Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/rCvOgUeQT3eUYmZNUanb58VFeLs.roa
File: rCvOgUeQT3eUYmZNUanb58VFeLs.roa (raw, json)
Hash identifier: SiYlKTsF99FZJ4AmQOH5/uOFlUqf76GjE46qecv4Nzs=
Subject key identifier: AC:2B:CE:81:47:90:4F:77:94:62:66:4D:51:A9:DB:E7:C5:45:78:BB
Certificate issuer: /CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Certificate serial: 0192ABBDD228CA5545A769EF57CC62F6428B
Authority key identifier: 54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/rCvOgUeQT3eUYmZNUanb58VFeLs.roa
Signing time: Sun 20 Oct 2024 21:03:16 +0000
ROA not before: Sun 20 Oct 2024 21:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49420
IP address blocks: 91.212.242.0/24 maxlen: 24
91.231.221.0/24 maxlen: 24
185.42.185.0/24 maxlen: 24
2001:67c:24c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ab:bd:d2:28:ca:55:45:a7:69:ef:57:cc:62:f6:42:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54584a219f6f5066d848ed2ab964da8966d40a2a
Validity
Not Before: Oct 20 21:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac2bce8147904f779462664d51a9dbe7c54578bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:2e:32:46:8a:1c:33:30:c4:f2:1d:4a:99:
36:90:4f:58:69:64:8e:20:44:cc:bf:0c:ec:c0:9d:
55:38:25:92:d1:e7:bc:d6:c2:e3:10:1f:3e:0e:46:
b4:0a:a4:e3:dd:27:b6:8e:af:42:5b:cc:f0:96:64:
14:31:e9:92:66:dc:f6:1c:50:cd:88:ed:f2:82:1b:
67:d8:b2:5e:85:30:9b:06:ee:f4:73:65:24:21:e2:
c1:95:30:af:05:ea:47:5d:98:69:e5:9e:71:f1:e5:
17:83:ba:2f:3d:8a:25:10:d5:93:8e:64:16:68:c8:
05:74:f8:a0:43:6e:8c:2d:e3:97:b2:6d:a4:31:ab:
0c:dc:69:4c:4d:a9:ca:a0:b5:ee:96:55:b5:3c:19:
94:34:08:fe:c9:16:da:59:a2:f2:ab:a3:72:38:86:
fb:fb:20:66:c6:cf:30:e9:2f:07:82:bf:3b:90:71:
81:d6:fc:4a:55:89:a2:02:07:15:48:16:24:83:c7:
e2:90:cf:49:c2:b6:5d:35:dd:c0:df:61:b3:86:f1:
74:d1:c2:c2:83:eb:d2:ad:32:44:eb:48:85:45:36:
b1:7b:46:78:e6:93:fe:0a:5f:a2:e8:b5:70:10:a3:
35:a4:77:05:63:4c:88:93:42:9c:fe:39:c3:35:32:
24:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:2B:CE:81:47:90:4F:77:94:62:66:4D:51:A9:DB:E7:C5:45:78:BB
X509v3 Authority Key Identifier:
keyid:54:58:4A:21:9F:6F:50:66:D8:48:ED:2A:B9:64:DA:89:66:D4:0A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VFhKIZ9vUGbYSO0quWTaiWbUCio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/rCvOgUeQT3eUYmZNUanb58VFeLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/dd3dd1-09b5-4aa2-aec0-9fb1ce4d720b/1/VFhKIZ9vUGbYSO0quWTaiWbUCio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.242.0/24
91.231.221.0/24
