Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/O3xaDX0E6zBtRg3uyPJlEr9fJxk.roa
File: O3xaDX0E6zBtRg3uyPJlEr9fJxk.roa (raw, json)
Hash identifier: hx18Rz35ZklAXkTR+IRkQYnVsZem92uY6xrc9MBE3EU=
Subject key identifier: 3B:7C:5A:0D:7D:04:EB:30:6D:46:0D:EE:C8:F2:65:12:BF:5F:27:19
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 0193778476432C547A6A0876E39B95E0E614
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/O3xaDX0E6zBtRg3uyPJlEr9fJxk.roa
Signing time: Fri 29 Nov 2024 10:43:09 +0000
ROA not before: Fri 29 Nov 2024 10:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200924
IP address blocks: 5.182.107.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
46.102.102.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
85.204.37.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
103.197.8.0/22 maxlen: 22
103.214.180.0/22 maxlen: 22
178.157.95.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
185.36.112.0/22 maxlen: 22
185.186.116.0/22 maxlen: 22
185.207.240.0/22 maxlen: 22
195.5.96.0/23 maxlen: 23
195.181.254.0/24 maxlen: 24
195.192.252.0/24 maxlen: 24
212.103.52.0/22 maxlen: 22
212.237.254.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:84:76:43:2c:54:7a:6a:08:76:e3:9b:95:e0:e6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Nov 29 10:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b7c5a0d7d04eb306d460deec8f26512bf5f2719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5d:0d:5e:d8:9f:18:05:b5:6f:eb:9d:12:2f:
2f:92:f6:75:de:2a:93:72:c0:7a:61:2f:44:26:22:
70:7c:41:71:f0:03:65:86:ae:7d:d2:d4:a3:93:73:
70:56:bf:a5:6f:97:da:bc:1b:55:45:b6:59:30:3b:
25:71:ea:67:aa:33:8f:90:a3:a9:89:86:f1:9e:27:
32:32:06:d6:43:21:11:df:e7:7a:1d:d1:2c:5c:c3:
d2:15:53:d7:8f:e8:6e:2a:a0:74:33:11:6c:2c:32:
4c:ac:5f:c3:6e:31:02:53:61:ca:8c:a2:59:a4:82:
bf:72:4e:7a:10:1c:3e:4c:35:47:7c:97:ef:98:b0:
18:c5:4e:66:ba:61:00:1d:cf:5e:f7:ec:b9:1c:9e:
f7:74:3f:9f:e6:88:16:46:d6:d4:68:bb:73:f9:a0:
78:0e:6f:fa:1e:d0:60:41:dd:23:a1:12:e7:e4:c8:
57:52:bb:9f:34:71:17:9b:41:93:b8:92:9a:a1:82:
6d:59:d1:60:f0:43:df:60:92:7d:30:b9:29:32:14:
36:c4:04:18:fd:25:3a:40:cf:91:b7:47:34:5b:c3:
8c:02:f1:c2:d0:36:0c:2c:8a:e1:c2:09:6a:4d:53:
17:67:c3:13:d5:d5:55:a0:6a:8c:df:19:a7:ff:a3:
dc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7C:5A:0D:7D:04:EB:30:6D:46:0D:EE:C8:F2:65:12:BF:5F:27:19
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/O3xaDX0E6zBtRg3uyPJlEr9fJxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
