Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8EB6oyqrP-dTvDWiWPbh4pwATDw.roa
File: 8EB6oyqrP-dTvDWiWPbh4pwATDw.roa (raw, json)
Hash identifier: osZCbwRrL/E1jnFHqJvzV8m4LbnUhzZhoIo9uB3f8RE=
Subject key identifier: F0:40:7A:A3:2A:AB:3F:E7:53:BC:35:A2:58:F6:E1:E2:9C:00:4C:3C
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0191DE51802F0CB9A96A18FA0D10495387CA
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8EB6oyqrP-dTvDWiWPbh4pwATDw.roa
Signing time: Tue 10 Sep 2024 23:42:48 +0000
ROA not before: Tue 10 Sep 2024 23:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
88.135.96.0/20 maxlen: 24
89.39.172.0/23 maxlen: 24
94.26.64.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:de:51:80:2f:0c:b9:a9:6a:18:fa:0d:10:49:53:87:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Sep 10 23:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0407aa32aab3fe753bc35a258f6e1e29c004c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:21:d8:0d:6a:ff:e4:8f:3a:3d:d7:c6:77:
33:d9:b6:1e:17:69:1d:43:b6:a1:5b:ff:45:95:a8:
42:7d:01:9e:a0:29:a8:f2:e9:90:92:59:ed:bc:ad:
a6:a9:cb:8f:cd:52:67:4e:38:52:f9:f3:c4:3f:3e:
48:2d:11:00:46:e2:bf:ee:13:4e:61:1f:5c:84:e1:
3b:25:34:ca:d6:35:64:67:94:74:99:d8:30:11:44:
14:c9:d0:f9:ae:70:c9:ac:82:97:ba:5d:e3:4e:ee:
37:52:9e:7f:79:bf:6c:1b:aa:63:73:4c:57:d7:5d:
5f:26:76:fb:5b:3e:eb:a0:1e:9d:d8:27:5c:a3:b5:
39:74:65:cf:5a:7d:70:52:de:b6:62:07:f6:be:d3:
99:a9:93:5f:1a:c5:9d:23:23:bb:7b:76:b6:b0:ab:
16:ca:c3:a3:d4:c3:3d:ba:83:c4:97:82:3f:60:ff:
c3:30:24:6f:11:2e:f9:75:e0:14:65:f1:4c:fd:05:
c6:7e:24:66:0e:75:8e:bb:3c:06:ee:05:0a:b0:a2:
43:1c:6f:c2:23:8d:0c:93:25:b6:c0:81:b3:b9:31:
17:69:80:7f:d3:3f:a5:06:6b:99:90:27:79:92:e5:
5c:3d:a9:9b:8f:e5:b1:d6:1f:e4:f8:6e:c4:64:fa:
4c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:40:7A:A3:2A:AB:3F:E7:53:BC:35:A2:58:F6:E1:E2:9C:00:4C:3C
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8EB6oyqrP-dTvDWiWPbh4pwATDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
85.204.160.0/22
88.135.96.0/20
89.39.172.0/23
94.26.64.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:83:ef:6a:49:1c:04:4d:49:ef:34:93:cd:36:ac:25:ef:5a:
09:c8:5c:44:b1:bf:f8:c6:cc:4f:e7:f7:0e:63:5d:fa:25:32:
74:cd:48:d5:00:48:2c:6a:1a:53:f1:c5:58:a7:18:ed:43:52:
10:a4:af:73:36:36:d4:55:df:20:62:23:c9:d8:4c:05:43:41:
54:58:1c:dc:d7:53:37:7d:4d:08:da:91:02:e3:f1:e6:c6:4f:
fe:94:33:1c:67:97:66:26:a1:04:a6:fd:4d:b4:6b:48:bb:a8:
aa:27:6d:2f:7e:48:82:03:78:07:33:47:e3:29:12:eb:85:6d:
c7:d9:2a:95:97:26:12:e5:c7:35:24:fe:7f:d3:9e:e7:cd:5b:
04:78:d7:07:18:d2:14:a6:e5:a2:7a:25:6c:77:c5:e7:a8:68:
7f:49:86:01:ca:bb:b6:95:9a:7f:e9:ee:10:cb:0f:a9:f5:35:
03:7a:9b:a8:bb:1e:01:0a:93:44:87:ae:73:dd:dd:a2:0b:e2:
3f:dc:a7:34:f1:34:09:12:5d:93:b4:3b:3a:57:41:16:98:27:
db:7a:f3:2f:08:72:97:e1:25:97:6d:29:1a:91:3a:04:bb:6c:
2f:da:1a:69:0c:5b:3d:15:5e:c5:42:0e:64:fe:76:36:80:6b:
f3:36:e2:83
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHeUYAvDLmpahj6DRBJU4fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwOTEwMjM0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQwN2FhMzJhYWIzZmU3NTNiYzM1YTI1OGY2ZTFlMjljMDA0YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDoh2A1q/+SPOj3Xxncz2bYeF2kd
Q7ahW/9FlahCfQGeoCmo8umQklntvK2mqcuPzVJnTjhS+fPEPz5ILREARuK/7hNO
YR9chOE7JTTK1jVkZ5R0mdgwEUQUydD5rnDJrIKXul3jTu43Up5/eb9sG6pjc0xX
111fJnb7Wz7roB6d2Cdco7U5dGXPWn1wUt62Ygf2vtOZqZNfGsWdIyO7e3a2sKsW
ysOj1MM9uoPEl4I/YP/DMCRvES75deAUZfFM/QXGfiRmDnWOuzwG7gUKsKJDHG/C
I40MkyW2wIGzuTEXaYB/0z+lBmuZkCd5kuVcPambj+Wx1h/k+G7EZPpMSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPBAeqMqqz/nU7w1olj24eKcAEw8MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvOEVCNm95cXJQLWRUdkRXaVdQYmg0cHdBVER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPAAwQC
VcygAwQEWIdgAwQBWSesAwQBXhpAMA0GCSqGSIb3DQEBCwUAA4IBAQAfg+9qSRwE
TUnvNJPNNqwl71oJyFxEsb/4xsxP5/cOY136JTJ0zUjVAEgsahpT8cVYpxjtQ1IQ
pK9zNjbUVd8gYiPJ2EwFQ0FUWBzc11M3fU0I2pEC4/Hmxk/+lDMcZ5dmJqEEpv1N
tGtIu6iqJ20vfkiCA3gHM0fjKRLrhW3H2SqVlyYS5cc1JP5/057nzVsEeNcHGNIU
puWieiVsd8XnqGh/SYYByru2lZp/6e4Qyw+p9TUDepuoux4BCpNEh65z3d2iC+I/
3Kc08TQJEl2TtDs6V0EWmCfbevMvCHKX4SWXbSkakToEu2wv2hppDFs9FV7FQg5k
/nY2gGvzNuKD
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:48:55 2025 by rpki-client