Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OuBQAHH_yQRSNCnB9BFQ4BwC2aE.roa
File: OuBQAHH_yQRSNCnB9BFQ4BwC2aE.roa (raw, json)
Hash identifier: coVuSCuC2fLo01Asym9BzpDNuoX8Kuw99voHxHUZ0vA=
Subject key identifier: 3A:E0:50:00:71:FF:C9:04:52:34:29:C1:F4:11:50:E0:1C:02:D9:A1
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01935383D90C9799E36B5C64339237EEBA61
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OuBQAHH_yQRSNCnB9BFQ4BwC2aE.roa
Signing time: Fri 22 Nov 2024 10:56:09 +0000
ROA not before: Fri 22 Nov 2024 10:56:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 195.114.198.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 12:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:83:d9:0c:97:99:e3:6b:5c:64:33:92:37:ee:ba:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Nov 22 10:56:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ae0500071ffc904523429c1f41150e01c02d9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d9:2f:f9:19:18:33:a5:ca:09:30:88:57:36:
c4:89:e5:b7:d5:23:2c:16:0a:0c:de:29:e4:81:07:
9f:71:67:08:a5:da:6c:bb:9b:f1:1c:a0:a5:93:38:
68:b5:d9:4c:21:6b:45:81:6b:9f:85:a1:7b:82:6f:
d3:1b:2b:aa:93:73:d6:c2:97:89:79:f2:55:76:08:
f9:d7:b5:08:f4:5b:28:c9:a5:bb:15:50:00:b7:b4:
62:e3:05:05:09:e0:e0:13:62:41:d5:d4:78:f0:18:
38:a8:2b:d5:bd:64:4c:6d:92:4c:15:d8:ca:bd:55:
a7:58:f9:66:30:81:a9:ba:a9:e2:8a:8f:78:f7:05:
2c:28:1c:b4:6e:2c:1a:48:4a:85:b7:de:5b:50:99:
79:35:0f:e3:06:1f:45:bb:eb:2d:6f:b2:e2:55:ba:
fb:99:62:9d:4b:10:b0:c4:8e:50:5e:93:1d:f4:62:
26:12:69:cc:ac:dd:d9:ec:25:df:5b:c4:98:70:f4:
34:e1:13:e2:10:fa:70:d9:74:c0:70:0d:a1:a2:b0:
67:0c:fb:f9:3e:4d:6d:a3:38:b0:dd:54:20:d7:30:
4d:3f:7a:b9:d1:fb:9e:6f:2b:8e:e3:a4:3c:18:b6:
74:1f:29:78:41:e9:57:da:c0:94:99:17:58:1e:19:
b1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E0:50:00:71:FF:C9:04:52:34:29:C1:F4:11:50:E0:1C:02:D9:A1
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OuBQAHH_yQRSNCnB9BFQ4BwC2aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.198.0/24
213.220.60.0/24
Signature Algorithm: sha256WithRSAEncryption
67:90:dd:f4:8a:5c:21:bd:1c:31:8a:12:d4:18:94:f3:76:0f:
e0:16:bf:e2:98:36:71:1a:65:db:cc:23:53:60:84:be:f3:c7:
56:0e:a5:84:69:9b:bd:ff:33:b9:6f:53:3a:49:b9:d5:58:6c:
bf:b5:cf:04:02:ea:23:dc:88:0e:61:47:f2:a3:0b:62:88:83:
43:b6:fc:58:55:44:ea:92:40:10:68:d4:c9:51:83:f9:8e:64:
0c:38:e8:ef:99:ef:18:87:32:42:b5:a7:24:44:15:ba:c8:b2:
dd:08:1a:08:00:1f:31:b1:4a:7d:76:de:d2:68:96:00:e6:d3:
f2:ca:73:35:e7:80:8b:48:1c:1c:15:79:9d:be:54:d6:59:77:
3a:7d:5b:51:65:f9:5d:0e:46:e6:c7:18:a1:77:fa:fc:6b:6e:
88:23:b2:a6:05:0a:f6:bd:8d:c9:4f:1d:44:ff:db:f4:f2:37:
f3:90:4b:14:19:48:ca:0e:5b:be:09:82:c6:d1:6d:ac:df:cc:
76:d6:9a:ea:de:38:75:6a:79:3f:f7:c6:07:3f:a7:39:c6:c5:
7f:5e:75:38:90:4b:cb:84:c2:2d:5d:ed:0c:0b:87:1a:e1:85:
c7:b0:1d:59:82:0d:7f:e7:ac:1b:75:01:f7:d1:24:7c:88:76:
4a:3c:02:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNTg9kMl5nja1xkM5I37rphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMTIyMTA1NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUwNTAwMDcxZmZjOTA0NTIzNDI5YzFmNDExNTBlMDFjMDJkOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dkv+RkYM6XKCTCIVzbEieW31SMs
FgoM3inkgQefcWcIpdpsu5vxHKClkzhotdlMIWtFgWufhaF7gm/TGyuqk3PWwpeJ
efJVdgj517UI9FsoyaW7FVAAt7Ri4wUFCeDgE2JB1dR48Bg4qCvVvWRMbZJMFdjK
vVWnWPlmMIGpuqniio949wUsKBy0biwaSEqFt95bUJl5NQ/jBh9Fu+stb7LiVbr7
mWKdSxCwxI5QXpMd9GImEmnMrN3Z7CXfW8SYcPQ04RPiEPpw2XTAcA2horBnDPv5
Pk1toziw3VQg1zBNP3q50fuebyuO46Q8GLZ0Hyl4QelX2sCUmRdYHhmxFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrgUABx/8kEUjQpwfQRUOAcAtmhMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvT3VCUUFISF95UVJTTkNuQjlCRlE0QndDMmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3LGAwQA
1dw8MA0GCSqGSIb3DQEBCwUAA4IBAQBnkN30ilwhvRwxihLUGJTzdg/gFr/imDZx
GmXbzCNTYIS+88dWDqWEaZu9/zO5b1M6SbnVWGy/tc8EAuoj3IgOYUfyowtiiIND
tvxYVUTqkkAQaNTJUYP5jmQMOOjvme8YhzJCtackRBW6yLLdCBoIAB8xsUp9dt7S
aJYA5tPyynM154CLSBwcFXmdvlTWWXc6fVtRZfldDkbmxxihd/r8a26II7KmBQr2
vY3JTx1E/9v08jfzkEsUGUjKDlu+CYLG0W2s38x21prq3jh1ank/98YHP6c5xsV/
XnU4kEvLhMItXe0MC4ca4YXHsB1Zgg1/56wbdQH30SR8iHZKPAJ5
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:06:29 2025 by rpki-client