Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/ODIL6A-8psRE5N9Du0VTzetNumg.roa
File: ODIL6A-8psRE5N9Du0VTzetNumg.roa (raw, json)
Hash identifier: +YG1Q4YBMgH1icTvkZwe/nMVkFI4+18zkPF0+RA4d0w=
Subject key identifier: 38:32:0B:E8:0F:BC:A6:C4:44:E4:DF:43:BB:45:53:CD:EB:4D:BA:68
Certificate issuer: /CN=2e872826fce02bd9485ef276641d2b584f599b37
Certificate serial: 01958A99CBC804C9DEF7C49FBDD6BDE7DA7C
Authority key identifier: 2E:87:28:26:FC:E0:2B:D9:48:5E:F2:76:64:1D:2B:58:4F:59:9B:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/ODIL6A-8psRE5N9Du0VTzetNumg.roa
Signing time: Wed 12 Mar 2025 13:44:49 +0000
ROA not before: Wed 12 Mar 2025 13:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42156
IP address blocks: 45.67.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 17:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:99:cb:c8:04:c9:de:f7:c4:9f:bd:d6:bd:e7:da:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e872826fce02bd9485ef276641d2b584f599b37
Validity
Not Before: Mar 12 13:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38320be80fbca6c444e4df43bb4553cdeb4dba68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:de:e3:dc:06:a8:99:7b:2f:73:9c:38:3f:
b6:5a:97:93:be:60:a5:5e:3e:c7:e6:54:a5:90:ec:
cb:b4:03:da:08:41:00:1c:83:ec:9f:90:38:44:f8:
b4:27:16:1a:11:b0:0d:28:7d:e5:72:78:b8:0c:63:
fa:e5:79:ca:8a:1c:2e:2c:26:0e:1a:9a:4d:32:c9:
82:07:7b:de:e8:c1:44:37:bf:c7:5b:97:ca:9f:2a:
d7:85:06:b5:72:b1:20:bb:8b:f8:b3:be:65:1e:a9:
29:98:cb:9d:2b:13:fd:8b:91:d2:34:1b:06:4c:42:
d8:15:29:c2:7d:e6:b6:53:46:63:30:48:c0:cd:e5:
f3:94:7a:38:8d:be:c0:f3:fd:09:6b:ee:15:2a:96:
e6:9a:ea:ab:4b:27:d3:7e:db:43:90:48:2e:95:ac:
9f:0a:d5:4d:1c:d4:4d:82:b1:c3:c8:39:ea:4a:6e:
89:57:2c:8a:60:d5:10:18:2f:ab:11:74:67:f6:b4:
c1:7b:8b:f0:29:f8:f6:d9:ed:f0:35:c5:e7:af:41:
14:d4:65:bd:4b:63:88:ae:9e:ca:50:57:24:bf:5f:
22:f2:e6:66:ed:1b:94:c3:a0:b5:7b:68:4e:33:f0:
05:7d:18:79:e1:d4:21:4f:75:d2:9a:5f:0c:f9:9c:
83:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:32:0B:E8:0F:BC:A6:C4:44:E4:DF:43:BB:45:53:CD:EB:4D:BA:68
X509v3 Authority Key Identifier:
keyid:2E:87:28:26:FC:E0:2B:D9:48:5E:F2:76:64:1D:2B:58:4F:59:9B:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/ODIL6A-8psRE5N9Du0VTzetNumg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1bcef4-131d-4db5-94c7-24c79b1cb4da/1/LocoJvzgK9lIXvJ2ZB0rWE9Zmzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.74.0/24
Signature Algorithm: sha256WithRSAEncryption
