Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OrOC63Jyygh2_pdO5SZ1tF8esSg.roa
File: OrOC63Jyygh2_pdO5SZ1tF8esSg.roa (raw, json)
Hash identifier: M8G5H8ryfF/HMAdt3j9tbP/iDrWIiqTlhhchxcQ4kSQ=
Subject key identifier: 3A:B3:82:EB:72:72:CA:08:76:FE:97:4E:E5:26:75:B4:5F:1E:B1:28
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01962AF8F0A7F7C5E21C2CAA80A132CD9A28
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OrOC63Jyygh2_pdO5SZ1tF8esSg.roa
Signing time: Sat 12 Apr 2025 17:07:59 +0000
ROA not before: Sat 12 Apr 2025 17:07:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.116.226.0/23 maxlen: 24
212.116.228.0/22 maxlen: 24
212.116.236.0/22 maxlen: 24
212.116.236.0/23 maxlen: 24
212.116.236.0/24 maxlen: 24
212.116.238.0/23 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 19:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2a:f8:f0:a7:f7:c5:e2:1c:2c:aa:80:a1:32:cd:9a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Apr 12 17:07:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab382eb7272ca0876fe974ee52675b45f1eb128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d8:70:3e:dd:ae:3f:d1:0a:21:6a:ba:51:98:
98:e0:8c:35:50:84:0c:23:25:00:62:64:45:ff:0b:
b5:08:52:f9:df:e0:9a:b9:c9:06:d3:9b:2b:f4:9e:
ea:ca:f2:18:db:db:52:8d:b6:68:51:d3:b1:fd:6f:
88:07:96:dd:c8:f9:4d:aa:e0:28:b6:77:ee:17:7e:
42:d5:86:31:62:0d:a3:40:b5:78:c2:6d:91:d5:a8:
f6:df:3f:4f:7f:35:cd:81:f6:86:1f:3f:57:75:38:
bb:b4:2e:60:59:be:1d:53:0c:89:58:56:d0:7e:cf:
e2:0e:af:91:38:31:fb:f0:d0:3f:71:ec:ae:20:d6:
1c:5a:2e:b2:1c:3c:57:e4:47:fe:2d:45:8f:03:dd:
5b:0e:b3:14:61:3f:ea:03:c5:e7:97:50:00:1d:2f:
2b:64:c1:ef:86:6a:ff:fe:ea:5a:f4:ff:98:7f:31:
93:99:4f:24:c6:02:90:7a:bc:ac:72:bc:d8:3e:04:
f3:63:2f:1f:15:8d:c3:2c:83:1a:a4:e3:04:40:0e:
e5:4b:e8:e6:e7:c1:be:7c:fa:f1:e6:35:3f:29:ac:
26:25:80:84:1e:9e:8a:f1:4f:d7:74:bc:12:03:f0:
dd:16:cf:9d:d8:dc:42:40:d1:ba:ec:ff:3f:c9:bf:
94:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B3:82:EB:72:72:CA:08:76:FE:97:4E:E5:26:75:B4:5F:1E:B1:28
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OrOC63Jyygh2_pdO5SZ1tF8esSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.226.0-212.116.231.255
212.116.236.0/22
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:bb:01:cf:72:96:30:38:8f:4c:22:bf:7c:d9:2b:dc:85:09:
bd:52:83:cf:7a:1a:a7:ab:be:9c:a8:a9:e5:a2:de:30:93:80:
67:e4:65:8d:c6:3b:e8:41:2c:21:97:3f:79:47:33:0d:87:32:
6d:0b:5a:d9:96:ca:57:86:e2:25:90:e2:ea:24:43:71:05:73:
5d:19:09:1b:46:44:f3:aa:9b:fc:68:f2:48:fa:45:fa:23:50:
1d:70:a2:16:34:dd:f4:95:4a:4b:6d:56:7d:c2:be:7c:1e:b3:
0a:ac:08:6b:35:1e:cd:7e:3d:63:fb:01:90:ee:72:85:56:16:
30:2e:a8:97:9c:62:fd:4f:4f:96:b5:64:95:bd:13:fc:fc:ec:
b5:fc:d8:6c:ed:97:5c:17:96:5e:a3:79:3c:d8:50:62:d8:e9:
0f:5a:bd:18:fd:fe:7b:4c:d7:f2:a7:37:4d:48:71:f5:29:06:
a9:c7:3f:f2:6b:8e:47:26:66:5f:9d:47:1a:02:13:f7:ae:11:
3a:7e:0f:58:d3:79:8c:e8:5d:11:25:dd:ef:02:f5:2e:d4:57:
42:12:b2:19:43:a9:de:16:a3:c7:ed:f2:06:39:a1:42:25:93:
ba:16:ab:37:b4:d6:2f:64:25:05:1d:ca:34:cc:ce:9a:50:69:
8c:a6:c5:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZYq+PCn98XiHCyqgKEyzZooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwNDEyMTcwNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWIzODJlYjcyNzJjYTA4NzZmZTk3NGVlNTI2NzViNDVmMWViMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59hwPt2uP9EKIWq6UZiY4Iw1UIQM
IyUAYmRF/wu1CFL53+CauckG05sr9J7qyvIY29tSjbZoUdOx/W+IB5bdyPlNquAo
tnfuF35C1YYxYg2jQLV4wm2R1aj23z9PfzXNgfaGHz9XdTi7tC5gWb4dUwyJWFbQ
fs/iDq+RODH78NA/ceyuINYcWi6yHDxX5Ef+LUWPA91bDrMUYT/qA8Xnl1AAHS8r
ZMHvhmr//upa9P+YfzGTmU8kxgKQeryscrzYPgTzYy8fFY3DLIMapOMEQA7lS+jm
58G+fPrx5jU/KawmJYCEHp6K8U/XdLwSA/DdFs+d2NxCQNG67P8/yb+UmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDqzgutycsoIdv6XTuUmdbRfHrEoMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvT3JPQzYzSnl5Z2gyX3BkTzVTWjF0Rjhlc1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAHUdOID
BAPUdOADBALUdOwDBADUdPYwDQYJKoZIhvcNAQELBQADggEBAI67Ac9yljA4j0wi
v3zZK9yFCb1Sg896GqervpyoqeWi3jCTgGfkZY3GO+hBLCGXP3lHMw2HMm0LWtmW
yleG4iWQ4uokQ3EFc10ZCRtGRPOqm/xo8kj6RfojUB1wohY03fSVSkttVn3Cvnwe
swqsCGs1Hs1+PWP7AZDucoVWFjAuqJecYv1PT5a1ZJW9E/z87LX82Gztl1wXll6j
eTzYUGLY6Q9avRj9/ntM1/KnN01IcfUpBqnHP/JrjkcmZl+dRxoCE/euETp+D1jT
eYzoXREl3e8C9S7UV0ISshlDqd4Wo8ft8gY5oUIlk7oWqze01i9kJQUdyjTMzppQ
aYymxfg=
-----END CERTIFICATE-----
Generated at Mon May 12 18:30:28 2025 by rpki-client