Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/9HimVVFdpf3RCWM_Ap-ChBBDbpY.roa
File: 9HimVVFdpf3RCWM_Ap-ChBBDbpY.roa (raw, json)
Hash identifier: IX6YHHILAF5IR9YWxYCJDDQsEW6gRFUM7cnrHujHmU4=
Subject key identifier: F4:78:A6:55:51:5D:A5:FD:D1:09:63:3F:02:9F:82:84:10:43:6E:96
Certificate issuer: /CN=2b81c753b77665e7a59f8e508314f159356c228e
Certificate serial: 018CC64A7232CB907E9C2E2103876F5BF24F
Authority key identifier: 2B:81:C7:53:B7:76:65:E7:A5:9F:8E:50:83:14:F1:59:35:6C:22:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4HHU7d2Zeeln45QgxTxWTVsIo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/9HimVVFdpf3RCWM_Ap-ChBBDbpY.roa
Signing time: Mon 01 Jan 2024 18:30:16 +0000
ROA not before: Mon 01 Jan 2024 18:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56565
IP address blocks: 91.230.251.0/24 maxlen: 24
194.0.209.0/24 maxlen: 24
91.208.238.0/24 maxlen: 24
91.236.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:72:32:cb:90:7e:9c:2e:21:03:87:6f:5b:f2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b81c753b77665e7a59f8e508314f159356c228e
Validity
Not Before: Jan 1 18:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f478a655515da5fdd109633f029f828410436e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:24:41:0d:12:bd:cc:2f:2d:bd:38:2e:da:
b8:3a:45:98:4d:99:db:af:22:31:9d:7f:a1:cd:41:
f6:04:48:bf:28:ba:9b:06:f9:84:01:17:c3:ef:0c:
b0:25:fd:75:25:99:5a:07:f8:be:fe:9e:c6:9e:65:
d2:a2:5a:e3:da:46:6f:cd:e2:5e:a0:56:ac:01:f0:
bc:6f:8b:78:fb:b5:29:49:26:76:71:1c:e5:87:17:
d9:9f:fb:f1:c9:fd:71:bc:96:c9:76:67:70:c6:b3:
00:2d:1c:09:ac:d7:18:a2:61:0e:51:12:f3:fe:c9:
af:aa:29:b3:32:d9:3d:da:32:c5:ec:f8:bb:95:a8:
02:c2:a6:4f:8c:9a:ee:c5:f4:7b:60:91:0c:bd:6e:
03:a2:31:88:81:2d:b8:f8:bb:68:a3:52:26:0e:9d:
8d:fc:51:b0:0c:50:6f:3f:29:9d:3d:0c:e8:d9:2c:
12:7c:e8:94:87:be:32:69:50:12:6d:e5:17:90:e8:
89:39:e6:5a:93:17:28:17:18:c5:88:a8:5c:fb:3b:
f1:fa:76:66:26:2f:9f:70:ae:71:25:a7:ec:c0:c2:
d9:be:42:c8:6f:f9:45:d5:9e:6b:03:ab:1d:65:c6:
69:63:70:6a:1f:57:8f:23:e8:1a:95:55:aa:e6:5c:
58:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:78:A6:55:51:5D:A5:FD:D1:09:63:3F:02:9F:82:84:10:43:6E:96
X509v3 Authority Key Identifier:
keyid:2B:81:C7:53:B7:76:65:E7:A5:9F:8E:50:83:14:F1:59:35:6C:22:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4HHU7d2Zeeln45QgxTxWTVsIo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/9HimVVFdpf3RCWM_Ap-ChBBDbpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ef7b03-e796-40ad-b66b-587aef6dc285/1/K4HHU7d2Zeeln45QgxTxWTVsIo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.238.0/24
