Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/ObxQrjZD088rpIJqI5d9iE4cHrU.roa
File: ObxQrjZD088rpIJqI5d9iE4cHrU.roa (raw, json)
Hash identifier: rZMDbIDIm+bLnIW1w7La0IRWahR5H/Boo4cGcXK+vL0=
Subject key identifier: 39:BC:50:AE:36:43:D3:CF:2B:A4:82:6A:23:97:7D:88:4E:1C:1E:B5
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 01933FA7020A00F9D9AE9F535DDBD4642910
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/ObxQrjZD088rpIJqI5d9iE4cHrU.roa
Signing time: Mon 18 Nov 2024 14:22:09 +0000
ROA not before: Mon 18 Nov 2024 14:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 109.245.96.0/24 maxlen: 24
109.245.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 14:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:a7:02:0a:00:f9:d9:ae:9f:53:5d:db:d4:64:29:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Nov 18 14:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39bc50ae3643d3cf2ba4826a23977d884e1c1eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:5d:cf:35:aa:46:40:b1:7e:a7:f3:76:8e:
cb:cb:76:12:26:84:18:d0:b6:87:a2:21:a0:15:f8:
02:ea:e5:dc:56:c6:e0:e6:11:7c:aa:d6:57:52:19:
76:76:d6:19:c2:48:e4:f2:a4:48:79:99:f9:50:82:
04:33:86:e0:6b:60:d1:75:97:06:4e:a5:e3:27:63:
b4:2d:8b:2d:b1:6f:58:46:e1:de:da:c9:83:ea:97:
ee:81:0e:d8:f3:e2:93:92:23:bd:bc:ec:e0:65:75:
ac:bf:c3:f3:59:ce:52:d2:34:a7:54:1f:ba:51:7c:
bd:05:61:8d:10:d1:67:1c:45:b2:88:8b:ac:3d:55:
06:78:5d:5b:5e:16:76:a4:54:1d:fe:d2:5f:c2:78:
0a:37:1d:32:8c:e0:c8:25:bd:92:34:b2:2d:11:09:
53:6a:e0:b1:7d:7c:a0:ee:ba:88:3a:86:95:14:ce:
30:f3:f2:14:0f:28:9a:6e:ed:9a:f3:33:07:38:bb:
80:e5:c9:0a:6d:77:83:4b:00:81:ab:79:aa:fb:c7:
fe:0b:ca:87:7f:b8:07:b5:8b:66:e1:d0:f3:3c:46:
fe:ca:af:9f:d5:b4:7e:d9:09:98:1c:c5:f8:6a:55:
c9:14:d6:ad:a2:6c:7d:b7:a6:f8:7e:24:2a:e3:b2:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BC:50:AE:36:43:D3:CF:2B:A4:82:6A:23:97:7D:88:4E:1C:1E:B5
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/ObxQrjZD088rpIJqI5d9iE4cHrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.245.96.0/24
109.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0a:9d:d2:9c:79:89:a8:99:0c:ad:b9:ba:66:ae:c0:41:88:
78:bf:95:ea:4d:d7:68:ad:74:27:22:e2:83:3d:5f:76:af:1b:
b1:50:03:8d:f1:36:63:5f:6c:94:ad:aa:3b:93:17:98:ea:42:
85:ba:4e:f0:2f:02:28:d8:c9:db:62:c9:43:ca:fe:fc:20:da:
60:d4:da:88:5b:7a:44:95:80:b1:b5:d8:26:61:1d:75:13:e0:
99:1a:53:27:8e:9d:f9:5a:d7:a8:0c:67:e4:06:20:53:7d:62:
0b:a8:13:83:7f:bf:78:e1:86:89:62:64:43:7a:ef:b7:02:9b:
57:ec:ff:15:fe:dc:3f:ff:fc:66:ce:60:1a:8c:a8:25:f1:d0:
73:60:de:25:c3:24:9c:50:c3:f8:66:6c:7c:46:5d:47:f5:9e:
de:a7:d1:05:e5:f2:b4:40:66:78:e8:23:25:1a:b2:b8:0d:c4:
81:02:b2:57:32:a9:84:eb:82:0d:cb:6a:41:64:9c:8a:1a:a5:
34:e0:dd:7c:da:7e:ba:a2:9a:7f:e6:e0:ad:ce:65:86:39:da:
3d:3b:20:1d:68:19:c1:6c:38:e1:54:25:41:8c:3a:8b:0e:49:
de:4c:ba:f1:fb:9d:4b:d2:6a:1e:51:96:50:4d:ec:2f:8a:7d:
fc:b4:34:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZM/pwIKAPnZrp9TXdvUZCkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjQxMTE4MTQyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJjNTBhZTM2NDNkM2NmMmJhNDgyNmEyMzk3N2Q4ODRlMWMxZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJNdzzWqRkCxfqfzdo7Ly3YSJoQY
0LaHoiGgFfgC6uXcVsbg5hF8qtZXUhl2dtYZwkjk8qRIeZn5UIIEM4bga2DRdZcG
TqXjJ2O0LYstsW9YRuHe2smD6pfugQ7Y8+KTkiO9vOzgZXWsv8PzWc5S0jSnVB+6
UXy9BWGNENFnHEWyiIusPVUGeF1bXhZ2pFQd/tJfwngKNx0yjODIJb2SNLItEQlT
auCxfXyg7rqIOoaVFM4w8/IUDyiabu2a8zMHOLuA5ckKbXeDSwCBq3mq+8f+C8qH
f7gHtYtm4dDzPEb+yq+f1bR+2QmYHMX4alXJFNatomx9t6b4fiQq47JKVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDm8UK42Q9PPK6SCaiOXfYhOHB61MB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvT2J4UXJqWkQwODhycElKcUk1ZDlpRTRjSHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbfVgAwQA
bfVwMA0GCSqGSIb3DQEBCwUAA4IBAQCJCp3SnHmJqJkMrbm6Zq7AQYh4v5XqTddo
rXQnIuKDPV92rxuxUAON8TZjX2yUrao7kxeY6kKFuk7wLwIo2MnbYslDyv78INpg
1NqIW3pElYCxtdgmYR11E+CZGlMnjp35WteoDGfkBiBTfWILqBODf7944YaJYmRD
eu+3AptX7P8V/tw///xmzmAajKgl8dBzYN4lwyScUMP4Zmx8Rl1H9Z7ep9EF5fK0
QGZ46CMlGrK4DcSBArJXMqmE64INy2pBZJyKGqU04N182n66opp/5uCtzmWGOdo9
OyAdaBnBbDjhVCVBjDqLDkneTLrx+51L0moeUZZQTewvin38tDTf
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:03:16 2025 by rpki-client