185.42.185.0/24
IPv6:
2001:67c:24c::/48
Signature Algorithm: sha256WithRSAEncryption
5d:30:1e:a0:d3:96:82:05:8d:95:87:ae:3e:17:53:a2:46:f6:
85:3b:f5:56:8d:39:2a:34:86:c1:db:af:3b:69:6f:b8:a0:c5:
4d:dc:cd:f0:62:61:e6:01:69:fc:7d:2d:1c:68:f8:80:12:b9:
80:40:4b:24:af:6a:4b:bf:e9:61:2d:d1:bb:2d:46:25:7e:12:
e5:c4:8f:66:7a:d1:16:48:3c:7f:39:6c:30:d0:ae:43:bb:6d:
95:bd:f7:8b:4c:aa:5c:70:a6:2b:63:b4:3a:e0:58:d3:f1:6a:
2d:69:9f:30:5e:cc:38:5e:a7:a0:ae:5c:a0:3e:4b:ee:21:5f:
6c:42:be:5e:1a:b1:e0:c3:fe:05:8d:d0:85:f5:21:5c:c5:63:
2a:91:4f:e4:0e:3e:36:51:a9:b5:7e:8a:17:5d:f3:0a:92:c5:
cb:1d:e5:a4:a6:55:b0:60:ec:5b:3c:dc:99:6e:aa:b0:e2:73:
66:15:76:1b:8d:5e:2b:39:e6:4a:d1:ae:a2:d0:ba:4b:48:53:
04:47:47:60:73:1b:32:22:56:c0:90:d4:f3:1c:79:2a:fe:96:
2b:3c:17:55:a3:e4:fb:01:d6:6f:28:8b:da:ee:65:a9:a4:07:
56:e5:5c:a5:12:ee:04:b6:79:72:6a:30:93:94:db:75:c6:86:
1f:ac:5c:77
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZKrvdIoylVFp2nvV8xi9kKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NTg0YTIxOWY2ZjUwNjZkODQ4ZWQyYWI5NjRkYTg5NjZk
NDBhMmEwHhcNMjQxMDIwMjEwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzJiY2U4MTQ3OTA0Zjc3OTQ2MjY2NGQ1MWE5ZGJlN2M1NDU3OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKIuMkaKHDMwxPIdSpk2kE9YaWSO
IETMvwzswJ1VOCWS0ee81sLjEB8+Dka0CqTj3Se2jq9CW8zwlmQUMemSZtz2HFDN
iO3yghtn2LJehTCbBu70c2UkIeLBlTCvBepHXZhp5Z5x8eUXg7ovPYolENWTjmQW
aMgFdPigQ26MLeOXsm2kMasM3GlMTanKoLXullW1PBmUNAj+yRbaWaLyq6NyOIb7
+yBmxs8w6S8Hgr87kHGB1vxKVYmiAgcVSBYkg8fikM9JwrZdNd3A32GzhvF00cLC
g+vSrTJE60iFRTaxe0Z45pP+Cl+i6LVwEKM1pHcFY0yIk0Kc/jnDNTIkmwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKwrzoFHkE93lGJmTVGp2+fFRXi7MB8GA1UdIwQY
MBaAFFRYSiGfb1Bm2EjtKrlk2olm1AoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAt
OWZiMWNlNGQ3MjBiLzEvckN2T2dVZVFUM2VVWW1aTlVhbmI1OFZGZUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kZDNkZDEtMDliNS00YWEyLWFlYzAtOWZiMWNlNGQ3MjBi
LzEvVkZoS0laOXZVR2JZU08wcXVXVGFpV2JVQ2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW9TyAwQA
W+fdAwQAuSq5MA8EAgACMAkDBwAgAQZ8AkwwDQYJKoZIhvcNAQELBQADggEBAF0w
HqDTloIFjZWHrj4XU6JG9oU79VaNOSo0hsHbrztpb7igxU3czfBiYeYBafx9LRxo
+IASuYBASySvaku/6WEt0bstRiV+EuXEj2Z60RZIPH85bDDQrkO7bZW994tMqlxw
pitjtDrgWNPxai1pnzBezDhep6CuXKA+S+4hX2xCvl4aseDD/gWN0IX1IVzFYyqR
T+QOPjZRqbV+ihdd8wqSxcsd5aSmVbBg7Fs83JluqrDic2YVdhuNXis55krRrqLQ
uktIUwRHR2BzGzIiVsCQ1PMceSr+lis8F1Wj5PsB1m8oi9ruZamkB1blXKUS7gS2
eXJqMJOU23XGhh+sXHc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:22 2025 by rpki-client