Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/OOxfqh04uoR8cVga5ac7FpQn40A.roa
File: OOxfqh04uoR8cVga5ac7FpQn40A.roa (raw, json)
Hash identifier: MbalG1ms2I8j2hD3AebcBrWaYDepWzIFIUGNo8lA8uA=
Subject key identifier: 38:EC:5F:AA:1D:38:BA:84:7C:71:58:1A:E5:A7:3B:16:94:27:E3:40
Certificate issuer: /CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Certificate serial: 01941F8C0061A50EB393E26F3FBCD61DC501
Authority key identifier: 54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/OOxfqh04uoR8cVga5ac7FpQn40A.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205809
IP address blocks: 66.203.126.0/23 maxlen: 24
94.24.36.0/23 maxlen: 24
162.208.16.0/24 maxlen: 24
185.206.24.0/22 maxlen: 24
2a0b:e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Jan 2025 03:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:00:61:a5:0e:b3:93:e2:6f:3f:bc:d6:1d:c5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38ec5faa1d38ba847c71581ae5a73b169427e340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:51:2b:46:07:ed:8d:11:9b:84:b5:95:45:d0:
82:07:03:d8:81:03:70:a4:35:ac:27:de:72:97:19:
16:6b:d5:75:66:62:9f:49:7c:85:3c:3d:70:3a:d4:
0e:be:4e:c0:bb:dd:8e:a0:32:5f:2e:3e:c3:ca:7e:
8e:e4:97:7f:64:ee:91:ae:81:dc:f2:d8:2b:12:3b:
98:43:85:8e:36:76:29:85:4c:bc:f3:8a:af:85:1f:
da:d1:03:1d:fe:1f:33:d5:1b:85:ae:83:03:49:89:
1c:bd:15:84:fd:a9:f8:bb:92:e8:4d:b4:bd:80:b0:
fc:45:e8:63:d6:17:79:63:2f:bb:52:a6:85:b3:d1:
26:8a:4d:02:7f:1f:9b:95:d5:55:9a:eb:ec:1a:8b:
83:1d:67:ce:f4:73:01:8f:3e:3e:1e:cd:f5:18:51:
da:89:3d:95:e7:56:28:b6:43:dc:2c:6a:9b:86:15:
2c:ca:5c:4f:b5:7e:97:6d:ae:44:dc:c5:e7:d9:39:
fd:e6:72:4a:29:ff:69:17:0a:41:cf:f3:67:f6:77:
20:84:f3:17:fd:7f:ff:fa:53:88:ac:73:0d:04:43:
d0:62:3b:f2:0a:6d:a0:97:d4:e2:46:16:38:c7:e6:
7d:63:fa:42:d0:cc:9c:1e:f9:9b:56:02:0a:b0:53:
9c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EC:5F:AA:1D:38:BA:84:7C:71:58:1A:E5:A7:3B:16:94:27:E3:40
X509v3 Authority Key Identifier:
keyid:54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/OOxfqh04uoR8cVga5ac7FpQn40A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.203.126.0/23
94.24.36.0/23
162.208.16.0/24
185.206.24.0/22
IPv6:
2a0b:e40::/29
Signature Algorithm: sha256WithRSAEncryption
98:38:a1:71:42:f2:f9:b0:e8:09:c7:61:ec:6e:94:96:52:e9:
2f:5c:13:d9:41:8f:ed:6c:d7:5c:e0:30:59:57:cb:1a:2d:70:
46:53:e8:a0:5b:a1:4e:87:29:c1:28:99:e7:55:5e:58:8a:23:
17:ec:2a:8a:3a:4b:78:b1:b0:2a:c1:1b:d0:2b:b3:61:93:6f:
2b:ce:d4:20:84:38:03:1d:52:73:f3:fd:f4:5e:c2:15:55:7e:
a6:6a:98:75:38:7e:21:4a:dd:6e:91:43:4c:75:92:70:06:c4:
ce:3d:b9:c2:6f:4e:e3:a2:55:3f:f6:4b:6e:36:46:d3:91:65:
6b:b1:63:6c:7f:a5:3c:01:5c:fd:d9:fd:59:e6:15:6a:6a:00:
64:e2:e1:ad:2c:a5:5c:0c:1a:3e:b3:7a:96:00:8e:6a:ea:8c:
fd:1f:c8:53:c9:d8:35:05:09:0a:4e:cf:2b:7f:f0:5b:51:7c:
64:41:7c:ba:96:73:12:33:7b:e7:d2:4a:6c:e0:a2:f1:78:6a:
1e:13:f6:86:6b:4b:01:fd:ef:69:74:95:ea:9d:d5:9d:ae:15:
75:b5:fc:86:5c:eb:45:c4:c5:5f:83:e2:53:fb:97:4e:78:01:
ac:7c:04:ef:ce:66:5d:61:37:c8:16:48:27:03:6e:bb:86:d2:
a7:90:a7:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjABhpQ6zk+JvP7zWHcUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZjNTQ3NjJjZmU5MmQ3NmMyZjRjNmFmODk5OWNiY2Nm
NmJiNjcwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVjNWZhYTFkMzhiYTg0N2M3MTU4MWFlNWE3M2IxNjk0MjdlMzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVErRgftjRGbhLWVRdCCBwPYgQNw
pDWsJ95ylxkWa9V1ZmKfSXyFPD1wOtQOvk7Au92OoDJfLj7Dyn6O5Jd/ZO6RroHc
8tgrEjuYQ4WONnYphUy884qvhR/a0QMd/h8z1RuFroMDSYkcvRWE/an4u5LoTbS9
gLD8Rehj1hd5Yy+7UqaFs9Emik0Cfx+bldVVmuvsGouDHWfO9HMBjz4+Hs31GFHa
iT2V51YotkPcLGqbhhUsylxPtX6Xba5E3MXn2Tn95nJKKf9pFwpBz/Nn9ncghPMX
/X//+lOIrHMNBEPQYjvyCm2gl9TiRhY4x+Z9Y/pC0MycHvmbVgIKsFOcyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDjsX6odOLqEfHFYGuWnOxaUJ+NAMB8GA1UdIwQY
MBaAFFQfxUdiz+ktdsL0xq+JmcvM9rtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEt
OGJjODI1YzNhMzI0LzEvT094ZnFoMDR1b1I4Y1ZnYTVhYzdGcFFuNDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEtOGJjODI1YzNhMzI0
LzEvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBQst+AwQB
XhgkAwQAotAQAwQCuc4YMA0EAgACMAcDBQMqCw5AMA0GCSqGSIb3DQEBCwUAA4IB
AQCYOKFxQvL5sOgJx2HsbpSWUukvXBPZQY/tbNdc4DBZV8saLXBGU+igW6FOhynB
KJnnVV5YiiMX7CqKOkt4sbAqwRvQK7Nhk28rztQghDgDHVJz8/30XsIVVX6maph1
OH4hSt1ukUNMdZJwBsTOPbnCb07jolU/9ktuNkbTkWVrsWNsf6U8AVz92f1Z5hVq
agBk4uGtLKVcDBo+s3qWAI5q6oz9H8hTydg1BQkKTs8rf/BbUXxkQXy6lnMSM3vn
0kps4KLxeGoeE/aGa0sB/e9pdJXqndWdrhV1tfyGXOtFxMVfg+JT+5dOeAGsfATv
zmZdYTfIFkgnA267htKnkKfB
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:41 2025 by rpki-client