Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OOuHxkfRp7K1I7vF8MM2sa2PTm4.roa
File: OOuHxkfRp7K1I7vF8MM2sa2PTm4.roa (raw, json)
Hash identifier: coTBOcg67zu+AZYmf7o8RFs6aWRngeyCI/IXRIm+4v4=
Subject key identifier: 38:EB:87:C6:47:D1:A7:B2:B5:23:BB:C5:F0:C3:36:B1:AD:8F:4E:6E
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C726C6EE174E270E50084D24640DD6
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OOuHxkfRp7K1I7vF8MM2sa2PTm4.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 45.91.239.0/24 maxlen: 24
45.95.31.0/24 maxlen: 24
78.142.239.0/24 maxlen: 24
193.187.104.0/24 maxlen: 24
193.187.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:26:c6:ee:17:4e:27:0e:50:08:4d:24:64:0d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38eb87c647d1a7b2b523bbc5f0c336b1ad8f4e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4e:e6:3d:b2:ec:3b:0e:f3:5f:bd:4c:63:85:
16:c5:84:60:0b:37:79:67:a1:5c:c5:b5:a3:31:84:
a8:e3:2a:d5:d5:f3:df:42:a9:b0:6f:2a:c8:ac:62:
18:b3:28:23:17:c0:a8:dd:15:09:ed:48:7a:a4:e5:
1a:6e:3d:85:fa:8d:e5:0e:45:dc:bb:11:3a:2a:e5:
98:25:63:73:f6:16:5f:5c:49:d0:01:5a:3e:37:80:
9a:69:e0:8d:e7:cb:d4:61:37:f7:3d:5a:00:4e:87:
54:ef:e3:0f:b6:39:5a:bf:d8:e5:3c:ec:45:af:3b:
18:d5:05:c7:e4:47:94:fa:11:b2:16:c3:64:10:0f:
dc:72:d8:74:32:f7:27:48:0d:b2:fd:c9:6a:4c:7b:
05:3a:b9:6c:ae:d5:9a:50:de:79:0a:3e:7e:c9:0b:
28:73:86:ba:c0:af:de:7c:d7:98:dd:2f:09:a0:e3:
ca:9a:80:a8:d1:02:c7:f9:4b:9f:9e:5d:0e:09:a8:
63:0e:1e:45:88:34:5a:fb:b9:e8:7e:92:ec:43:ec:
9b:68:c8:ee:fa:b1:e0:7c:ff:32:5b:a6:45:f2:6e:
3f:d3:f3:10:3d:b2:ba:be:18:24:78:f5:53:23:e8:
70:5e:88:1b:71:11:50:ca:ee:d6:9d:27:ee:f8:1f:
9b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EB:87:C6:47:D1:A7:B2:B5:23:BB:C5:F0:C3:36:B1:AD:8F:4E:6E
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OOuHxkfRp7K1I7vF8MM2sa2PTm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.239.0/24
45.95.31.0/24
78.142.239.0/24
193.187.104.0/24
193.187.107.0/24
Signature Algorithm: sha256WithRSAEncryption
24:61:1f:bb:f6:08:72:dd:2e:0d:d2:9b:6b:4e:ee:4b:a3:4e:
3d:fb:8a:70:db:ac:0b:8e:89:58:aa:0c:69:da:12:42:e2:d0:
67:0d:a5:de:37:a1:1d:de:c2:b9:d1:5a:ed:58:52:09:b6:47:
5f:b6:3e:c2:01:30:7d:34:7c:02:88:f0:f4:9e:6c:d8:04:31:
3b:1e:67:31:84:16:bf:7e:9d:08:9f:60:38:62:d0:7c:1c:41:
64:73:3e:ea:30:1d:9f:f8:cf:9f:c1:af:66:bd:74:cc:d3:a1:
30:2c:73:c9:a2:e8:ee:f6:3b:35:ce:58:20:09:a1:aa:32:c0:
af:63:17:5c:e2:a0:68:25:0d:40:de:c0:8c:14:c8:60:f1:83:
bc:c4:cc:6f:3c:d2:7d:d5:83:5c:d1:4a:42:5b:e8:9b:c2:74:
e5:36:8e:e5:00:56:d5:69:70:21:f4:90:07:a5:9b:7d:20:c2:
fc:fc:c1:f0:e9:e7:dd:5a:27:d8:d8:fa:6e:c4:c2:a7:88:a7:
3b:a4:67:d0:88:f3:97:a9:cb:da:3e:1c:46:66:73:5b:0e:b9:
a3:4f:04:dc:66:52:10:4e:6e:48:17:2c:62:f1:69:23:62:16:
a1:c3:69:41:64:ba:2e:8c:12:49:69:cb:d2:3e:cb:17:ce:8e:
cd:ad:e7:ef
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6FxybG7hdOJw5QCE0kZA3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGViODdjNjQ3ZDFhN2IyYjUyM2JiYzVmMGMzMzZiMWFkOGY0ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik7mPbLsOw7zX71MY4UWxYRgCzd5
Z6FcxbWjMYSo4yrV1fPfQqmwbyrIrGIYsygjF8Co3RUJ7Uh6pOUabj2F+o3lDkXc
uxE6KuWYJWNz9hZfXEnQAVo+N4CaaeCN58vUYTf3PVoATodU7+MPtjlav9jlPOxF
rzsY1QXH5EeU+hGyFsNkEA/ccth0MvcnSA2y/clqTHsFOrlsrtWaUN55Cj5+yQso
c4a6wK/efNeY3S8JoOPKmoCo0QLH+Uufnl0OCahjDh5FiDRa+7nofpLsQ+ybaMju
+rHgfP8yW6ZF8m4/0/MQPbK6vhgkePVTI+hwXogbcRFQyu7WnSfu+B+b7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDjrh8ZH0aeytSO7xfDDNrGtj05uMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvT091SHhrZlJwN0sxSTd2RjhNTTJzYTJQVG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVvvAwQA
LV8fAwQATo7vAwQAwbtoAwQAwbtrMA0GCSqGSIb3DQEBCwUAA4IBAQAkYR+79ghy
3S4N0ptrTu5Lo049+4pw26wLjolYqgxp2hJC4tBnDaXeN6Ed3sK50VrtWFIJtkdf
tj7CATB9NHwCiPD0nmzYBDE7HmcxhBa/fp0In2A4YtB8HEFkcz7qMB2f+M+fwa9m
vXTM06EwLHPJouju9js1zlggCaGqMsCvYxdc4qBoJQ1A3sCMFMhg8YO8xMxvPNJ9
1YNc0UpCW+ibwnTlNo7lAFbVaXAh9JAHpZt9IML8/MHw6efdWifY2PpuxMKniKc7
pGfQiPOXqcvaPhxGZnNbDrmjTwTcZlIQTm5IFyxi8WkjYhahw2lBZLoujBJJacvS
PssXzo7Nrefv
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:02:00 2025 by rpki-client