Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/4J7y414vPXbBdakOuqCpgVSyEjk.roa
File: 4J7y414vPXbBdakOuqCpgVSyEjk.roa (raw, json)
Hash identifier: wtwF7KL8/VZT3DzCD9jSclHtol7Mnt4b9GFDPr2NNsM=
Subject key identifier: E0:9E:F2:E3:5E:2F:3D:76:C1:75:A9:0E:BA:A0:A9:81:54:B2:12:39
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 0194258F0D3ABCC162119E00555AF6850EC7
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/4J7y414vPXbBdakOuqCpgVSyEjk.roa
Signing time: Thu 02 Jan 2025 05:48:39 +0000
ROA not before: Thu 02 Jan 2025 05:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41108
IP address blocks: 91.228.52.0/23 maxlen: 23
91.228.104.0/22 maxlen: 22
91.229.229.0/24 maxlen: 24
193.25.100.0/23 maxlen: 23
195.88.44.0/23 maxlen: 23
195.110.20.0/23 maxlen: 23
195.110.20.0/24 maxlen: 24
2001:67c:12a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Apr 2025 13:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:0d:3a:bc:c1:62:11:9e:00:55:5a:f6:85:0e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Jan 2 05:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e09ef2e35e2f3d76c175a90ebaa0a98154b21239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ec:4b:df:1b:00:08:a8:ad:15:db:a6:96:2a:
cb:9a:f3:19:06:af:8d:a5:8a:c3:38:90:63:03:06:
dc:dc:8b:20:3e:32:59:20:bc:f5:3f:f2:c8:09:9a:
db:e3:ac:c1:38:d3:65:bd:51:ff:87:81:65:95:d0:
b1:91:e8:93:a3:50:24:7e:e1:6f:88:bb:e4:5d:37:
4b:14:f0:8b:51:a5:81:e5:da:3b:b8:fe:58:4a:cc:
79:dc:c4:d9:47:d1:7a:6d:15:7a:77:14:cc:e5:ea:
fb:b3:be:a6:7e:4e:25:b0:2d:98:b5:a0:d5:0d:ae:
f9:e1:41:8a:99:c8:0b:3f:b1:b2:b3:f9:e4:e6:70:
c4:31:76:01:ed:a4:cc:c7:8c:1d:3b:44:6a:ac:d4:
d3:11:7f:ea:35:7c:f2:67:5a:6d:38:91:ad:e9:4d:
59:91:68:62:f3:82:cb:7d:ef:b1:e5:c2:f1:aa:af:
d8:a6:fd:07:d1:ab:d8:f1:a3:48:57:32:cd:cb:c2:
bc:6a:ec:3d:d4:9a:2d:7a:e9:5d:cd:14:b6:16:bd:
b5:e4:75:7b:d0:9d:81:f0:6e:6a:ef:8d:04:75:8e:
47:14:05:dd:10:e2:7d:47:96:21:ae:15:7b:ec:16:
48:5b:84:9e:dd:d9:4c:d1:09:fa:2f:6e:0f:1d:9a:
b2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:9E:F2:E3:5E:2F:3D:76:C1:75:A9:0E:BA:A0:A9:81:54:B2:12:39
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/4J7y414vPXbBdakOuqCpgVSyEjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.52.0/23
91.228.104.0/22
91.229.229.0/24
193.25.100.0/23
195.88.44.0/23
195.110.20.0/23
IPv6:
2001:67c:12a0::/48
Signature Algorithm: sha256WithRSAEncryption
34:8a:b8:20:03:5c:cd:fd:c1:22:c0:7f:7b:74:83:99:27:7d:
36:2b:72:c7:06:1b:3c:3f:8b:f9:73:59:a3:a0:be:0a:99:44:
2b:92:9b:41:e0:0e:96:d4:2d:18:68:e8:71:06:30:0d:9b:0b:
43:74:19:66:02:3c:8d:d0:7f:c6:8a:a9:28:9b:a1:59:d6:8c:
52:ab:6a:07:58:be:fc:52:d1:dd:f3:8f:da:f0:03:3d:ab:79:
47:17:79:34:6e:a7:84:f3:74:ff:d9:3d:3e:ff:41:08:9f:9c:
da:72:44:5f:71:44:d9:e1:b6:2b:c9:11:95:84:49:b6:1c:fc:
7c:f0:65:f1:bd:6c:44:b1:83:ba:c0:0d:bb:99:a3:5e:6d:b2:
64:7c:75:06:39:b4:38:b9:40:d1:76:4c:52:cf:3b:0b:eb:32:
09:b4:a7:57:de:96:ee:cc:44:9b:a2:ea:bc:6a:a6:3a:c4:4c:
16:f8:6e:5b:a5:44:e6:e2:6b:03:ea:04:02:dd:dc:54:12:4d:
db:f0:1c:69:8e:2b:f7:de:64:43:73:54:bf:09:07:ca:48:98:
b7:9c:c2:b3:19:ed:a8:2a:40:de:98:e5:64:89:32:44:5e:21:
a4:9b:1d:b5:4b:1c:fa:bd:ec:30:4b:22:43:a3:c0:b7:8b:5d:
8b:90:1f:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQljw06vMFiEZ4AVVr2hQ7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwMTAyMDU0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDllZjJlMzVlMmYzZDc2YzE3NWE5MGViYWEwYTk4MTU0YjIxMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuxL3xsACKitFdumlirLmvMZBq+N
pYrDOJBjAwbc3IsgPjJZILz1P/LICZrb46zBONNlvVH/h4FlldCxkeiTo1AkfuFv
iLvkXTdLFPCLUaWB5do7uP5YSsx53MTZR9F6bRV6dxTM5er7s76mfk4lsC2YtaDV
Da754UGKmcgLP7Gys/nk5nDEMXYB7aTMx4wdO0RqrNTTEX/qNXzyZ1ptOJGt6U1Z
kWhi84LLfe+x5cLxqq/Ypv0H0avY8aNIVzLNy8K8auw91JoteuldzRS2Fr215HV7
0J2B8G5q740EdY5HFAXdEOJ9R5YhrhV77BZIW4Se3dlM0Qn6L24PHZqy4QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOCe8uNeLz12wXWpDrqgqYFUshI5MB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEvNEo3eTQxNHZQWGJCZGFrT3VxQ3BnVlN5RWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW+Q0AwQC
W+RoAwQAW+XlAwQBwRlkAwQBw1gsAwQBw24UMA8EAgACMAkDBwAgAQZ8EqAwDQYJ
KoZIhvcNAQELBQADggEBADSKuCADXM39wSLAf3t0g5knfTYrcscGGzw/i/lzWaOg
vgqZRCuSm0HgDpbULRho6HEGMA2bC0N0GWYCPI3Qf8aKqSiboVnWjFKragdYvvxS
0d3zj9rwAz2reUcXeTRup4TzdP/ZPT7/QQifnNpyRF9xRNnhtivJEZWESbYc/Hzw
ZfG9bESxg7rADbuZo15tsmR8dQY5tDi5QNF2TFLPOwvrMgm0p1felu7MRJui6rxq
pjrETBb4blulRObiawPqBALd3FQSTdvwHGmOK/feZENzVL8JB8pImLecwrMZ7agq
QN6Y5WSJMkReIaSbHbVLHPq97DBLIkOjwLeLXYuQH0I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:32:37 2025 by rpki-client