Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/D5oeyWzoCUnWNy84ErMnt5gwpSM.roa
File: D5oeyWzoCUnWNy84ErMnt5gwpSM.roa (raw, json)
Hash identifier: Ic2f+t14YpsyXpxx0egYj0RuRkMkvE/kzgZdfBcG4pw=
Subject key identifier: 0F:9A:1E:C9:6C:E8:09:49:D6:37:2F:38:12:B3:27:B7:98:30:A5:23
Certificate issuer: /CN=6961869099145e31d7b4b5c55ec5f9a724ffca7e
Certificate serial: 019109A7E98317C09D520204811B99667D83
Authority key identifier: 69:61:86:90:99:14:5E:31:D7:B4:B5:C5:5E:C5:F9:A7:24:FF:CA:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aWGGkJkUXjHXtLXFXsX5pyT_yn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/D5oeyWzoCUnWNy84ErMnt5gwpSM.roa
Signing time: Wed 31 Jul 2024 16:38:04 +0000
ROA not before: Wed 31 Jul 2024 16:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52180
IP address blocks: 91.222.244.0/22 maxlen: 22
91.222.244.0/23 maxlen: 23
91.222.244.0/24 maxlen: 24
91.222.245.0/24 maxlen: 24
91.222.246.0/23 maxlen: 23
91.222.246.0/24 maxlen: 24
91.222.247.0/24 maxlen: 24
193.242.156.0/22 maxlen: 22
193.242.158.0/23 maxlen: 23
193.242.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:a7:e9:83:17:c0:9d:52:02:04:81:1b:99:66:7d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6961869099145e31d7b4b5c55ec5f9a724ffca7e
Validity
Not Before: Jul 31 16:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9a1ec96ce80949d6372f3812b327b79830a523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:b5:34:85:a8:d5:a6:85:5a:09:ec:35:01:
4c:0a:9b:76:6a:9a:55:ce:c9:9b:a8:0e:c6:af:23:
68:24:06:1d:d6:11:96:bd:ef:6f:ee:ca:07:d7:59:
2a:2a:c9:6a:7f:f8:ed:09:7c:1c:cb:ee:59:4b:94:
80:7d:aa:8d:70:5c:e1:29:19:9b:5e:b7:eb:ad:b3:
e1:61:9b:46:3d:e4:e4:07:6d:8d:9b:be:1a:ba:ed:
52:a6:84:29:e3:73:a9:6a:0e:3f:0f:63:cc:21:03:
67:05:9e:2b:3e:0e:b3:48:f2:39:9e:e9:8b:c5:91:
d5:27:8c:e3:15:d9:2c:41:8c:49:f1:51:ac:e9:53:
1d:dc:bd:58:e1:7b:48:30:a1:b9:37:3e:bd:fd:95:
3d:01:16:eb:d6:5c:d5:e0:cd:ff:6b:75:9b:0f:28:
ca:7e:69:8e:23:23:ff:f4:88:8f:96:ab:b0:e3:84:
ff:7d:9b:f5:5a:9c:d7:f4:92:f3:ba:56:0c:75:5a:
35:cb:88:51:9b:b8:0b:1d:06:9f:57:79:ea:d4:26:
a8:b7:d7:f1:1b:e0:87:a3:0c:89:60:e4:d7:36:56:
f7:5f:73:18:4e:9e:1d:dc:cf:46:b7:b4:2b:39:27:
12:5b:d1:5d:73:6b:26:77:a2:c4:3a:d9:82:29:ef:
70:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9A:1E:C9:6C:E8:09:49:D6:37:2F:38:12:B3:27:B7:98:30:A5:23
X509v3 Authority Key Identifier:
keyid:69:61:86:90:99:14:5E:31:D7:B4:B5:C5:5E:C5:F9:A7:24:FF:CA:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWGGkJkUXjHXtLXFXsX5pyT_yn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/D5oeyWzoCUnWNy84ErMnt5gwpSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/1ef061-e581-49e4-b8e4-2bccc275e696/1/aWGGkJkUXjHXtLXFXsX5pyT_yn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.244.0/22
