Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/fb35YOnwqgPJs4Utel0TQ0vhpFA.roa
File: fb35YOnwqgPJs4Utel0TQ0vhpFA.roa (raw, json)
Hash identifier: DVMGNIQXPRsnnyyb3bQQQ4lBpyTHgE+fBWu9PbfdLuc=
Subject key identifier: 7D:BD:F9:60:E9:F0:AA:03:C9:B3:85:2D:7A:5D:13:43:4B:E1:A4:50
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 0193AF3BA914B0B087CDA90A66F7C5B800F0
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/fb35YOnwqgPJs4Utel0TQ0vhpFA.roa
Signing time: Tue 10 Dec 2024 06:22:22 +0000
ROA not before: Tue 10 Dec 2024 06:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202029
IP address blocks: 91.213.151.0/24 maxlen: 24
185.212.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
2a04:acc0:10::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:3b:a9:14:b0:b0:87:cd:a9:0a:66:f7:c5:b8:00:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Dec 10 06:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dbdf960e9f0aa03c9b3852d7a5d13434be1a450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:97:79:e4:eb:1b:29:a0:0c:b1:2f:8c:ec:
79:e3:aa:d3:d2:e1:98:c1:3f:ec:62:8a:9e:4e:43:
da:d4:c3:38:cd:e0:1b:b0:3d:d5:4c:c3:ec:65:e7:
1c:f3:42:bf:d2:f3:12:70:eb:8e:f3:47:18:f4:dd:
07:a3:b0:7a:42:5e:46:55:91:3c:bf:4d:33:14:7c:
05:8f:40:b1:04:8f:f5:7a:78:96:b2:d2:ba:40:7c:
4d:b6:77:32:86:b3:9c:ce:36:67:cc:87:41:20:59:
ce:3c:4c:2e:96:5d:6c:0a:8e:ce:d7:02:5f:8a:3b:
8c:7c:a4:33:cc:f5:2a:95:4b:c6:e7:1f:62:94:ee:
8d:cb:9e:9b:31:21:dd:ac:43:07:21:dc:e3:fb:90:
83:b4:e9:96:84:0d:84:0c:0e:99:48:ca:07:6c:0e:
be:fa:2c:36:70:63:b1:17:a4:97:58:5b:6d:4f:d4:
47:99:1f:ae:c7:e7:e3:6b:ee:58:72:50:9b:4b:33:
ac:17:4c:63:85:9a:40:a0:eb:2e:8d:f9:76:84:9d:
92:dd:3f:c1:b9:de:3d:27:ea:a1:7c:e8:77:e4:d6:
be:d2:8f:22:6b:21:7e:0a:59:e6:7b:9d:b4:e0:ba:
77:d8:59:92:fc:a8:e3:ae:df:7c:56:cd:f7:5e:d9:
5b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BD:F9:60:E9:F0:AA:03:C9:B3:85:2D:7A:5D:13:43:4B:E1:A4:50
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/fb35YOnwqgPJs4Utel0TQ0vhpFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.151.0/24
185.212.194.0/24
185.221.193.0/24
195.8.102.0/24
195.230.107.0/24
IPv6:
2a04:acc0:10::/44
Signature Algorithm: sha256WithRSAEncryption
ac:fa:ec:0e:13:c9:59:2e:3b:0b:f4:be:2b:e9:22:40:5a:2c:
9b:b1:2b:ab:08:aa:79:be:c1:bf:90:f1:28:44:3f:12:1c:b5:
af:eb:8a:64:a2:2d:6f:97:94:ae:24:84:77:20:1f:fa:e3:26:
be:8d:8a:4e:ff:1e:3a:b5:04:1e:f6:51:e4:8a:c8:4e:1a:2b:
6e:87:41:6d:e1:23:a9:c9:9f:04:9e:ad:13:c9:a5:b1:af:de:
75:66:f6:e0:d6:f0:49:46:1b:d7:b4:7b:38:37:de:d2:4c:ec:
47:6a:35:3a:e2:5f:cc:3e:1b:8f:be:cb:c9:0a:5e:d2:a1:87:
3b:7b:e2:1d:94:a9:c8:70:64:6f:94:f3:bf:1c:e5:07:01:53:
72:ce:cc:82:02:14:e1:f8:60:fb:bb:5c:7b:9a:ab:7d:51:d9:
cd:f8:49:28:db:9a:62:d4:56:e6:80:7e:bd:1a:d2:fe:aa:51:
f8:99:38:8a:a1:bd:89:a4:3c:80:54:1b:56:a8:21:cc:26:93:
23:3d:87:64:30:49:50:d3:4f:cd:a8:5c:02:73:37:cc:ca:63:
74:a3:b8:88:2a:24:fe:0e:54:95:d0:70:c9:8d:b3:17:38:ad:
5d:92:73:f2:d4:db:cd:3d:83:60:d6:a7:bc:1e:b1:d0:6d:13:
df:5c:50:e6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZOvO6kUsLCHzakKZvfFuADwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjQxMjEwMDYyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJkZjk2MGU5ZjBhYTAzYzliMzg1MmQ3YTVkMTM0MzRiZTFhNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR6XeeTrGymgDLEvjOx546rT0uGY
wT/sYoqeTkPa1MM4zeAbsD3VTMPsZecc80K/0vMScOuO80cY9N0Ho7B6Ql5GVZE8
v00zFHwFj0CxBI/1eniWstK6QHxNtncyhrOczjZnzIdBIFnOPEwull1sCo7O1wJf
ijuMfKQzzPUqlUvG5x9ilO6Ny56bMSHdrEMHIdzj+5CDtOmWhA2EDA6ZSMoHbA6+
+iw2cGOxF6SXWFttT9RHmR+ux+fja+5YclCbSzOsF0xjhZpAoOsujfl2hJ2S3T/B
ud49J+qhfOh35Na+0o8iayF+Clnme5204Lp32FmS/Kjjrt98Vs33XtlbwQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFH29+WDp8KoDybOFLXpdE0NL4aRQMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvZmIzNVlPbndxZ1BKczRVdGVsMFRRMHZocEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW9WXAwQA
udTCAwQAud3BAwQAwwhmAwQAw+ZrMA8EAgACMAkDBwQqBKzAABAwDQYJKoZIhvcN
AQELBQADggEBAKz67A4TyVkuOwv0vivpIkBaLJuxK6sIqnm+wb+Q8ShEPxIcta/r
imSiLW+XlK4khHcgH/rjJr6Nik7/Hjq1BB72UeSKyE4aK26HQW3hI6nJnwSerRPJ
pbGv3nVm9uDW8ElGG9e0ezg33tJM7EdqNTriX8w+G4++y8kKXtKhhzt74h2Uqchw
ZG+U878c5QcBU3LOzIICFOH4YPu7XHuaq31R2c34SSjbmmLUVuaAfr0a0v6qUfiZ
OIqhvYmkPIBUG1aoIcwmkyM9h2QwSVDTT82oXAJzN8zKY3SjuIgqJP4OVJXQcMmN
sxc4rV2Sc/LU2809g2DWp7wesdBtE99cUOY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:03:04 2025 by rpki-client