85.204.37.0/24
94.177.133.0/24
103.197.8.0/22
103.214.180.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.5.96.0/23
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
77:ea:b2:5d:1d:46:6e:f2:8a:c0:cf:c0:ac:5a:ee:b9:94:d5:
43:5d:ab:24:49:e2:a4:b1:50:08:ad:03:00:f3:8b:0c:b1:50:
d4:2b:e0:0d:cf:c8:79:d7:7f:73:b4:88:e0:71:f1:d0:b7:05:
24:ae:8f:36:55:a7:87:2f:67:5c:eb:59:44:c0:be:92:be:fc:
6b:bc:00:91:68:f2:e7:0e:9b:b2:6b:46:58:e7:fc:fd:93:21:
13:fd:09:4a:95:e7:f2:69:ed:da:b0:b2:bb:b4:1a:3a:28:ff:
3a:b8:77:aa:f7:c6:19:d8:2c:9f:b0:a8:02:9a:d6:69:be:58:
07:5e:c4:d9:12:00:32:52:ce:bc:a3:c2:a1:a8:63:d0:2e:d0:
ef:78:59:6f:49:25:0a:ac:b8:9b:7c:ea:61:2c:45:d2:f8:87:
99:13:d6:c6:d1:03:22:9e:c1:79:7f:b4:d4:d6:80:d7:c8:fa:
66:61:37:d2:72:2d:e8:0e:1d:5b:c1:bc:29:d2:16:71:cf:ab:
e8:b4:00:a6:16:1d:70:d1:6a:da:e1:10:eb:10:72:bf:fc:ce:
b4:56:0c:1e:fb:3d:92:f8:69:56:16:01:9a:61:8c:ca:7b:ec:
fb:14:0b:93:2f:5a:02:b5:a7:43:a6:37:ab:68:3a:b6:72:13:
e0:60:3e:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZN3hHZDLFR6agh245uV4OYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjQxMTI5MTA0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdjNWEwZDdkMDRlYjMwNmQ0NjBkZWVjOGYyNjUxMmJmNWYyNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8F0NXtifGAW1b+udEi8vkvZ13iqT
csB6YS9EJiJwfEFx8ANlhq590tSjk3NwVr+lb5favBtVRbZZMDslcepnqjOPkKOp
iYbxnicyMgbWQyER3+d6HdEsXMPSFVPXj+huKqB0MxFsLDJMrF/DbjECU2HKjKJZ
pIK/ck56EBw+TDVHfJfvmLAYxU5mumEAHc9e9+y5HJ73dD+f5ogWRtbUaLtz+aB4
Dm/6HtBgQd0joRLn5MhXUrufNHEXm0GTuJKaoYJtWdFg8EPfYJJ9MLkpMhQ2xAQY
/SU6QM+Rt0c0W8OMAvHC0DYMLIrhwglqTVMXZ8MT1dVVoGqM3xmn/6PcFQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDt8Wg19BOswbUYN7sjyZRK/XycZMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvTzN4YURYMEU2ekJ0UmczdXlQSmxFcjlmSnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAAW2
azAMAwQAHw4dAwQAHw4eAwQALmZmAwQAUND/AwQAVcwlAwQAXrGFAwQCZ8UIAwQC
Z9a0AwQAsp1fAwQCuQsQAwQCuSRwAwQCubp0AwQCuc/wAwQBwwVgAwQAw7X+AwQA
w8D8AwQC1Gc0AwQA1O3+AwQA2T3/MA0EAgACMAcDBQAqA09AMA0GCSqGSIb3DQEB
CwUAA4IBAQB36rJdHUZu8orAz8CsWu65lNVDXaskSeKksVAIrQMA84sMsVDUK+AN
z8h5139ztIjgcfHQtwUkro82VaeHL2dc61lEwL6SvvxrvACRaPLnDpuya0ZY5/z9
kyET/QlKlefyae3asLK7tBo6KP86uHeq98YZ2CyfsKgCmtZpvlgHXsTZEgAyUs68
o8KhqGPQLtDveFlvSSUKrLibfOphLEXS+IeZE9bG0QMinsF5f7TU1oDXyPpmYTfS
ci3oDh1bwbwp0hZxz6votACmFh1w0Wra4RDrEHK//M60Vgwe+z2S+GlWFgGaYYzK
e+z7FAuTL1oCtadDpjeraDq2chPgYD4k
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:01:59 2025 by rpki-client