79:fc:e9:27:4d:eb:ca:ee:1b:28:6e:34:c8:0a:29:f3:0d:e6:
e1:a1:9b:23:7a:f0:7a:0a:47:15:df:d4:c2:cb:a5:51:67:eb:
40:6d:55:6d:5d:96:7f:c2:0d:c4:98:95:1d:12:8f:25:ed:53:
0c:95:b0:49:92:f2:dd:e3:a9:a6:25:81:69:fe:2d:2c:05:17:
56:5c:2e:4d:d1:9c:35:53:7f:f8:38:f7:b6:47:61:ce:14:99:
cf:1b:14:74:53:d6:b5:c3:90:83:b5:3c:d2:10:e0:ea:35:bd:
4a:ce:de:0c:1e:e7:ac:0f:05:7f:69:88:1e:cb:db:28:c5:bc:
e6:5f:4a:9c:79:d6:33:00:4f:f8:a7:b1:4d:1d:ed:9e:29:e0:
6d:33:24:97:30:ce:63:a3:65:32:8c:2b:a0:69:46:d8:ad:36:
fd:bc:35:0e:95:b2:53:48:68:8d:c3:d4:49:c1:e6:b7:21:42:
eb:6a:aa:3f:f1:a4:ec:7a:1e:11:31:2f:80:5f:00:45:f6:b6:
73:7d:81:43:c1:bb:cd:c0:d0:a0:d3:91:4d:28:41:6f:3d:5b:
85:5c:16:57:9f:6f:ce:56:6a:3d:b5:8f:07:d8:61:f3:fc:26:
5b:75:90:5a:86:9d:b0:06:18:e1:ea:ce:fa:6c:b0:c7:0b:40:
3f:6e:a5:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWKmcvIBMne98Sfvda959p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODcyODI2ZmNlMDJiZDk0ODVlZjI3NjY0MWQyYjU4NGY1
OTliMzcwHhcNMjUwMzEyMTM0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODMyMGJlODBmYmNhNmM0NDRlNGRmNDNiYjQ1NTNjZGViNGRiYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzje49wGqJl7L3OcOD+2WpeTvmCl
Xj7H5lSlkOzLtAPaCEEAHIPsn5A4RPi0JxYaEbANKH3lcni4DGP65XnKihwuLCYO
GppNMsmCB3ve6MFEN7/HW5fKnyrXhQa1crEgu4v4s75lHqkpmMudKxP9i5HSNBsG
TELYFSnCfea2U0ZjMEjAzeXzlHo4jb7A8/0Ja+4VKpbmmuqrSyfTfttDkEgulayf
CtVNHNRNgrHDyDnqSm6JVyyKYNUQGC+rEXRn9rTBe4vwKfj22e3wNcXnr0EU1GW9
S2OIrp7KUFckv18i8uZm7RuUw6C1e2hOM/AFfRh54dQhT3XSml8M+ZyDVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgyC+gPvKbEROTfQ7tFU83rTbpoMB8GA1UdIwQY
MBaAFC6HKCb84CvZSF7ydmQdK1hPWZs3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9jb0p2emdLOWxJWHZKMlpCMHJXRTlabXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xYmNlZjQtMTMxZC00ZGI1LTk0Yzct
MjRjNzliMWNiNGRhLzEvT0RJTDZBLThwc1JFNU45RHUwVlR6ZXROdW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xYmNlZjQtMTMxZC00ZGI1LTk0YzctMjRjNzliMWNiNGRh
LzEvTG9jb0p2emdLOWxJWHZKMlpCMHJXRTlabXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUNKMA0G
CSqGSIb3DQEBCwUAA4IBAQB5/OknTevK7hsobjTICinzDebhoZsjevB6CkcV39TC
y6VRZ+tAbVVtXZZ/wg3EmJUdEo8l7VMMlbBJkvLd46mmJYFp/i0sBRdWXC5N0Zw1
U3/4OPe2R2HOFJnPGxR0U9a1w5CDtTzSEODqNb1Kzt4MHuesDwV/aYgey9soxbzm
X0qcedYzAE/4p7FNHe2eKeBtMySXMM5jo2UyjCugaUbYrTb9vDUOlbJTSGiNw9RJ
wea3IULraqo/8aTseh4RMS+AXwBF9rZzfYFDwbvNwNCg05FNKEFvPVuFXBZXn2/O
Vmo9tY8H2GHz/CZbdZBahp2wBhjh6s76bLDHC0A/bqU2
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:50:06 2025 by rpki-client