Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/eb9614-8bfb-4bf1-a20b-2a3d0dc5dcc9/1/Pe7fvGCtZLz3jHdscb4bxXbHcRM.roa
File: Pe7fvGCtZLz3jHdscb4bxXbHcRM.roa (raw, json)
Hash identifier: 17qK11TiZNQxOVTPha+aQnJXjRsNryyEpL1C5wHWSGs=
Subject key identifier: 3D:EE:DF:BC:60:AD:64:BC:F7:8C:77:6C:71:BE:1B:C5:76:C7:71:13
Certificate issuer: /CN=a72c20e7fe310a983b9a2371f942daf44be610b3
Certificate serial: 019224D6C8FCC5FB3A921E54D26FD9D83AFC
Authority key identifier: A7:2C:20:E7:FE:31:0A:98:3B:9A:23:71:F9:42:DA:F4:4B:E6:10:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pywg5_4xCpg7miNx-ULa9EvmELM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/eb9614-8bfb-4bf1-a20b-2a3d0dc5dcc9/1/Pe7fvGCtZLz3jHdscb4bxXbHcRM.roa
Signing time: Tue 24 Sep 2024 16:21:48 +0000
ROA not before: Tue 24 Sep 2024 16:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401348
IP address blocks: 141.8.224.0/24 maxlen: 24
141.8.225.0/24 maxlen: 24
141.8.226.0/24 maxlen: 24
141.8.227.0/24 maxlen: 24
141.8.228.0/24 maxlen: 24
141.8.229.0/24 maxlen: 24
141.8.230.0/24 maxlen: 24
141.8.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:d6:c8:fc:c5:fb:3a:92:1e:54:d2:6f:d9:d8:3a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72c20e7fe310a983b9a2371f942daf44be610b3
Validity
Not Before: Sep 24 16:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3deedfbc60ad64bcf78c776c71be1bc576c77113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:83:54:42:b1:09:97:80:b0:b3:69:e6:36:
c0:dc:c4:13:8a:56:95:71:92:ff:ea:48:79:36:9e:
08:72:ce:c9:b6:38:7f:30:87:ba:bd:40:70:e3:63:
c3:0c:ab:c2:76:9d:d5:19:93:07:f9:99:e5:3b:ff:
61:93:7e:c7:a9:d0:bb:aa:4a:bf:ff:41:6b:69:a7:
87:c9:6b:60:96:0d:13:79:d2:ca:c4:e3:52:e7:6c:
04:e2:fb:c2:a9:f4:e7:5b:5b:f3:6f:44:06:34:24:
f6:ca:27:2b:b6:a6:77:ca:d2:fe:be:59:0e:59:06:
37:e9:f9:94:b5:37:72:8a:d7:6b:35:fa:ea:bb:9e:
21:a8:3b:01:72:b7:ea:24:51:30:fb:6b:fd:fd:4f:
a1:e6:1d:10:7e:a4:a2:ef:b5:04:26:0f:fd:dd:aa:
0c:e8:72:96:ce:20:fc:fd:e0:db:66:1a:9b:66:58:
58:ff:2d:bf:e5:12:a4:4f:c3:f2:3d:95:2e:f5:17:
b7:50:b3:74:9b:ee:06:9c:77:00:b0:e5:2f:99:2b:
d3:28:92:93:4f:1d:45:2b:ff:2a:d3:3b:b1:2a:a9:
0a:82:b3:45:3c:c7:15:41:98:d1:19:a6:62:aa:2a:
34:05:2d:ab:a1:83:c0:64:71:02:f6:6d:e4:9c:7b:
96:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EE:DF:BC:60:AD:64:BC:F7:8C:77:6C:71:BE:1B:C5:76:C7:71:13
X509v3 Authority Key Identifier:
keyid:A7:2C:20:E7:FE:31:0A:98:3B:9A:23:71:F9:42:DA:F4:4B:E6:10:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pywg5_4xCpg7miNx-ULa9EvmELM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/eb9614-8bfb-4bf1-a20b-2a3d0dc5dcc9/1/Pe7fvGCtZLz3jHdscb4bxXbHcRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/eb9614-8bfb-4bf1-a20b-2a3d0dc5dcc9/1/pywg5_4xCpg7miNx-ULa9EvmELM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.8.224.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:37:48:32:a1:bc:e8:1f:80:3a:b8:fa:b7:55:1e:33:18:38:
