Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/op52l239l7Z65gwdS-Gywxn0tu0.roa
File: op52l239l7Z65gwdS-Gywxn0tu0.roa (raw, json)
Hash identifier: +3OX+PV9TlGPsn5sQ3YNjoFkLVSCDpZ54RlJQEEScvo=
Subject key identifier: A2:9E:76:97:6D:FD:97:B6:7A:E6:0C:1D:4B:E1:B2:C3:19:F4:B6:ED
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018D40B135617D51212B72506796FACD4027
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/op52l239l7Z65gwdS-Gywxn0tu0.roa
Signing time: Thu 25 Jan 2024 12:56:11 +0000
ROA not before: Thu 25 Jan 2024 12:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52041
IP address blocks: 82.215.64.0/24 maxlen: 24
185.248.134.0/24 maxlen: 24
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:e40::/44 maxlen: 44
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
2a12:bec0:7002::/48 maxlen: 48
2a12:bec0:7003::/48 maxlen: 48
2a12:bec0:7004::/48 maxlen: 48
2a12:bec0:7006::/48 maxlen: 48
2a12:bec0:7007::/48 maxlen: 48
2a12:bec0:7008::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec2::/32 maxlen: 32
2a12:bec2:b00b::/48 maxlen: 48
2a12:bec3:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 14:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:b1:35:61:7d:51:21:2b:72:50:67:96:fa:cd:40:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 25 12:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a29e76976dfd97b67ae60c1d4be1b2c319f4b6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9a:0f:88:7e:38:87:be:47:3d:4e:68:51:f9:
e7:cd:e7:dc:a0:88:b4:25:7b:1f:1e:61:59:f1:22:
c7:fb:89:6a:c4:4b:50:69:8c:8b:2d:be:da:01:54:
0d:ec:f0:c5:db:ad:10:5e:90:79:21:1a:c5:91:39:
dc:05:06:d3:3a:43:40:6c:1c:02:65:80:2f:ba:e6:
f5:e4:bd:bb:b6:ad:20:cf:46:16:1c:60:26:da:f5:
bb:5f:fe:7d:11:07:7e:23:ec:02:71:b6:22:b3:d1:
e2:f8:8c:b1:ee:a1:b3:51:4a:72:f7:6d:50:79:13:
6e:96:c0:fc:03:32:b7:fe:aa:87:21:f2:74:92:44:
58:27:9b:8a:c1:bd:07:7b:09:72:bb:4b:79:e7:58:
b9:3c:05:a0:dd:01:54:fc:74:df:14:08:52:2b:88:
e6:2a:cd:5c:bc:16:55:89:b6:f7:ab:90:f5:65:6e:
9c:86:d0:c7:9d:b8:56:53:00:d3:e5:73:59:7e:77:
ef:e0:61:c3:73:69:3b:98:d4:8c:96:40:43:10:8b:
5b:3f:5f:1c:13:83:80:8f:b7:cd:cf:4d:79:55:8a:
e0:e8:2a:90:52:a0:ca:d8:c0:08:83:49:5e:a0:ba:
c5:28:c4:fb:61:96:79:a1:7b:09:fe:39:0b:85:63:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9E:76:97:6D:FD:97:B6:7A:E6:0C:1D:4B:E1:B2:C3:19:F4:B6:ED
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/op52l239l7Z65gwdS-Gywxn0tu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.64.0/24
185.248.134.0/24
IPv6:
2a12:bec0:d0::/44
