Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OOlBPcoZ1vCZOYnO9UMHIl9reig.roa
File: OOlBPcoZ1vCZOYnO9UMHIl9reig.roa (raw, json)
Hash identifier: nyAHoykhggFa15O4YmFqnN+aLcWt7FspgdkJrrzicOg=
Subject key identifier: 38:E9:41:3D:CA:19:D6:F0:99:39:89:CE:F5:43:07:22:5F:6B:7A:28
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018D8BDE910B2FD95DEB23897FD7CE0D0A27
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OOlBPcoZ1vCZOYnO9UMHIl9reig.roa
Signing time: Fri 09 Feb 2024 03:17:15 +0000
ROA not before: Fri 09 Feb 2024 03:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a0e:b140::/29 maxlen: 29
2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 20 Feb 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8b:de:91:0b:2f:d9:5d:eb:23:89:7f:d7:ce:0d:0a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 9 03:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e9413dca19d6f0993989cef54307225f6b7a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7e:00:ad:5b:c5:bf:30:17:f4:9f:ea:ff:c0:
0a:07:8c:01:6c:40:9c:39:28:08:3e:5b:3e:0f:b8:
4e:cc:ec:94:78:29:fb:cd:e7:9e:ae:10:02:5d:e8:
52:f5:22:d3:8f:49:0c:f1:81:ed:88:94:cc:e3:9f:
cf:15:97:50:3c:1e:16:63:fa:7b:bd:c1:86:f5:e8:
36:42:e5:2d:af:27:77:15:29:b3:2b:ea:91:04:11:
a3:da:9e:db:93:de:76:9b:32:df:76:a7:d4:be:f2:
1e:09:29:9f:74:cb:5d:26:bc:9b:28:64:0d:56:93:
e7:28:41:d4:64:7d:b3:72:6a:93:90:2b:11:b8:fb:
b2:0e:20:f6:23:a3:38:51:96:eb:92:f7:a0:6e:94:
41:9d:c2:86:de:bf:1f:8b:41:e4:3d:ed:07:8e:e3:
48:5c:82:69:c1:aa:2f:b9:23:70:67:4c:6b:2f:ab:
79:08:87:31:92:6d:ee:a4:30:4b:b5:e3:81:7b:97:
c7:07:b2:14:c9:a4:01:b1:84:9a:21:a8:48:05:46:
64:bd:3a:4e:90:9f:f3:85:14:cf:b2:5b:b0:b5:53:
eb:08:3d:af:00:d9:77:ed:88:98:c3:03:57:f6:6c:
ff:29:1f:8b:86:20:73:e3:50:22:52:c8:49:c1:08:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E9:41:3D:CA:19:D6:F0:99:39:89:CE:F5:43:07:22:5F:6B:7A:28
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/OOlBPcoZ1vCZOYnO9UMHIl9reig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b140::/29
2a11:4b40::/32
2a11:4b44::/30
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
35:19:36:6d:af:8d:5f:a8:65:18:0e:61:d9:b8:26:72:ad:d3:
ed:73:ef:01:ef:97:37:18:db:6e:ea:13:0a:5d:e9:02:ae:0c:
28:40:a6:af:b2:e3:f7:27:8b:2b:a3:71:cf:0a:7f:82:47:ef:
a0:f2:19:d8:2b:e7:e2:f9:b0:c1:18:5a:1a:7f:2d:d5:e0:29:
ca:25:04:62:cb:b3:4a:ed:f8:a0:08:73:fd:33:e0:cc:80:f1:
d1:55:5c:80:45:48:40:ef:59:d2:dd:35:00:21:3b:9f:5a:14:
e6:b1:82:79:8a:3b:4b:37:3a:72:90:fe:ee:e9:df:40:b2:3c:
17:ab:cd:66:cd:ac:cc:1a:ea:c8:fe:07:25:ce:fe:ca:70:df:
e5:01:03:6e:3e:71:0b:af:80:99:c4:7e:cd:9e:57:b7:52:f4:
2c:06:37:64:d5:6f:92:c9:4a:d7:20:a5:5a:06:22:47:e2:cf:
31:71:7d:1c:56:5f:2d:b8:73:55:b0:39:85:a9:c2:69:06:73:
3c:f7:29:ae:8f:66:a6:b3:1c:dc:ba:19:5d:e7:ea:af:8c:d4:
21:2c:09:c3:d1:87:9e:15:db:49:8a:dd:e5:54:78:c3:96:6e:
41:05:24:95:82:61:42:79:4c:13:12:37:a2:a9:36:be:f2:d6:
07:04:38:5c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY2L3pELL9ld6yOJf9fODQonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMjA5MDMxNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU5NDEzZGNhMTlkNmYwOTkzOTg5Y2VmNTQzMDcyMjVmNmI3YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X4ArVvFvzAX9J/q/8AKB4wBbECc
OSgIPls+D7hOzOyUeCn7zeeerhACXehS9SLTj0kM8YHtiJTM45/PFZdQPB4WY/p7
vcGG9eg2QuUtryd3FSmzK+qRBBGj2p7bk952mzLfdqfUvvIeCSmfdMtdJrybKGQN
VpPnKEHUZH2zcmqTkCsRuPuyDiD2I6M4UZbrkvegbpRBncKG3r8fi0HkPe0HjuNI
XIJpwaovuSNwZ0xrL6t5CIcxkm3upDBLteOBe5fHB7IUyaQBsYSaIahIBUZkvTpO
kJ/zhRTPsluwtVPrCD2vANl37YiYwwNX9mz/KR+LhiBz41AiUshJwQjK9QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDjpQT3KGdbwmTmJzvVDByJfa3ooMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvT09sQlBjb1oxdkNaT1luTzlVTUhJbDlyZWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUDKg6xQAMF
ACoRS0ADBQIqEUtEMA4DBQAqEqNDAwUAKhKjRAMFACoSo0YwDQYJKoZIhvcNAQEL
BQADggEBADUZNm2vjV+oZRgOYdm4JnKt0+1z7wHvlzcY227qEwpd6QKuDChApq+y
4/cniyujcc8Kf4JH76DyGdgr5+L5sMEYWhp/LdXgKcolBGLLs0rt+KAIc/0z4MyA
8dFVXIBFSEDvWdLdNQAhO59aFOaxgnmKO0s3OnKQ/u7p30CyPBerzWbNrMwa6sj+
ByXO/spw3+UBA24+cQuvgJnEfs2eV7dS9CwGN2TVb5LJStcgpVoGIkfizzFxfRxW
Xy24c1WwOYWpwmkGczz3Ka6PZqazHNy6GV3n6q+M1CEsCcPRh54V20mK3eVUeMOW
bkEFJJWCYUJ5TBMSN6KpNr7y1gcEOFw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client