Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/0Mh82WWQdd5jntuV-prK-MJrkgw.roa
File: 0Mh82WWQdd5jntuV-prK-MJrkgw.roa (raw, json)
Hash identifier: 0jW3wr1UsjwKlyjf0dqKl6vHi1yd0FcwpZYCZVei4uA=
Subject key identifier: D0:C8:7C:D9:65:90:75:DE:63:9E:DB:95:FA:9A:CA:F8:C2:6B:92:0C
Certificate issuer: /CN=3f81a8e8c75b58f7d1efd4c3e6522d27863f9ccf
Certificate serial: 018CC348E13567554C8DEA7FB6D9498F17A1
Authority key identifier: 3F:81:A8:E8:C7:5B:58:F7:D1:EF:D4:C3:E6:52:2D:27:86:3F:9C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P4Go6MdbWPfR79TD5lItJ4Y_nM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/0Mh82WWQdd5jntuV-prK-MJrkgw.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6867
IP address blocks: 147.52.0.0/16 maxlen: 16
192.103.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e1:35:67:55:4c:8d:ea:7f:b6:d9:49:8f:17:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f81a8e8c75b58f7d1efd4c3e6522d27863f9ccf
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0c87cd9659075de639edb95fa9acaf8c26b920c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:10:eb:b3:b0:1e:a9:1f:07:81:1b:80:d1:c8:
15:ec:ca:c8:6d:89:ca:22:41:ce:ef:21:cc:a6:85:
fe:be:11:20:cb:8a:c9:9c:b6:9b:0f:60:2f:1d:20:
2d:bb:60:42:7d:0b:9a:67:8d:fd:fd:d6:01:34:d3:
02:41:4d:fc:d9:f7:7a:bc:f2:a9:b3:06:c2:de:33:
e8:79:31:8c:9e:9c:59:fe:5b:39:84:ed:18:49:8d:
c5:8d:ad:14:ff:9b:b7:c8:aa:f0:14:fb:39:2a:9a:
a7:e8:eb:e3:1d:21:7a:a7:ee:74:9d:a3:f0:fa:cf:
58:ec:9f:a3:b3:f9:8c:b6:6e:6c:6a:1f:49:81:13:
fd:43:e1:3f:d4:8c:9b:a9:ba:73:9e:6c:c5:b2:3a:
4f:ae:59:af:a1:30:2c:e4:29:a3:db:bb:23:bc:14:
cc:53:cb:6a:a8:4c:b1:76:0c:74:b0:b7:91:fe:9d:
c3:6a:19:3d:b1:66:c4:91:2c:f9:a8:4f:88:84:0a:
16:2c:e1:b7:0e:e9:4b:9a:6a:76:71:03:3c:ef:74:
18:59:3a:ac:ab:02:45:25:47:7a:c1:23:ec:12:67:
e1:99:46:f3:c3:b8:c0:16:d4:0d:05:74:0c:6c:61:
25:e3:cb:ab:d7:01:c0:a6:05:2f:04:93:36:dc:9c:
2c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C8:7C:D9:65:90:75:DE:63:9E:DB:95:FA:9A:CA:F8:C2:6B:92:0C
X509v3 Authority Key Identifier:
keyid:3F:81:A8:E8:C7:5B:58:F7:D1:EF:D4:C3:E6:52:2D:27:86:3F:9C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P4Go6MdbWPfR79TD5lItJ4Y_nM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/0Mh82WWQdd5jntuV-prK-MJrkgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/eb7f7e-a880-497b-b54c-b708c40a667f/1/P4Go6MdbWPfR79TD5lItJ4Y_nM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.52.0.0/16
