Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/d3L3QY9ZcIq_mA7jkeF_XjAauIc.roa
File: d3L3QY9ZcIq_mA7jkeF_XjAauIc.roa (raw, json)
Hash identifier: fdmLdKeifbnGYDbiaQDjT1Ln47yQjkRAV71kRapPm1M=
Subject key identifier: 77:72:F7:41:8F:59:70:8A:BF:98:0E:E3:91:E1:7F:5E:30:1A:B8:87
Certificate issuer: /CN=af758e88feaf8d67059dc8787a2e5f31a06ac1e9
Certificate serial: 018CC2DB2AB4026A639DE1BA496D15CA9211
Authority key identifier: AF:75:8E:88:FE:AF:8D:67:05:9D:C8:78:7A:2E:5F:31:A0:6A:C1:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3WOiP6vjWcFnch4ei5fMaBqwek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/d3L3QY9ZcIq_mA7jkeF_XjAauIc.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35413
IP address blocks: 91.195.181.0/24 maxlen: 24
91.195.180.0/24 maxlen: 24
193.239.253.0/24 maxlen: 24
193.239.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2a:b4:02:6a:63:9d:e1:ba:49:6d:15:ca:92:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af758e88feaf8d67059dc8787a2e5f31a06ac1e9
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7772f7418f59708abf980ee391e17f5e301ab887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:18:16:5d:70:b4:14:9e:b8:23:be:cd:bd:3b:
6d:9c:93:8b:27:55:3d:7a:70:7c:27:59:65:b4:70:
65:e5:9d:fd:be:9e:d8:45:b9:ca:e0:82:40:eb:74:
90:01:0e:ff:b7:5b:91:ef:f1:37:13:f1:af:c8:4e:
9d:43:b3:12:82:52:f1:30:31:fc:7c:46:0a:b9:06:
7f:d4:e5:99:de:cd:9d:74:bf:65:03:40:43:d4:b4:
cd:2c:8c:b1:44:7a:5b:60:10:6e:fc:15:dc:58:a0:
3c:80:7e:17:9b:38:1c:d0:a2:e5:cd:36:aa:ed:a3:
b0:fa:4d:9e:11:68:29:e4:ee:9a:ad:3a:a7:7e:c5:
a0:e3:80:95:6d:1f:37:41:88:2c:ca:b9:02:1e:ed:
40:ed:97:49:ea:f9:b4:03:80:94:c6:60:ff:a7:88:
0a:3a:ab:5f:f2:13:46:29:e8:6c:94:c2:06:bd:7c:
f4:d7:e1:b2:62:4a:d9:2a:88:2a:b8:81:d6:d1:69:
36:90:33:06:43:aa:a4:be:5e:36:75:8d:93:4f:0e:
f7:45:49:e6:f9:9f:3d:b8:5f:fb:c1:30:88:d8:17:
99:10:2d:48:32:8f:da:96:c9:05:21:90:11:cd:0d:
7c:c8:a7:b7:e2:75:05:bb:01:b9:81:53:f2:2e:53:
32:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:72:F7:41:8F:59:70:8A:BF:98:0E:E3:91:E1:7F:5E:30:1A:B8:87
X509v3 Authority Key Identifier:
keyid:AF:75:8E:88:FE:AF:8D:67:05:9D:C8:78:7A:2E:5F:31:A0:6A:C1:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3WOiP6vjWcFnch4ei5fMaBqwek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/d3L3QY9ZcIq_mA7jkeF_XjAauIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/558c39-7510-4b63-aa57-1e2230df0746/1/r3WOiP6vjWcFnch4ei5fMaBqwek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.180.0/23
193.239.252.0/23
