Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/1-PtgngqMMdLgYLff1Jpi5aD25_c.roa
File: 1-PtgngqMMdLgYLff1Jpi5aD25_c.roa (raw, json)
Hash identifier: 471t3GUAlI1fqoWG9AqrW2EfOPPPwUwSOa74DZ/pp+o=
Subject key identifier: F8:FB:60:9E:0A:8C:31:D2:E0:60:B7:DF:D4:9A:62:E5:A0:F6:E7:F7
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 018CEE7D56202A4A7599667B4BC2D81A8369
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/1-PtgngqMMdLgYLff1Jpi5aD25_c.roa
Signing time: Tue 09 Jan 2024 13:50:40 +0000
ROA not before: Tue 09 Jan 2024 13:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58007
IP address blocks: 82.117.245.0/24 maxlen: 24
95.141.249.0/24 maxlen: 24
194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jan 2024 11:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:7d:56:20:2a:4a:75:99:66:7b:4b:c2:d8:1a:83:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: Jan 9 13:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8fb609e0a8c31d2e060b7dfd49a62e5a0f6e7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5b:5f:64:1d:67:c2:01:ea:4e:39:ce:15:07:
35:23:73:19:a8:8f:f9:d3:aa:b3:ce:c4:d1:f7:de:
55:67:f7:29:ea:c8:c9:b4:98:de:74:51:83:5a:20:
d8:97:2c:b3:f7:90:39:a9:f0:ad:22:a7:2e:91:b9:
51:ad:89:96:64:54:ec:cd:33:b8:fd:cf:82:08:46:
90:22:9e:1e:25:af:41:e1:14:3d:4a:cf:62:be:b3:
6a:d3:78:c1:48:05:41:a0:d2:44:32:47:0f:09:4f:
bd:c4:92:eb:ca:10:90:b3:ff:2b:da:c3:ae:e1:0f:
cf:19:98:82:cc:60:ee:4a:d9:cc:d1:09:1a:e8:38:
03:9c:d1:76:cc:27:e2:6b:a8:bf:48:93:76:cc:6d:
fd:38:95:d6:a9:c0:3f:05:38:94:fc:e7:2b:f2:6f:
78:a6:e1:b6:e2:16:6b:c4:0a:28:00:aa:f8:fa:7c:
09:e8:e7:13:d1:71:b8:12:34:8b:c2:30:1d:ce:aa:
78:65:9a:c2:2b:b6:c7:6e:05:5e:54:d3:5b:18:4c:
07:b2:74:81:6a:ba:30:56:cb:20:61:ea:c0:6c:93:
24:e7:9a:00:07:a0:ee:b1:f6:ac:67:5f:ae:b5:a5:
e8:81:74:4a:1c:6b:3b:aa:3a:19:4d:56:b9:55:3c:
c4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FB:60:9E:0A:8C:31:D2:E0:60:B7:DF:D4:9A:62:E5:A0:F6:E7:F7
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/1-PtgngqMMdLgYLff1Jpi5aD25_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.245.0/24
95.141.249.0/24
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
0c:95:7e:3d:4d:4d:af:ac:78:b9:d0:b7:ce:fc:c7:77:14:e1:
fb:14:8d:64:e8:94:72:8e:84:b6:8d:f4:c7:dc:81:42:45:fd:
71:96:90:d8:68:7c:81:7a:5c:db:6d:c6:49:6d:2e:56:1f:13:
d0:e3:bc:57:73:e2:23:2e:12:1a:0f:6b:fa:95:b6:cc:e7:a2:
bc:fc:68:d9:de:e7:ba:6e:97:1e:08:ea:2b:ef:4b:4b:50:2d:
58:59:b2:ef:4a:57:a4:e6:9d:bc:23:5d:b0:86:be:b9:da:77:
11:f1:8b:18:ba:68:32:3c:62:f4:41:2f:0b:c3:bc:a2:d8:9f:
eb:cc:63:b9:c1:72:f7:e2:7f:84:c2:a9:fd:60:be:7e:ee:45:
ed:43:b3:5c:1d:eb:04:32:3f:04:ca:11:c6:1a:ad:3c:93:6e:
23:da:5d:e2:8b:e8:c1:0d:d5:8b:e5:62:c1:6f:df:5e:db:dc:
bb:3e:1a:ca:b4:0a:3c:c4:9e:97:cd:64:de:94:0e:79:ec:97:
70:a5:02:8e:d2:44:e9:6e:a6:55:87:9a:68:1e:b8:9c:f9:4a:
af:8f:64:a9:2e:af:d4:d9:83:8c:9f:b2:42:ec:31:ca:23:a7:
fd:36:55:95:c4:6d:dc:f1:88:06:ec:d8:65:4b:66:f9:7b:4e:
b8:70:7d:8c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzufVYgKkp1mWZ7S8LYGoNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjQwMTA5MTM1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZiNjA5ZTBhOGMzMWQyZTA2MGI3ZGZkNDlhNjJlNWEwZjZlN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1tfZB1nwgHqTjnOFQc1I3MZqI/5
06qzzsTR995VZ/cp6sjJtJjedFGDWiDYlyyz95A5qfCtIqcukblRrYmWZFTszTO4
/c+CCEaQIp4eJa9B4RQ9Ss9ivrNq03jBSAVBoNJEMkcPCU+9xJLryhCQs/8r2sOu
4Q/PGZiCzGDuStnM0Qka6DgDnNF2zCfia6i/SJN2zG39OJXWqcA/BTiU/Ocr8m94
puG24hZrxAooAKr4+nwJ6OcT0XG4EjSLwjAdzqp4ZZrCK7bHbgVeVNNbGEwHsnSB
arowVssgYerAbJMk55oAB6DusfasZ1+utaXogXRKHGs7qjoZTVa5VTzE4wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPj7YJ4KjDHS4GC339SaYuWg9uf3MB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvMS1QdGduZ3FNTWRMZ1lMZmYxSnBpNWFEMjVfYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvZjJkOWU5LWVlZmYtNDYzMy1hMTg5LTZiYmIyNzA4MWRl
Mi8xL3lVYkV2djRQdS1OaVM5ZElLV3RmNHVmc0xXZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFJ19QME
AF+N+QMEAMIIHDANBAIAAjAHAwUAKhNDgDANBgkqhkiG9w0BAQsFAAOCAQEADJV+
PU1Nr6x4udC3zvzHdxTh+xSNZOiUco6Eto30x9yBQkX9cZaQ2Gh8gXpc223GSW0u
Vh8T0OO8V3PiIy4SGg9r+pW2zOeivPxo2d7num6XHgjqK+9LS1AtWFmy70pXpOad
vCNdsIa+udp3EfGLGLpoMjxi9EEvC8O8otif68xjucFy9+J/hMKp/WC+fu5F7UOz
XB3rBDI/BMoRxhqtPJNuI9pd4ovowQ3Vi+ViwW/fXtvcuz4ayrQKPMSel81k3pQO
eeyXcKUCjtJE6W6mVYeaaB64nPlKr49kqS6v1NmDjJ+yQuwxyiOn/TZVlcRt3PGI
BuzYZUtm+XtOuHB9jA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:26 2025 by rpki-client