Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/eV-kpjjgqS6aAPlX3w8yLj3UhSk.roa
File: eV-kpjjgqS6aAPlX3w8yLj3UhSk.roa (raw, json)
Hash identifier: E0uA9VefbCUXPWLoo9YkWkVJkHPYfdzzFE4fCSOwBTA=
Subject key identifier: 79:5F:A4:A6:38:E0:A9:2E:9A:00:F9:57:DF:0F:32:2E:3D:D4:85:29
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01919A2D8F6ACEF3102A3392AD530E622811
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/eV-kpjjgqS6aAPlX3w8yLj3UhSk.roa
Signing time: Wed 28 Aug 2024 18:09:22 +0000
ROA not before: Wed 28 Aug 2024 18:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.247.59.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
188.241.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 23:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9a:2d:8f:6a:ce:f3:10:2a:33:92:ad:53:0e:62:28:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 28 18:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=795fa4a638e0a92e9a00f957df0f322e3dd48529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:53:c1:40:6f:1c:54:15:5e:1c:96:6c:a2:d0:
57:39:39:83:79:11:ac:63:f7:4b:27:89:b8:29:29:
48:03:5f:86:26:eb:d7:5a:6a:ea:93:f3:f9:78:e6:
0e:d7:6a:cb:25:fb:4b:4b:5c:f8:5b:d7:7b:04:97:
f6:ac:80:3e:94:d1:3b:69:4b:e9:69:c4:11:27:8f:
24:27:9f:8b:9e:fa:e5:65:bb:a8:ce:4c:13:22:7c:
a9:e3:aa:d9:42:c3:3c:3a:02:07:6a:1f:6c:e6:0f:
29:88:20:ce:42:c7:82:f2:bd:13:34:4a:ba:9e:07:
df:26:dd:50:9c:6a:a4:67:6c:a7:39:11:a2:ac:d8:
47:ed:a1:ed:16:77:f4:e3:2f:90:c9:20:9b:6f:e2:
3e:53:c8:f8:9f:89:60:5b:11:3d:79:c7:1d:ba:4c:
9f:72:bb:64:64:b5:40:5e:fa:eb:c1:c8:8d:48:9e:
c2:ac:ad:16:9c:2a:a7:0d:52:58:3d:a9:87:92:9e:
ad:8a:a8:ec:bd:7b:46:f5:50:f1:0e:bc:06:57:f0:
44:9d:17:75:ea:cf:22:d3:cb:c5:e3:1e:79:5d:94:
a9:83:e8:d8:c2:5d:87:c6:1d:99:38:aa:c8:a6:75:
5f:cc:8f:53:37:59:ac:c0:42:52:43:a4:01:83:cd:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5F:A4:A6:38:E0:A9:2E:9A:00:F9:57:DF:0F:32:2E:3D:D4:85:29
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/eV-kpjjgqS6aAPlX3w8yLj3UhSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.59.0/24
89.34.171.0/24
188.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:02:6e:0a:e7:d5:e9:29:1a:22:2e:47:2b:ea:a1:10:90:62:
ec:c4:c1:35:42:57:fd:46:a8:da:2d:0e:00:33:88:a2:db:59:
b8:fd:1e:b6:29:65:9e:0b:ee:91:b0:d2:0f:46:32:b6:5c:d6:
d5:c4:9d:4f:8c:9b:a0:f6:f0:9c:0d:e0:bb:8a:f5:0a:35:aa:
0c:0c:a7:d7:58:18:ca:80:8c:83:8a:97:89:49:41:5d:90:e1:
9a:9e:5f:5d:59:ce:ae:93:32:65:ba:25:c7:e7:64:f8:af:e6:
a3:61:9f:af:60:68:3f:31:ad:ea:88:92:8b:35:f7:9e:a0:c3:
8d:66:04:a4:56:94:77:e7:55:d7:69:bb:01:dc:dd:37:bb:ba:
2e:49:83:2f:dc:c0:f8:13:54:a2:46:fa:44:1c:cf:d0:cb:b2:
5a:8d:0b:5d:9a:32:47:a2:bd:97:9f:53:ed:8e:fb:34:ed:e8:
98:fe:fd:1f:aa:96:19:72:dd:4f:d0:e0:28:de:98:b5:b9:a3:
27:fc:c0:f6:a3:09:82:02:a2:8f:4f:e2:24:d9:21:39:f6:2d:
98:ab:12:80:33:2f:4b:d5:32:da:06:a5:95:02:43:1f:4c:b1:
a1:48:1c:15:8b:a6:2b:44:96:41:f7:88:a6:20:93:2a:15:88:
90:d5:3f:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGaLY9qzvMQKjOSrVMOYigRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODI4MTgwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVmYTRhNjM4ZTBhOTJlOWEwMGY5NTdkZjBmMzIyZTNkZDQ4NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVPBQG8cVBVeHJZsotBXOTmDeRGs
Y/dLJ4m4KSlIA1+GJuvXWmrqk/P5eOYO12rLJftLS1z4W9d7BJf2rIA+lNE7aUvp
acQRJ48kJ5+LnvrlZbuozkwTInyp46rZQsM8OgIHah9s5g8piCDOQseC8r0TNEq6
ngffJt1QnGqkZ2ynORGirNhH7aHtFnf04y+QySCbb+I+U8j4n4lgWxE9eccdukyf
crtkZLVAXvrrwciNSJ7CrK0WnCqnDVJYPamHkp6tiqjsvXtG9VDxDrwGV/BEnRd1
6s8i08vF4x55XZSpg+jYwl2Hxh2ZOKrIpnVfzI9TN1mswEJSQ6QBg82y+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHlfpKY44KkumgD5V98PMi491IUpMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvZVYta3BqamdxUzZhQVBsWDN3OHlMajNVaFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVPc7AwQA
WSKrAwQAvPHAMA0GCSqGSIb3DQEBCwUAA4IBAQA8Am4K59XpKRoiLkcr6qEQkGLs
xME1Qlf9RqjaLQ4AM4ii21m4/R62KWWeC+6RsNIPRjK2XNbVxJ1PjJug9vCcDeC7
ivUKNaoMDKfXWBjKgIyDipeJSUFdkOGanl9dWc6ukzJluiXH52T4r+ajYZ+vYGg/
Ma3qiJKLNfeeoMONZgSkVpR351XXabsB3N03u7ouSYMv3MD4E1SiRvpEHM/Qy7Ja
jQtdmjJHor2Xn1Ptjvs07eiY/v0fqpYZct1P0OAo3pi1uaMn/MD2owmCAqKPT+Ik
2SE59i2YqxKAMy9L1TLaBqWVAkMfTLGhSBwVi6YrRJZB94imIJMqFYiQ1T+r
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:05 2025 by rpki-client