Signature Algorithm: sha256WithRSAEncryption
47:3d:da:98:93:a7:40:e5:6f:f2:d8:b1:a4:57:e6:59:8c:aa:
ea:a9:ea:f5:70:79:60:89:ee:25:77:ab:3c:ee:e8:2e:2e:76:
99:eb:7d:4a:49:96:61:a4:bf:fd:81:49:4f:88:c1:de:7f:43:
3e:be:a4:49:af:c0:33:da:af:da:ca:43:99:49:ed:2e:3c:15:
52:72:26:e3:9f:49:dc:b9:e8:c7:49:73:0e:ee:2a:56:7f:ff:
59:ba:ea:a2:3d:51:c9:1e:f5:73:27:b2:ff:97:2b:ad:e1:b5:
28:90:88:02:70:8a:1d:eb:eb:96:2e:7e:b3:01:70:8a:88:ca:
68:2d:68:41:db:5c:fd:4a:12:a4:e2:a6:72:ce:6c:ab:60:39:
0f:86:d9:87:4e:2c:8f:a4:1e:9d:9d:f7:4e:18:cf:b6:83:cf:
ad:43:77:a7:9c:99:a0:2f:9e:2a:16:c7:ce:28:27:70:6e:19:
e1:5c:3c:fc:0a:c9:b6:d0:8b:27:5c:46:e8:48:36:cb:d5:d3:
b3:70:3e:e6:5c:c5:ea:27:34:4b:f2:47:21:0a:c4:45:7c:f9:
3f:7d:76:5f:1b:75:78:d5:44:12:55:f8:aa:e8:98:f2:1b:76:
35:12:e7:08:17:bc:fa:de:a6:0e:0a:06:00:39:c4:b2:b0:21:
7d:b1:d8:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2yq0AmpjneG6SW0VypIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzU4ZTg4ZmVhZjhkNjcwNTlkYzg3ODdhMmU1ZjMxYTA2
YWMxZTkwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzcyZjc0MThmNTk3MDhhYmY5ODBlZTM5MWUxN2Y1ZTMwMWFiODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhgWXXC0FJ64I77NvTttnJOLJ1U9
enB8J1lltHBl5Z39vp7YRbnK4IJA63SQAQ7/t1uR7/E3E/GvyE6dQ7MSglLxMDH8
fEYKuQZ/1OWZ3s2ddL9lA0BD1LTNLIyxRHpbYBBu/BXcWKA8gH4Xmzgc0KLlzTaq
7aOw+k2eEWgp5O6arTqnfsWg44CVbR83QYgsyrkCHu1A7ZdJ6vm0A4CUxmD/p4gK
Oqtf8hNGKehslMIGvXz01+GyYkrZKogquIHW0Wk2kDMGQ6qkvl42dY2TTw73RUnm
+Z89uF/7wTCI2BeZEC1IMo/alskFIZARzQ18yKe34nUFuwG5gVPyLlMyCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdy90GPWXCKv5gO45Hhf14wGriHMB8GA1UdIwQY
MBaAFK91joj+r41nBZ3IeHouXzGgasHpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNXT2lQNnZqV2NGbmNoNGVpNWZNYUJxd2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81NThjMzktNzUxMC00YjYzLWFhNTct
MWUyMjMwZGYwNzQ2LzEvZDNMM1FZOVpjSXFfbUE3amtlRl9YakFhdUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81NThjMzktNzUxMC00YjYzLWFhNTctMWUyMjMwZGYwNzQ2
LzEvcjNXT2lQNnZqV2NGbmNoNGVpNWZNYUJxd2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8O0AwQB
we/8MA0GCSqGSIb3DQEBCwUAA4IBAQBHPdqYk6dA5W/y2LGkV+ZZjKrqqer1cHlg
ie4ld6s87uguLnaZ631KSZZhpL/9gUlPiMHef0M+vqRJr8Az2q/aykOZSe0uPBVS
cibjn0ncuejHSXMO7ipWf/9ZuuqiPVHJHvVzJ7L/lyut4bUokIgCcIod6+uWLn6z
AXCKiMpoLWhB21z9ShKk4qZyzmyrYDkPhtmHTiyPpB6dnfdOGM+2g8+tQ3ennJmg
L54qFsfOKCdwbhnhXDz8Csm20IsnXEboSDbL1dOzcD7mXMXqJzRL8kchCsRFfPk/
fXZfG3V41UQSVfiq6JjyG3Y1EucIF7z63qYOCgYAOcSysCF9sdjE
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:50:06 2025 by rpki-client