Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oGvcJX536YUtlmAs459HnWkoLvI.roa
File: oGvcJX536YUtlmAs459HnWkoLvI.roa (raw, json)
Hash identifier: gh2ZxVIBVwE4339lO1m+RIfspELX8Hs6cSe8IKS++pM=
Subject key identifier: A0:6B:DC:25:7E:77:E9:85:2D:96:60:2C:E3:9F:47:9D:69:28:2E:F2
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018D633E2FB1C274C72C3D19889833BDBBD4
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oGvcJX536YUtlmAs459HnWkoLvI.roa
Signing time: Thu 01 Feb 2024 05:57:16 +0000
ROA not before: Thu 01 Feb 2024 05:57:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
109.205.212.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 06:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:3e:2f:b1:c2:74:c7:2c:3d:19:88:98:33:bd:bb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 1 05:57:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a06bdc257e77e9852d96602ce39f479d69282ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:f5:1b:28:3b:cf:1f:2e:33:89:eb:b4:fa:
ac:91:66:7d:c8:01:ce:16:60:bb:95:f9:11:a7:cf:
58:e4:4a:a2:18:7e:32:42:9b:33:17:90:2a:7d:27:
79:42:1b:73:57:df:4b:21:ca:57:01:48:cb:df:bf:
e9:e1:cb:6b:65:ec:cb:e7:78:cc:58:a0:c1:71:74:
dd:f4:52:98:b8:cd:63:79:19:94:23:21:7f:23:94:
1b:ad:03:fa:20:5a:db:8e:e4:18:29:86:c1:bd:e2:
7b:d6:88:f6:8d:fd:48:d8:6e:52:32:dc:4e:d4:35:
3c:a4:96:32:c4:38:78:de:1d:00:1a:a2:c8:ac:ee:
6a:1f:d7:4f:0c:49:e7:de:42:3d:4e:ea:c8:b3:10:
f3:ae:bc:71:22:80:2d:3b:21:19:29:18:7a:fc:4b:
48:d2:cc:fe:05:eb:ac:00:dd:b6:e8:37:fb:e0:6a:
a5:26:0a:8e:5e:0a:70:fb:51:42:c6:0b:a8:3b:04:
4e:27:be:42:45:24:54:44:fe:1b:f1:10:cc:fd:34:
17:a8:30:4b:5c:05:e1:8f:d0:ac:1f:88:cc:51:15:
93:53:c6:92:2d:4a:06:4f:a8:b9:47:1b:15:42:99:
f0:ec:39:1e:2a:42:80:7d:34:6c:ab:ca:f3:f6:a1:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6B:DC:25:7E:77:E9:85:2D:96:60:2C:E3:9F:47:9D:69:28:2E:F2
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/oGvcJX536YUtlmAs459HnWkoLvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
109.205.212.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:81:57:0c:5c:9b:f5:b8:36:54:ba:ab:4b:eb:aa:42:22:fd:
22:b0:bc:9d:2c:55:45:c0:e0:97:4c:1e:d2:c6:a2:d3:f6:9b:
8a:6c:09:85:a6:88:84:4f:09:eb:42:71:b8:df:41:31:dd:a2:
57:f0:b1:3d:15:c1:e5:d3:f8:95:9c:53:41:2d:51:01:e4:e6:
cb:12:e3:6b:5a:75:1d:c3:0b:bb:2d:33:e3:fa:3d:85:be:61:
8f:0f:03:87:51:50:db:f2:ed:25:20:b6:05:51:f6:64:91:dc:
cc:82:f1:8b:e2:01:bc:fa:7b:5b:05:87:02:c9:3f:49:bf:6a:
7e:98:e8:d5:ac:3b:40:54:0b:08:32:74:9d:c4:76:71:b0:dd:
50:92:ef:d6:d3:30:66:68:aa:fc:0b:c5:bd:a6:81:2a:54:68:
21:1a:57:a3:1f:bf:b3:0b:ac:e7:5b:38:cc:e9:a9:75:35:21:
e6:7f:00:46:9d:5e:75:24:06:8b:33:3d:17:1e:2c:bc:3e:58:
b5:5a:e1:e3:43:fb:71:89:0b:a5:66:7e:09:cf:69:d9:95:45:
c7:9a:3b:49:5e:ce:90:35:47:67:5b:f3:43:75:80:e3:8b:89:
b8:ae:8c:81:5f:16:de:94:93:36:9d:f1:7e:d7:2d:3b:e2:ad:
36:92:22:32
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1jPi+xwnTHLD0ZiJgzvbvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMjAxMDU1NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDZiZGMyNTdlNzdlOTg1MmQ5NjYwMmNlMzlmNDc5ZDY5MjgyZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0n1Gyg7zx8uM4nrtPqskWZ9yAHO
FmC7lfkRp89Y5EqiGH4yQpszF5AqfSd5QhtzV99LIcpXAUjL37/p4ctrZezL53jM
WKDBcXTd9FKYuM1jeRmUIyF/I5QbrQP6IFrbjuQYKYbBveJ71oj2jf1I2G5SMtxO
1DU8pJYyxDh43h0AGqLIrO5qH9dPDEnn3kI9TurIsxDzrrxxIoAtOyEZKRh6/EtI
0sz+BeusAN226Df74GqlJgqOXgpw+1FCxguoOwROJ75CRSRURP4b8RDM/TQXqDBL
XAXhj9CsH4jMURWTU8aSLUoGT6i5RxsVQpnw7DkeKkKAfTRsq8rz9qHAoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKBr3CV+d+mFLZZgLOOfR51pKC7yMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvb0d2Y0pYNTM2WVV0bG1BczQ1OUhuV2tvTHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbIDAwQA
LhdgAwQALhdiAwQCLhdkAwQAbc3UAwQAuVHZMA0GCSqGSIb3DQEBCwUAA4IBAQDA
gVcMXJv1uDZUuqtL66pCIv0isLydLFVFwOCXTB7SxqLT9puKbAmFpoiETwnrQnG4
30Ex3aJX8LE9FcHl0/iVnFNBLVEB5ObLEuNrWnUdwwu7LTPj+j2FvmGPDwOHUVDb
8u0lILYFUfZkkdzMgvGL4gG8+ntbBYcCyT9Jv2p+mOjVrDtAVAsIMnSdxHZxsN1Q
ku/W0zBmaKr8C8W9poEqVGghGlejH7+zC6znWzjM6al1NSHmfwBGnV51JAaLMz0X
Hiy8Pli1WuHjQ/txiQulZn4Jz2nZlUXHmjtJXs6QNUdnW/NDdYDji4m4royBXxbe
lJM2nfF+1y074q02kiIy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:26 2025 by rpki-client