Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/4ONgH2o539BsUU7uCJnvt6oBP2A.roa
File: 4ONgH2o539BsUU7uCJnvt6oBP2A.roa (raw, json)
Hash identifier: glJWrfjM1tlXnLPMVRvzT+rMPFss8sGHWnVAJQXizR8=
Subject key identifier: E0:E3:60:1F:6A:39:DF:D0:6C:51:4E:EE:08:99:EF:B7:AA:01:3F:60
Certificate issuer: /CN=97f4674e8236bddc3d2327a02b0abfba79a5483c
Certificate serial: 01856ECB7F7B70DEEB67633259FF376536B6
Authority key identifier: 97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/4ONgH2o539BsUU7uCJnvt6oBP2A.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48618
IP address blocks: 91.209.29.0/24 maxlen: 24
185.55.176.0/22 maxlen: 22
2a04:d500::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7f:7b:70:de:eb:67:63:32:59:ff:37:65:36:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f4674e8236bddc3d2327a02b0abfba79a5483c
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0e3601f6a39dfd06c514eee0899efb7aa013f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:35:31:66:42:71:45:07:4f:da:0f:ba:66:c5:
8e:db:dc:f3:60:b8:59:6b:ac:52:89:ba:14:a3:09:
b8:a9:43:f9:24:54:89:04:82:0c:de:ce:d0:b1:91:
2d:06:65:1d:bc:ce:d0:42:fd:05:e2:6a:7d:3b:20:
57:b9:e9:6f:88:18:97:31:c7:84:12:b0:27:91:59:
90:f5:0d:5e:a3:03:5f:14:9e:97:d5:2f:ef:57:0a:
c7:a2:d2:27:fa:e2:a4:7b:de:01:06:e0:3d:eb:dd:
06:b0:c4:9a:e4:9b:09:e6:23:74:40:28:76:bf:b8:
d7:54:a0:03:d6:2f:97:35:b0:f2:da:fd:42:28:f2:
00:85:df:37:31:01:2c:48:af:19:f0:a1:52:fe:f3:
01:fe:d3:41:c4:8a:be:77:76:a5:88:fc:95:d0:91:
87:ed:82:bb:19:03:af:4f:65:6f:f4:4e:e0:1d:43:
6b:5a:e8:3d:5c:0a:51:6d:c2:81:b4:e6:b2:fc:13:
84:40:93:77:84:e2:83:1e:7f:07:18:5d:7f:d5:7b:
ea:be:9e:b1:61:76:b5:aa:9a:ea:6a:d9:62:08:1d:
26:9e:65:8f:42:9a:b5:04:67:99:67:22:b1:46:db:
a6:78:e8:f1:d9:29:ec:23:9c:f3:62:0a:e4:02:7c:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E3:60:1F:6A:39:DF:D0:6C:51:4E:EE:08:99:EF:B7:AA:01:3F:60
X509v3 Authority Key Identifier:
keyid:97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/4ONgH2o539BsUU7uCJnvt6oBP2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/l_RnToI2vdw9IyegKwq_unmlSDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.29.0/24
185.55.176.0/22
IPv6:
2a04:d500::/29
Signature Algorithm: sha256WithRSAEncryption
3b:c1:8f:dc:31:46:db:e0:e7:f7:28:54:76:81:a2:5d:2e:e5:
2e:da:cf:0f:75:47:f2:0b:ab:fb:0e:da:3c:a2:47:19:2a:04:
c5:8f:1e:a1:83:2b:70:b6:96:d2:1c:ab:d9:6b:d5:61:f2:42:
9e:c8:56:89:cb:72:aa:9c:86:03:70:8b:88:3f:34:32:b6:06:
2b:1a:4e:e4:3a:49:ca:04:90:c6:49:9b:7d:64:42:50:16:23:
2f:4a:d0:6a:a0:c3:c2:7e:cb:c7:a6:0d:69:e4:48:fd:c2:f3:
d6:b7:fd:0f:0d:44:33:22:ba:5c:55:93:aa:ea:62:98:28:1f:
fc:94:60:6e:ff:18:15:11:ab:b4:55:b9:bf:ed:11:08:f4:0e:
61:6b:8e:e5:0e:58:ff:d4:47:81:45:5d:ec:d3:cd:b2:2c:6c:
69:53:fe:23:78:79:d8:d4:71:00:ef:ea:45:ce:9e:80:d7:9a:
3f:92:a3:7c:e0:5c:58:0c:cf:34:c2:07:26:42:f0:af:8f:c1:
c9:3a:37:cc:77:7d:30:44:9a:79:62:98:4a:8d:36:db:e8:82:
c4:de:58:5b:47:1c:dc:41:4f:29:ed:10:e6:f3:f5:84:9d:f3:
bf:fb:6f:1e:bf:85:3b:ae:58:4c:ab:da:b5:55:35:72:24:fc:
39:2a:30:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuy397cN7rZ2MyWf83ZTa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjQ2NzRlODIzNmJkZGMzZDIzMjdhMDJiMGFiZmJhNzlh
NTQ4M2MwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGUzNjAxZjZhMzlkZmQwNmM1MTRlZWUwODk5ZWZiN2FhMDEzZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DUxZkJxRQdP2g+6ZsWO29zzYLhZ
a6xSiboUowm4qUP5JFSJBIIM3s7QsZEtBmUdvM7QQv0F4mp9OyBXuelviBiXMceE
ErAnkVmQ9Q1eowNfFJ6X1S/vVwrHotIn+uKke94BBuA9690GsMSa5JsJ5iN0QCh2
v7jXVKAD1i+XNbDy2v1CKPIAhd83MQEsSK8Z8KFS/vMB/tNBxIq+d3aliPyV0JGH
7YK7GQOvT2Vv9E7gHUNrWug9XApRbcKBtOay/BOEQJN3hOKDHn8HGF1/1Xvqvp6x
YXa1qprqatliCB0mnmWPQpq1BGeZZyKxRtumeOjx2SnsI5zzYgrkAnz7kwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFODjYB9qOd/QbFFO7giZ77eqAT9gMB8GA1UdIwQY
MBaAFJf0Z06CNr3cPSMnoCsKv7p5pUg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUt
YWYyZWM1ZDhkYzNjLzEvNE9OZ0gybzUzOUJzVVU3dUNKbnZ0Nm9CUDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUtYWYyZWM1ZDhkYzNj
LzEvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9EdAwQC
uTewMA0EAgACMAcDBQMqBNUAMA0GCSqGSIb3DQEBCwUAA4IBAQA7wY/cMUbb4Of3
KFR2gaJdLuUu2s8PdUfyC6v7Dto8okcZKgTFjx6hgytwtpbSHKvZa9Vh8kKeyFaJ
y3KqnIYDcIuIPzQytgYrGk7kOknKBJDGSZt9ZEJQFiMvStBqoMPCfsvHpg1p5Ej9
wvPWt/0PDUQzIrpcVZOq6mKYKB/8lGBu/xgVEau0Vbm/7REI9A5ha47lDlj/1EeB
RV3s082yLGxpU/4jeHnY1HEA7+pFzp6A15o/kqN84FxYDM80wgcmQvCvj8HJOjfM
d30wRJp5YphKjTbb6ILE3lhbRxzcQU8p7RDm8/WEnfO/+28ev4U7rlhMq9q1VTVy
JPw5KjD8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org