91.230.251.0/24
91.236.205.0/24
194.0.209.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:da:32:ef:71:89:2e:53:14:27:73:02:c5:f7:b9:b9:e2:75:
a1:35:88:fd:27:71:79:3f:5a:61:4c:8e:66:2a:37:41:2b:e4:
da:d4:00:87:9c:8c:83:cd:ba:23:8a:b3:bd:0d:14:a5:9f:b8:
f0:9a:e1:0f:4f:c4:4f:e1:a4:38:f6:0f:09:7f:9e:3d:30:40:
61:be:a6:43:19:36:de:ec:12:f1:60:8b:24:a8:6b:32:d7:8f:
37:f0:a3:9a:c0:77:ce:ae:59:aa:6b:df:8a:fb:4c:5e:f7:e4:
97:7e:6e:05:f4:ef:c0:4b:ae:45:cc:d0:91:2d:66:60:71:12:
ed:00:f9:f9:79:6a:b9:b6:85:99:c4:e1:1a:32:00:2f:c5:3f:
71:ff:1e:75:68:4d:bb:77:16:85:80:94:a6:36:58:ea:a3:4c:
73:87:71:7a:37:75:91:a8:68:aa:34:0d:27:35:5b:65:66:6c:
fc:97:67:e8:22:d1:89:c3:6b:27:af:ce:b1:40:e2:cb:c8:ef:
f8:b5:44:d9:28:d7:3b:fa:79:47:cb:b3:2a:5c:18:50:dc:25:
06:ee:ec:8e:8d:9c:f6:1d:6e:27:6c:c9:09:e9:04:8a:03:59:
1d:c6:95:92:2a:b4:d0:95:f8:32:7e:8c:0e:2d:9a:27:24:23:
fa:08:32:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSnIyy5B+nC4hA4dvW/JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODFjNzUzYjc3NjY1ZTdhNTlmOGU1MDgzMTRmMTU5MzU2
YzIyOGUwHhcNMjQwMTAxMTgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDc4YTY1NTUxNWRhNWZkZDEwOTYzM2YwMjlmODI4NDEwNDM2ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEwkQQ0SvcwvLb04Ltq4OkWYTZnb
ryIxnX+hzUH2BEi/KLqbBvmEARfD7wywJf11JZlaB/i+/p7GnmXSolrj2kZvzeJe
oFasAfC8b4t4+7UpSSZ2cRzlhxfZn/vxyf1xvJbJdmdwxrMALRwJrNcYomEOURLz
/smvqimzMtk92jLF7Pi7lagCwqZPjJruxfR7YJEMvW4DojGIgS24+Ltoo1ImDp2N
/FGwDFBvPymdPQzo2SwSfOiUh74yaVASbeUXkOiJOeZakxcoFxjFiKhc+zvx+nZm
Ji+fcK5xJafswMLZvkLIb/lF1Z5rA6sdZcZpY3BqH1ePI+galVWq5lxYuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPR4plVRXaX90QljPwKfgoQQQ26WMB8GA1UdIwQY
MBaAFCuBx1O3dmXnpZ+OUIMU8Vk1bCKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRISFU3ZDJaZWVsbjQ1UWd4VHhXVFZzSW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZjdiMDMtZTc5Ni00MGFkLWI2NmIt
NTg3YWVmNmRjMjg1LzEvOUhpbVZWRmRwZjNSQ1dNX0FwLUNoQkJEYnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZjdiMDMtZTc5Ni00MGFkLWI2NmItNTg3YWVmNmRjMjg1
LzEvSzRISFU3ZDJaZWVsbjQ1UWd4VHhXVFZzSW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9DuAwQA
W+b7AwQAW+zNAwQAwgDRMA0GCSqGSIb3DQEBCwUAA4IBAQC32jLvcYkuUxQncwLF
97m54nWhNYj9J3F5P1phTI5mKjdBK+Ta1ACHnIyDzbojirO9DRSln7jwmuEPT8RP
4aQ49g8Jf549MEBhvqZDGTbe7BLxYIskqGsy14838KOawHfOrlmqa9+K+0xe9+SX
fm4F9O/AS65FzNCRLWZgcRLtAPn5eWq5toWZxOEaMgAvxT9x/x51aE27dxaFgJSm
Nljqo0xzh3F6N3WRqGiqNA0nNVtlZmz8l2foItGJw2snr86xQOLLyO/4tUTZKNc7
+nlHy7MqXBhQ3CUG7uyOjZz2HW4nbMkJ6QSKA1kdxpWSKrTQlfgyfowOLZonJCP6
CDI0
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:42:01 2025 by rpki-client