00:5c:8e:43:74:6d:e6:1e:fd:f5:bc:74:8b:16:d7:cf:29:17:
0e:c5:07:a3:d0:cf:3d:15:77:f5:65:d8:1d:b3:0e:b0:89:e9:
45:62:4c:76:d9:97:18:14:d3:ca:e1:83:ce:81:71:9d:39:27:
f8:0f:93:6e:4c:aa:6a:7f:98:a3:29:07:2b:02:8d:5f:c5:3a:
9a:12:be:f7:b7:3f:35:12:31:ac:84:d3:5f:43:8d:39:d6:70:
05:09:28:6a:54:7e:c9:e9:13:aa:e9:9f:4d:2c:a9:cc:52:cb:
29:a1:b1:f9:87:c3:a6:03:c0:66:86:10:9c:b4:c5:64:98:da:
2f:da:2d:07:ce:5a:21:30:2d:d2:b6:2a:26:92:3f:f9:17:cd:
4d:c9:b3:b6:41:f8:8f:07:e8:27:8f:18:67:ec:f7:34:53:7b:
ce:e0:a7:c8:92:47:15:b7:c7:40:36:ea:9e:c8:45:31:ac:c1:
59:0e:0d:7a:27:63:5f:1c:4c:df:81:52:f0:31:bb:e8:bb:6b:
f6:3e:5b:0e:c4:8c:03:fa:81:42:77:de:96:0b:7f:62:cc:89:
c2:6a:03:7d:aa:2b:1a:03:93:48:cd:4e:d9:db:64:8f:1b:ee:
58:8e:0c:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIk1sj8xfs6kh5U0m/Z2Dr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MmMyMGU3ZmUzMTBhOTgzYjlhMjM3MWY5NDJkYWY0NGJl
NjEwYjMwHhcNMjQwOTI0MTYyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVlZGZiYzYwYWQ2NGJjZjc4Yzc3NmM3MWJlMWJjNTc2Yzc3MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OiDVEKxCZeAsLNp5jbA3MQTilaV
cZL/6kh5Np4Ics7Jtjh/MIe6vUBw42PDDKvCdp3VGZMH+ZnlO/9hk37HqdC7qkq/
/0FraaeHyWtglg0TedLKxONS52wE4vvCqfTnW1vzb0QGNCT2yicrtqZ3ytL+vlkO
WQY36fmUtTdyitdrNfrqu54hqDsBcrfqJFEw+2v9/U+h5h0QfqSi77UEJg/93aoM
6HKWziD8/eDbZhqbZlhY/y2/5RKkT8PyPZUu9Re3ULN0m+4GnHcAsOUvmSvTKJKT
Tx1FK/8q0zuxKqkKgrNFPMcVQZjRGaZiqio0BS2roYPAZHEC9m3knHuWFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3u37xgrWS894x3bHG+G8V2x3ETMB8GA1UdIwQY
MBaAFKcsIOf+MQqYO5ojcflC2vRL5hCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHl3ZzVfNHhDcGc3bWlOeC1VTGE5RXZtRUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9lYjk2MTQtOGJmYi00YmYxLWEyMGIt
MmEzZDBkYzVkY2M5LzEvUGU3ZnZHQ3RaTHozakhkc2NiNGJ4WGJIY1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9lYjk2MTQtOGJmYi00YmYxLWEyMGItMmEzZDBkYzVkY2M5
LzEvcHl3ZzVfNHhDcGc3bWlOeC1VTGE5RXZtRUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjQjgMA0G
CSqGSIb3DQEBCwUAA4IBAQAeN0gyobzoH4A6uPq3VR4zGDgAXI5DdG3mHv31vHSL
FtfPKRcOxQej0M89FXf1Zdgdsw6wielFYkx22ZcYFNPK4YPOgXGdOSf4D5NuTKpq
f5ijKQcrAo1fxTqaEr73tz81EjGshNNfQ4051nAFCShqVH7J6ROq6Z9NLKnMUssp
obH5h8OmA8BmhhCctMVkmNov2i0HzlohMC3Stiomkj/5F81NybO2QfiPB+gnjxhn
7Pc0U3vO4KfIkkcVt8dANuqeyEUxrMFZDg16J2NfHEzfgVLwMbvou2v2PlsOxIwD
+oFCd96WC39izInCagN9qisaA5NIzU7Z22SPG+5Yjgx+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:47 2025 by rpki-client