs4I-J87MIxd8g8fV3o2oYJl6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/24
85.117.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:9d:9d:34:d6:81:8c:a5:58:34:c3:16:60:f2:c8:65:89:71:
82:81:05:bf:94:3a:45:c2:da:3a:f2:7d:ed:41:ed:fc:50:f6:
f7:8a:c3:5c:ce:36:67:4f:21:0e:aa:71:20:7c:24:46:60:46:
5d:b2:c4:4e:58:7d:0b:39:10:dc:77:c4:9f:96:83:5b:2a:7a:
e9:51:22:14:88:31:6f:7e:69:94:ca:0a:02:a3:21:e1:d7:ce:
aa:ff:e4:c4:4c:97:e6:c9:52:8d:02:ab:5e:20:67:b5:e5:92:
cf:33:ae:c0:df:06:62:d5:7f:b0:6e:ed:19:2a:62:ef:98:73:
19:8a:f3:4d:3f:e0:45:24:f0:fb:72:d1:0f:ac:11:75:17:ef:
83:c2:48:7d:c6:a9:ca:9c:e0:92:f6:c1:67:ac:94:74:d4:e1:
e6:33:90:9c:81:b8:07:cf:2b:b4:5e:29:b3:2c:a6:11:26:b1:
dd:38:76:4d:fa:56:20:9b:6f:14:f1:53:7f:5f:2b:26:bf:49:
f9:96:08:ba:b8:9d:e5:cb:0b:2f:1c:b3:fc:3d:4d:7d:2c:48:
05:b7:71:dc:d1:94:6a:5a:2a:1a:1b:41:4a:43:fa:60:0b:80:
50:77:46:5b:42:e2:6b:0f:05:6a:eb:3c:a3:85:9e:ff:a2:70:
c5:3d:06:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLKIuOidTmz5vnAUWn249vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMDI2MTg0MjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZiMzgyM2UyN2NlY2MyMzE3N2M4M2M3ZDVkZThkYTg2MDk5N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3KCtJJMROom3A9EmypBKgL74XFL
AsM6Z+xdklRHPJcLzFprULCmhSclbYv2pKBGxhEQ1eflRMjVglbN29Zyp/L++CiZ
thNfQ6+kHPxDs/pWB5kH4VIwg6L++8jTXp9Ud+lwN2PUjLLygEelX8DfL5aq+HRT
Pz1d5MZc3HSNAVEVC38/rczRaWunXl1gMeGNc7KtPP3v0LB8EUIGPxlxBaAFcPZl
BINALi60O5hGZQc4ye7hW+MJQiQ6wrONCgvdA9wrhCyqirTpKS8MuXx6+hSsFfUK
NnzVHOWGJcUnqwn3APxdDsYLLAwbfXWqHPhIkL6biSMojcpO9i/VxfDX/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKFrOCPifOzCMXfIPH1d6NqGCZegMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvb1dzNEktSjg3TUl4ZDhnOGZWM28yb1lKbDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVacAwQA
VXXxMA0GCSqGSIb3DQEBCwUAA4IBAQAOnZ001oGMpVg0wxZg8shliXGCgQW/lDpF
wto68n3tQe38UPb3isNczjZnTyEOqnEgfCRGYEZdssROWH0LORDcd8SfloNbKnrp
USIUiDFvfmmUygoCoyHh186q/+TETJfmyVKNAqteIGe15ZLPM67A3wZi1X+wbu0Z
KmLvmHMZivNNP+BFJPD7ctEPrBF1F++Dwkh9xqnKnOCS9sFnrJR01OHmM5CcgbgH
zyu0XimzLKYRJrHdOHZN+lYgm28U8VN/Xysmv0n5lgi6uJ3lywsvHLP8PU19LEgF
t3Hc0ZRqWioaG0FKQ/pgC4BQd0ZbQuJrDwVq6zyjhZ7/onDFPQZv
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:05 2025 by rpki-client