Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OhMkhQ6fJQFgVAZRNxr3WYhc3sE.roa
File: OhMkhQ6fJQFgVAZRNxr3WYhc3sE.roa (raw, json)
Hash identifier: TJDfUkE36uxP7vWUEcocpWE+MBNMgKF1EANU/7w6HKE=
Subject key identifier: 3A:13:24:85:0E:9F:25:01:60:54:06:51:37:1A:F7:59:88:5C:DE:C1
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 01950FF13BFB5BB82688B34FACAF3015BF08
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OhMkhQ6fJQFgVAZRNxr3WYhc3sE.roa
Signing time: Sun 16 Feb 2025 18:07:02 +0000
ROA not before: Sun 16 Feb 2025 18:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 80.246.230.0/24 maxlen: 24
80.246.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 17:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0f:f1:3b:fb:5b:b8:26:88:b3:4f:ac:af:30:15:bf:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Feb 16 18:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a1324850e9f250160540651371af759885cdec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:99:4a:48:54:7e:29:ab:98:48:b6:11:3b:4f:
01:ae:ad:43:f7:33:db:87:4c:75:96:bb:8b:86:e8:
d4:a3:44:65:90:a9:19:d9:8e:f2:0b:93:ea:26:9b:
13:c7:8d:90:43:cb:04:2a:a0:90:c3:9d:ae:58:2a:
9d:a5:c1:00:7c:15:30:81:00:82:6c:4c:13:89:0b:
a0:e6:65:54:57:e9:1a:75:b7:b9:bf:25:22:99:0d:
be:06:89:4e:34:75:16:66:36:e8:b4:77:98:94:82:
c3:44:0d:d2:41:5d:5d:af:21:0d:9d:33:3d:b6:12:
6a:27:b0:91:84:1c:db:b6:f0:54:64:ee:12:20:b0:
72:06:14:13:18:fe:8d:f9:cd:dd:59:6d:a0:fe:95:
84:02:a0:20:b2:89:54:a0:cf:81:7c:66:d8:27:75:
9d:fb:6f:8d:49:28:9d:fc:30:17:2c:2b:7e:5f:54:
e8:02:56:b7:30:51:9a:b3:d7:39:f1:11:08:cf:bf:
9a:c9:9c:f7:bf:0f:5c:33:bf:11:7c:1e:02:1c:8e:
c8:20:2f:ad:b1:4a:d6:6b:fc:ea:a4:4f:46:a2:69:
28:68:3b:32:1a:9f:62:f0:e4:c8:16:f2:a7:42:bd:
19:33:5f:8c:8b:ac:c5:50:c3:51:4f:8e:38:4e:34:
90:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:13:24:85:0E:9F:25:01:60:54:06:51:37:1A:F7:59:88:5C:DE:C1
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/OhMkhQ6fJQFgVAZRNxr3WYhc3sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.230.0/24
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:68:44:ac:94:bf:78:d5:1c:31:55:2a:d6:9f:38:35:0b:1e:
b2:6f:a8:5c:e8:37:d3:bc:5a:10:b2:7f:59:ca:94:b6:ab:ea:
ee:d6:bc:a5:c4:ab:d5:c7:ed:d1:63:e1:96:62:52:1a:19:7c:
f8:e7:4c:4e:c9:73:fc:7a:64:08:67:7f:39:8e:81:93:e8:b1:
72:22:69:11:d6:89:32:53:b1:3a:8c:4e:e8:c1:35:bb:26:d2:
de:54:10:71:9b:2a:53:47:84:77:27:a1:2c:9e:b9:95:c1:53:
54:b1:54:55:1b:13:ee:53:97:65:e0:30:d9:6e:f7:f8:0c:83:
bd:85:d2:c2:85:17:76:46:04:82:31:de:57:ce:a3:aa:14:f4:
e7:ea:53:83:4a:d9:10:91:ca:4f:92:d1:37:40:db:a3:16:c4:
cf:06:bd:c2:9f:0b:b4:df:e1:6a:d3:88:02:c4:0d:cd:55:5b:
ce:ce:be:ce:9f:d1:9c:27:ac:b2:50:f4:7b:32:25:e4:49:bb:
57:d9:77:e1:f1:0d:e5:6b:8d:60:50:7f:fd:6d:cf:43:f9:13:
e1:0f:a7:0c:b3:91:1d:16:27:5e:17:9c:99:3b:8c:93:3f:0e:
d6:72:26:1f:80:3d:85:37:d1:2d:4c:7f:85:87:2a:2d:6b:14:
0b:80:df:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUP8Tv7W7gmiLNPrK8wFb8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjUwMjE2MTgwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTEzMjQ4NTBlOWYyNTAxNjA1NDA2NTEzNzFhZjc1OTg4NWNkZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9plKSFR+KauYSLYRO08Brq1D9zPb
h0x1lruLhujUo0RlkKkZ2Y7yC5PqJpsTx42QQ8sEKqCQw52uWCqdpcEAfBUwgQCC
bEwTiQug5mVUV+kadbe5vyUimQ2+BolONHUWZjbotHeYlILDRA3SQV1dryENnTM9
thJqJ7CRhBzbtvBUZO4SILByBhQTGP6N+c3dWW2g/pWEAqAgsolUoM+BfGbYJ3Wd
+2+NSSid/DAXLCt+X1ToAla3MFGas9c58REIz7+ayZz3vw9cM78RfB4CHI7IIC+t
sUrWa/zqpE9GomkoaDsyGp9i8OTIFvKnQr0ZM1+Mi6zFUMNRT444TjSQqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDoTJIUOnyUBYFQGUTca91mIXN7BMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvT2hNa2hRNmZKUUZnVkFaUk54cjNXWWhjM3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPbmAwQD
UPboMA0GCSqGSIb3DQEBCwUAA4IBAQBNaESslL941RwxVSrWnzg1Cx6yb6hc6DfT
vFoQsn9ZypS2q+ru1rylxKvVx+3RY+GWYlIaGXz450xOyXP8emQIZ385joGT6LFy
ImkR1okyU7E6jE7owTW7JtLeVBBxmypTR4R3J6EsnrmVwVNUsVRVGxPuU5dl4DDZ
bvf4DIO9hdLChRd2RgSCMd5XzqOqFPTn6lODStkQkcpPktE3QNujFsTPBr3Cnwu0
3+Fq04gCxA3NVVvOzr7On9GcJ6yyUPR7MiXkSbtX2Xfh8Q3la41gUH/9bc9D+RPh
D6cMs5EdFideF5yZO4yTPw7WciYfgD2FN9EtTH+FhyotaxQLgN+/
-----END CERTIFICATE-----
Generated at Thu May 1 02:05:39 2025 by rpki-client