Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/1-gtp3ZHi_hVrS5f6FlCZTDYVqT0.roa
File: 1-gtp3ZHi_hVrS5f6FlCZTDYVqT0.roa (raw, json)
Hash identifier: GQDDUh3HSr3rxG+dIeog85k5ikqfVkv812w29bXHuqA=
Subject key identifier: FA:0B:69:DD:91:E2:FE:15:6B:4B:97:FA:16:50:99:4C:36:15:A9:3D
Certificate issuer: /CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Certificate serial: 01927055EC153DE846DCF3B5F027ABF5BB45
Authority key identifier: 43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/1-gtp3ZHi_hVrS5f6FlCZTDYVqT0.roa
Signing time: Wed 09 Oct 2024 08:12:11 +0000
ROA not before: Wed 09 Oct 2024 08:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56441
IP address blocks: 91.197.241.0/24 maxlen: 24
91.224.118.0/24 maxlen: 24
91.224.119.0/24 maxlen: 24
91.231.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:55:ec:15:3d:e8:46:dc:f3:b5:f0:27:ab:f5:bb:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Validity
Not Before: Oct 9 08:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa0b69dd91e2fe156b4b97fa1650994c3615a93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:74:e6:70:3b:6d:09:ad:87:d3:0a:9b:59:
20:0f:19:5c:4a:86:9e:75:cd:4d:4d:b1:5b:9e:46:
94:b3:54:85:5d:32:56:9d:bb:41:33:a7:76:97:a0:
f8:73:0d:3e:b3:f5:3b:93:46:0a:21:f8:33:3e:57:
83:51:bd:55:a2:5c:f0:8c:b2:33:03:11:e3:51:f5:
65:4f:4b:31:42:ac:10:df:67:3d:9a:7d:00:b3:60:
5d:4e:7c:d5:b6:75:bc:dc:10:91:ea:45:32:d7:77:
2e:39:58:c2:c3:28:df:7f:99:78:a1:b3:a9:2a:6d:
6c:a6:fd:74:db:67:c5:5a:3a:d6:e9:c6:ca:04:5b:
cf:3d:fb:2d:89:fc:3f:38:50:56:4a:21:20:51:89:
d9:4b:25:8b:a0:c7:0f:c8:ca:3c:19:3c:22:51:78:
18:e5:d2:51:2c:2c:ed:9a:c8:c5:56:bd:ca:63:ec:
0e:bb:2b:b7:fb:3d:73:db:01:32:f0:22:4d:3c:4c:
e9:6d:48:bd:df:fc:b5:86:56:70:df:dc:de:fe:2c:
aa:cc:48:e2:51:b7:b6:f0:b4:b5:b6:c3:ea:d2:7e:
1d:25:7b:18:93:d6:7f:57:fb:08:96:dc:f7:6e:98:
15:36:bc:98:ca:fd:3c:8c:84:94:5a:1d:0d:55:25:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0B:69:DD:91:E2:FE:15:6B:4B:97:FA:16:50:99:4C:36:15:A9:3D
X509v3 Authority Key Identifier:
keyid:43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/1-gtp3ZHi_hVrS5f6FlCZTDYVqT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.241.0/24
91.224.118.0/23
91.231.125.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7c:10:c4:f3:a3:c4:54:99:84:8e:93:c9:9d:d4:3b:97:77:
8b:ed:77:26:39:ed:f5:88:d6:4d:3a:03:56:38:55:39:80:95:
5d:b5:67:79:ad:f4:5c:bb:d5:e4:40:e5:82:3b:3f:e4:fe:20:
ae:9c:f5:8c:39:a1:8b:a2:2d:f3:7f:da:8e:17:2a:c9:51:fe:
c8:f6:50:20:44:ac:e1:ca:df:d4:50:da:9e:a9:e6:58:f4:08:
75:75:a3:9b:86:36:ae:6c:09:5c:d8:04:08:80:cb:61:cd:26:
32:ef:93:7b:14:4a:89:7e:35:08:27:3d:21:61:a1:e2:1c:dd:
c8:5f:cd:a4:c5:eb:85:6f:42:60:27:b2:d0:e2:39:ce:1e:08:
ba:4f:4f:0a:9c:ca:b0:dc:a4:c1:b5:04:6a:39:30:c3:23:65:
eb:f6:be:bc:54:a3:97:f0:4c:ac:e7:43:30:90:c4:e7:4d:e3:
19:c6:27:d4:2f:d2:c6:46:3a:af:9d:46:c2:e2:a1:12:ee:aa:
9b:7e:8c:c3:0a:ef:5f:35:bb:f7:2b:1a:cf:ce:19:ef:41:9d:
f9:49:54:0d:e0:75:61:13:a5:e6:29:9c:b6:78:80:b6:7b:8a:
a5:ec:c3:a0:cb:bb:2c:94:b9:30:51:d1:7d:b3:4a:ae:a6:fa:
e4:27:13:e9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJwVewVPehG3PO18Cer9btFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjkyZWMyYjBlMzJjYjdiMmRiMTNlMzc2NTI5OGQ2ZDJl
NTg1Y2QwHhcNMjQxMDA5MDgxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBiNjlkZDkxZTJmZTE1NmI0Yjk3ZmExNjUwOTk0YzM2MTVhOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApth05nA7bQmth9MKm1kgDxlcSoae
dc1NTbFbnkaUs1SFXTJWnbtBM6d2l6D4cw0+s/U7k0YKIfgzPleDUb1VolzwjLIz
AxHjUfVlT0sxQqwQ32c9mn0As2BdTnzVtnW83BCR6kUy13cuOVjCwyjff5l4obOp
Km1spv1022fFWjrW6cbKBFvPPfstifw/OFBWSiEgUYnZSyWLoMcPyMo8GTwiUXgY
5dJRLCztmsjFVr3KY+wOuyu3+z1z2wEy8CJNPEzpbUi93/y1hlZw39ze/iyqzEji
Ube28LS1tsPq0n4dJXsYk9Z/V/sIltz3bpgVNryYyv08jISUWh0NVSUU2QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPoLad2R4v4Va0uX+hZQmUw2Fak9MB8GA1UdIwQY
MBaAFEO5LsKw4yy3stsT43ZSmNbS5YXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84OTI4NmYtMGU1OS00NjI2LWE2MTct
NjAyMTUxNTIyYTA5LzEvMS1ndHAzWkhpX2hWclM1ZjZGbENaVERZVnFUMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvODkyODZmLTBlNTktNDYyNi1hNjE3LTYwMjE1MTUyMmEw
OS8xL1E3a3V3ckRqTExleTJ4UGpkbEtZMXRMbGhjMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvF8QME
AVvgdgMEAFvnfTANBgkqhkiG9w0BAQsFAAOCAQEAQnwQxPOjxFSZhI6TyZ3UO5d3
i+13Jjnt9YjWTToDVjhVOYCVXbVnea30XLvV5EDlgjs/5P4grpz1jDmhi6It83/a
jhcqyVH+yPZQIESs4crf1FDanqnmWPQIdXWjm4Y2rmwJXNgECIDLYc0mMu+TexRK
iX41CCc9IWGh4hzdyF/NpMXrhW9CYCey0OI5zh4Iuk9PCpzKsNykwbUEajkwwyNl
6/a+vFSjl/BMrOdDMJDE503jGcYn1C/SxkY6r51GwuKhEu6qm36MwwrvXzW79ysa
z84Z70Gd+UlUDeB1YROl5imctniAtnuKpezDoMu7LJS5MFHRfbNKrqb65CcT6Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:54 2025 by rpki-client