192.103.20.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ac:f3:87:b9:9b:e2:02:0b:85:1c:9d:51:c6:6a:51:02:10:
0b:6e:de:e5:99:de:ac:e5:a4:3e:83:26:25:c7:c4:06:e4:e1:
e6:dc:3c:50:59:36:46:93:c3:c8:0b:ae:3b:f5:3e:c0:91:1d:
00:ef:e6:1e:5c:dd:c5:1b:0a:a4:1a:59:42:e9:57:86:fd:da:
eb:09:fd:dd:5d:63:bc:73:2f:e3:8f:bb:85:dd:eb:4f:27:05:
cc:d4:cc:b2:6a:54:86:68:77:d7:e7:66:02:b0:ea:96:87:97:
02:6a:1f:2a:15:25:e4:4e:70:ea:01:eb:ad:69:06:2f:8e:4a:
dd:80:e4:65:11:c6:15:6d:c3:b7:a6:96:e9:e2:4d:f9:2d:34:
e6:75:d5:4e:82:03:06:56:ba:79:ff:bf:b5:ac:5c:c7:45:0f:
a3:0d:2e:3a:cb:b9:f3:82:2f:8e:21:a3:ab:0a:4e:99:66:37:
1d:d3:1a:d0:6a:2d:33:b2:4c:74:27:2e:a3:d9:23:89:aa:8e:
7f:98:d3:9d:92:68:e1:25:6a:60:a6:20:82:8e:87:e1:7c:d5:
87:af:f7:4d:fc:48:c8:0d:3a:ab:97:3b:ba:36:5b:25:68:62:
37:88:da:57:3f:54:2c:06:50:cf:c8:b1:05:0b:e5:c3:c0:1c:
88:1c:6e:a6
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzDSOE1Z1VMjep/ttlJjxehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmODFhOGU4Yzc1YjU4ZjdkMWVmZDRjM2U2NTIyZDI3ODYz
ZjljY2YwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM4N2NkOTY1OTA3NWRlNjM5ZWRiOTVmYTlhY2FmOGMyNmI5MjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBDrs7AeqR8HgRuA0cgV7MrIbYnK
IkHO7yHMpoX+vhEgy4rJnLabD2AvHSAtu2BCfQuaZ439/dYBNNMCQU382fd6vPKp
swbC3jPoeTGMnpxZ/ls5hO0YSY3Fja0U/5u3yKrwFPs5Kpqn6OvjHSF6p+50naPw
+s9Y7J+js/mMtm5sah9JgRP9Q+E/1IybqbpznmzFsjpPrlmvoTAs5Cmj27sjvBTM
U8tqqEyxdgx0sLeR/p3Dahk9sWbEkSz5qE+IhAoWLOG3DulLmmp2cQM873QYWTqs
qwJFJUd6wSPsEmfhmUbzw7jAFtQNBXQMbGEl48ur1wHApgUvBJM23JwsywIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFNDIfNllkHXeY57blfqayvjCa5IMMB8GA1UdIwQY
MBaAFD+BqOjHW1j30e/Uw+ZSLSeGP5zPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDRHbzZNZGJXUGZSNzlURDVsSXRKNFlfbk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lYjdmN2UtYTg4MC00OTdiLWI1NGMt
YjcwOGM0MGE2NjdmLzEvME1oODJXV1FkZDVqbnR1Vi1wckstTUpya2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lYjdmN2UtYTg4MC00OTdiLWI1NGMtYjcwOGM0MGE2Njdm
LzEvUDRHbzZNZGJXUGZSNzlURDVsSXRKNFlfbk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkzQDBADA
ZxQwDQYJKoZIhvcNAQELBQADggEBADis84e5m+ICC4UcnVHGalECEAtu3uWZ3qzl
pD6DJiXHxAbk4ebcPFBZNkaTw8gLrjv1PsCRHQDv5h5c3cUbCqQaWULpV4b92usJ
/d1dY7xzL+OPu4Xd608nBczUzLJqVIZod9fnZgKw6paHlwJqHyoVJeROcOoB661p
Bi+OSt2A5GURxhVtw7emluniTfktNOZ11U6CAwZWunn/v7WsXMdFD6MNLjrLufOC
L44ho6sKTplmNx3TGtBqLTOyTHQnLqPZI4mqjn+Y052SaOElamCmIIKOh+F81Yev
9038SMgNOquXO7o2WyVoYjeI2lc/VCwGUM/IsQUL5cPAHIgcbqY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:11 2025 by rpki-client