Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/mFNsBilLyxXqvtnffKG4VhkvL10.roa
File: mFNsBilLyxXqvtnffKG4VhkvL10.roa (raw, json)
Hash identifier: ymdm7W1zjg231T9fsqVN2GS6oXrYzrvrolw+EB4niCs=
Subject key identifier: 98:53:6C:06:29:4B:CB:15:EA:BE:D9:DF:7C:A1:B8:56:19:2F:2F:5D
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 019174E445AE68E801B77177B5F4D9F72BCF
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/mFNsBilLyxXqvtnffKG4VhkvL10.roa
Signing time: Wed 21 Aug 2024 12:23:22 +0000
ROA not before: Wed 21 Aug 2024 12:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210756
IP address blocks: 91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 23
185.109.28.0/24 maxlen: 24
185.109.29.0/24 maxlen: 24
185.109.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:e4:45:ae:68:e8:01:b7:71:77:b5:f4:d9:f7:2b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: Aug 21 12:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98536c06294bcb15eabed9df7ca1b856192f2f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:47:57:62:c2:05:a0:85:0e:fd:8d:dd:c1:30:
1c:45:88:da:35:df:4b:79:6d:9e:c5:4c:ee:5d:c8:
c5:b2:54:6b:95:b9:cb:af:21:ff:6a:f3:9b:9c:d5:
7e:f6:cf:20:68:b0:08:e9:45:2a:25:35:d6:c3:81:
05:82:b4:c9:46:7b:f0:41:1b:cc:a0:79:aa:8d:ba:
16:8d:1c:69:e7:ed:78:b8:05:f3:33:1e:94:d5:97:
55:77:14:02:38:37:5a:78:48:df:13:0b:d3:30:16:
a1:f0:3f:49:71:ed:f0:b2:3c:09:2d:47:1b:2a:5d:
d4:69:d5:92:8e:95:5c:38:22:d2:93:22:01:9d:6b:
12:52:86:d7:ed:b9:98:5d:89:fd:9b:88:4e:cc:00:
41:61:a5:86:2a:38:ea:90:c3:34:cf:74:f9:d5:f8:
9f:1f:ef:8b:a9:a2:b6:ed:cb:de:47:7b:aa:df:23:
e7:8d:80:a5:03:6a:a1:b8:09:92:73:a5:21:5b:63:
40:16:fd:4d:80:31:b5:3c:67:a4:08:c7:96:c9:23:
0c:88:dd:4c:2b:91:34:6f:dc:2f:39:c9:31:39:cc:
5c:62:aa:1d:38:b7:58:ef:5d:6a:5c:fb:90:54:51:
39:72:93:9a:1d:f6:87:ef:33:a8:f9:9f:35:f8:d9:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:53:6C:06:29:4B:CB:15:EA:BE:D9:DF:7C:A1:B8:56:19:2F:2F:5D
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/mFNsBilLyxXqvtnffKG4VhkvL10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.245.0-91.202.247.255
185.109.28.0-185.109.30.255
Signature Algorithm: sha256WithRSAEncryption
0a:2c:01:3b:11:e4:db:35:cf:69:79:48:cd:7a:0b:00:74:ce:
7b:24:a5:ce:86:52:a1:9a:12:07:4e:d6:53:74:46:11:56:78:
5b:24:fc:1c:6c:2c:1f:1a:dd:05:92:ea:52:6b:a4:4c:6a:17:
ff:6a:87:c3:71:1f:55:9a:f8:83:d6:92:76:c1:26:75:2f:41:
67:63:c6:a4:34:8b:fa:72:8b:13:7a:5b:aa:85:d4:2c:b9:dc:
02:16:88:d1:27:88:8e:36:dc:0f:30:9d:80:82:f6:5b:65:e9:
37:0b:e2:59:9d:b0:4d:27:7c:9e:fe:28:a1:51:74:65:23:03:
f4:a1:2a:39:8c:c3:e7:a7:a5:21:53:7a:2a:80:0e:d3:e9:ce:
d4:aa:62:3e:88:0c:69:23:13:0b:eb:58:2e:51:d4:5f:75:a3:
24:e3:45:29:d3:72:a6:82:4a:53:0b:2f:9e:62:57:b6:49:fb:
db:37:3c:4f:ed:03:20:f6:65:c6:53:bd:d7:1f:0d:81:be:ec:
da:34:44:31:e7:c0:b6:79:f3:2a:26:c2:0a:4b:fa:aa:de:14:
18:26:73:aa:c4:b4:0d:b5:cc:17:dc:6a:a8:56:a9:89:17:7f:
0c:ce:8e:f2:0f:dc:62:1e:b6:e8:aa:7e:42:0c:48:dc:02:38:
19:db:ce:d3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZF05EWuaOgBt3F3tfTZ9yvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjQwODIxMTIyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUzNmMwNjI5NGJjYjE1ZWFiZWQ5ZGY3Y2ExYjg1NjE5MmYyZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEdXYsIFoIUO/Y3dwTAcRYjaNd9L
eW2exUzuXcjFslRrlbnLryH/avObnNV+9s8gaLAI6UUqJTXWw4EFgrTJRnvwQRvM
oHmqjboWjRxp5+14uAXzMx6U1ZdVdxQCODdaeEjfEwvTMBah8D9Jce3wsjwJLUcb
Kl3UadWSjpVcOCLSkyIBnWsSUobX7bmYXYn9m4hOzABBYaWGKjjqkMM0z3T51fif
H++LqaK27cveR3uq3yPnjYClA2qhuAmSc6UhW2NAFv1NgDG1PGekCMeWySMMiN1M
K5E0b9wvOckxOcxcYqodOLdY711qXPuQVFE5cpOaHfaH7zOo+Z81+NksxwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJhTbAYpS8sV6r7Z33yhuFYZLy9dMB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvbUZOc0JpbEx5eFhxdnRuZmZLRzRWaGt2TDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABbyvUD
BANbyvAwDAMEArltHAMEALltHjANBgkqhkiG9w0BAQsFAAOCAQEACiwBOxHk2zXP
aXlIzXoLAHTOeySlzoZSoZoSB07WU3RGEVZ4WyT8HGwsHxrdBZLqUmukTGoX/2qH
w3EfVZr4g9aSdsEmdS9BZ2PGpDSL+nKLE3pbqoXULLncAhaI0SeIjjbcDzCdgIL2
W2XpNwviWZ2wTSd8nv4ooVF0ZSMD9KEqOYzD56elIVN6KoAO0+nO1KpiPogMaSMT
C+tYLlHUX3WjJONFKdNypoJKUwsvnmJXtkn72zc8T+0DIPZlxlO91x8Ngb7s2jRE
MefAtnnzKibCCkv6qt4UGCZzqsS0DbXMF9xqqFapiRd/DM6O8g/cYh626Kp+QgxI
3AI4GdvO0w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:41 2025 by rpki-client