2a12:bec0:e40::/44
2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
2a12:bec0:7006::-2a12:bec0:7008:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1:b00b::/48
2a12:bec2::/32
2a12:bec3:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
83:fb:e2:ff:d5:1d:0a:63:1a:83:fa:a6:9d:d1:58:38:81:1b:
10:4b:ab:32:ca:49:b9:cf:01:d7:af:20:57:4e:ee:bb:b0:14:
c2:c2:b4:d1:06:d9:24:06:ac:46:7a:9f:31:8c:da:89:d5:fe:
f7:f9:34:03:10:76:c1:c5:38:94:8f:b4:62:96:50:34:ef:84:
7b:3b:e9:c1:8d:cb:64:99:43:b2:6e:13:63:bf:2d:b3:95:ff:
d0:0c:08:60:0e:b1:fc:0e:db:03:fa:34:a0:0e:0b:c3:7b:04:
87:7e:ae:2b:80:1d:0b:f9:e4:15:17:2f:b6:ba:96:e1:3d:8e:
60:f1:63:e2:33:88:10:ce:9b:d3:4e:cd:a2:aa:23:db:71:03:
92:d6:0d:00:f6:7b:0c:d9:e1:de:2b:9b:ee:26:f3:e4:66:62:
43:2a:3b:53:4e:c6:17:b7:53:8f:dd:f3:12:90:6b:c1:25:d6:
1e:8d:34:02:2f:91:bf:52:ec:0b:8e:2c:71:4f:4f:4f:85:48:
48:8d:1e:39:f7:14:d7:8c:f1:bb:2d:bd:4b:a0:fd:e3:8b:54:
74:14:12:cf:58:a2:41:23:b8:b7:92:fa:59:e8:68:b4:c0:02:
76:6a:7e:c7:84:25:ef:b4:0f:97:60:59:f6:3a:3e:24:97:f7:
26:3e:cd:3e
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY1AsTVhfVEhK3JQZ5b6zUAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTI1MTI1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjllNzY5NzZkZmQ5N2I2N2FlNjBjMWQ0YmUxYjJjMzE5ZjRiNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspoPiH44h75HPU5oUfnnzefcoIi0
JXsfHmFZ8SLH+4lqxEtQaYyLLb7aAVQN7PDF260QXpB5IRrFkTncBQbTOkNAbBwC
ZYAvuub15L27tq0gz0YWHGAm2vW7X/59EQd+I+wCcbYis9Hi+Iyx7qGzUUpy921Q
eRNulsD8AzK3/qqHIfJ0kkRYJ5uKwb0Hewlyu0t551i5PAWg3QFU/HTfFAhSK4jm
Ks1cvBZVibb3q5D1ZW6chtDHnbhWUwDT5XNZfnfv4GHDc2k7mNSMlkBDEItbP18c
E4OAj7fNz015VYrg6CqQUqDK2MAIg0leoLrFKMT7YZZ5oXsJ/jkLhWMM9wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFKKedpdt/Ze2euYMHUvhssMZ9LbtMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvb3A1MmwyMzlsN1o2NWd3ZFMtR3l3eG4wdHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwEgQCAAEwDAMEAFLXQAME
ALn4hjBhBAIAAjBbAwcEKhK+wADQAwcEKhK+wA5AMBEDBgQqEr7AcAMHACoSvsBw
BDASAwcBKhK+wHAGAwcAKhK+wHAIAwcAKhK+wLALAwcAKhK+wbALAwUAKhK+wgMH
ACoSvsOwCzANBgkqhkiG9w0BAQsFAAOCAQEAg/vi/9UdCmMag/qmndFYOIEbEEur
MspJuc8B168gV07uu7AUwsK00QbZJAasRnqfMYzaidX+9/k0AxB2wcU4lI+0YpZQ
NO+EezvpwY3LZJlDsm4TY78ts5X/0AwIYA6x/A7bA/o0oA4Lw3sEh36uK4AdC/nk
FRcvtrqW4T2OYPFj4jOIEM6b007Noqoj23EDktYNAPZ7DNnh3iub7ibz5GZiQyo7
U07GF7dTj93zEpBrwSXWHo00Ai+Rv1LsC44scU9PT4VISI0eOfcU14zxuy29S6D9
44tUdBQSz1iiQSO4t5L6WehotMACdmp+x4Ql77QPl2BZ9jo+JJf3Jj7NPg==
-----END CERTIFICATE-----
Generated at Thu May 15 23:30:13 2025 by rpki-client