193.242.156.0/22
Signature Algorithm: sha256WithRSAEncryption
33:2c:af:e6:24:90:c4:f3:f2:fa:97:66:b4:3e:19:0d:c5:0b:
9a:35:7e:5e:26:78:26:10:2f:24:a8:29:ba:16:d4:63:d7:94:
e7:cb:2e:1c:e6:38:9b:49:bc:94:51:15:88:25:fa:20:3a:b1:
80:a4:5d:41:d4:c2:ad:7c:e4:3e:b6:1d:37:cd:8d:e4:f4:ed:
7b:db:78:e1:d5:65:99:51:cf:98:52:39:69:6f:c3:b5:9d:c5:
a6:28:73:82:a1:95:d6:19:61:69:92:23:cf:67:14:03:08:90:
b4:cd:9c:1b:f0:78:8d:10:83:d2:ec:fe:85:4a:af:38:84:09:
78:05:f7:3b:02:b7:3f:05:a5:65:5f:6b:f2:3b:3e:0e:08:e8:
4f:3f:26:03:87:40:7b:f0:be:a6:e5:e7:23:fe:94:65:af:11:
ec:31:59:9f:3b:b9:08:93:3e:bd:51:e1:2c:06:d2:36:e2:f6:
00:05:78:29:b1:d4:10:cd:68:29:11:c4:a7:92:40:a7:ad:41:
43:b2:ab:1a:94:e2:2c:0c:5e:79:e2:36:b6:84:eb:6e:23:89:
54:be:1e:37:7b:34:c0:bc:53:42:b2:c8:8e:46:a0:ef:7c:cc:
16:a1:77:e8:6c:54:d8:be:03:01:e9:ee:57:90:b8:69:4e:dc:
cc:11:53:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEJp+mDF8CdUgIEgRuZZn2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjE4NjkwOTkxNDVlMzFkN2I0YjVjNTVlYzVmOWE3MjRm
ZmNhN2UwHhcNMjQwNzMxMTYzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjlhMWVjOTZjZTgwOTQ5ZDYzNzJmMzgxMmIzMjdiNzk4MzBhNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2u1NIWo1aaFWgnsNQFMCpt2appV
zsmbqA7GryNoJAYd1hGWve9v7soH11kqKslqf/jtCXwcy+5ZS5SAfaqNcFzhKRmb
XrfrrbPhYZtGPeTkB22Nm74auu1SpoQp43Opag4/D2PMIQNnBZ4rPg6zSPI5numL
xZHVJ4zjFdksQYxJ8VGs6VMd3L1Y4XtIMKG5Nz69/ZU9ARbr1lzV4M3/a3WbDyjK
fmmOIyP/9IiPlquw44T/fZv1WpzX9JLzulYMdVo1y4hRm7gLHQafV3nq1Caot9fx
G+CHowyJYOTXNlb3X3MYTp4d3M9Gt7QrOScSW9Fdc2smd6LEOtmCKe9w9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+aHsls6AlJ1jcvOBKzJ7eYMKUjMB8GA1UdIwQY
MBaAFGlhhpCZFF4x17S1xV7F+ack/8p+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdHR2tKa1VYakhYdExYRlhzWDVweVRfeW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xZWYwNjEtZTU4MS00OWU0LWI4ZTQt
MmJjY2MyNzVlNjk2LzEvRDVvZXlXem9DVW5XTnk4NEVyTW50NWd3cFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xZWYwNjEtZTU4MS00OWU0LWI4ZTQtMmJjY2MyNzVlNjk2
LzEvYVdHR2tKa1VYakhYdExYRlhzWDVweVRfeW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW970AwQC
wfKcMA0GCSqGSIb3DQEBCwUAA4IBAQAzLK/mJJDE8/L6l2a0PhkNxQuaNX5eJngm
EC8kqCm6FtRj15Tnyy4c5jibSbyUURWIJfogOrGApF1B1MKtfOQ+th03zY3k9O17
23jh1WWZUc+YUjlpb8O1ncWmKHOCoZXWGWFpkiPPZxQDCJC0zZwb8HiNEIPS7P6F
Sq84hAl4Bfc7Arc/BaVlX2vyOz4OCOhPPyYDh0B78L6m5ecj/pRlrxHsMVmfO7kI
kz69UeEsBtI24vYABXgpsdQQzWgpEcSnkkCnrUFDsqsalOIsDF554ja2hOtuI4lU
vh43ezTAvFNCssiORqDvfMwWoXfobFTYvgMB6e5XkLhpTtzMEVPn
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:01:14 2025 by rpki-client