Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/mS_oXS8PdNGuJRbCZzx_T6jd4HU.roa
File: mS_oXS8PdNGuJRbCZzx_T6jd4HU.roa (raw, json)
Hash identifier: QITZzYA8TQMtyRhC8MP+izvCWZVG9On2gcUINfExBik=
Subject key identifier: 99:2F:E8:5D:2F:0F:74:D1:AE:25:16:C2:67:3C:7F:4F:A8:DD:E0:75
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: 018CC26D17C2F62DD9C638517CDC1F922F73
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/mS_oXS8PdNGuJRbCZzx_T6jd4HU.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29031
IP address blocks: 195.69.200.0/22 maxlen: 22
193.239.24.0/24 maxlen: 24
193.239.27.0/24 maxlen: 24
193.239.26.0/24 maxlen: 24
195.3.132.0/23 maxlen: 23
91.201.108.0/22 maxlen: 22
195.3.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 08 Apr 2024 08:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:17:c2:f6:2d:d9:c6:38:51:7c:dc:1f:92:2f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=992fe85d2f0f74d1ae2516c2673c7f4fa8dde075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0b:bd:26:ea:3f:0e:ec:79:a9:93:79:fb:ef:
34:52:44:92:fc:98:52:7a:89:94:a0:7a:41:91:75:
40:28:8f:75:18:8d:e0:eb:79:34:05:18:66:70:9f:
e8:3f:80:08:eb:b5:6a:c6:49:16:78:d8:2f:0e:d4:
73:b7:5c:6b:47:6b:c8:d7:57:27:bb:d5:87:9d:93:
d0:6b:c4:e8:d0:4c:00:2b:20:ea:68:61:ac:cd:2e:
17:b0:b8:f9:4a:f9:65:c3:8d:fb:fc:c6:3d:ac:e6:
b0:7a:4d:cf:58:6c:c7:2c:f5:dc:b5:82:4a:2d:99:
62:68:8b:e5:6c:e5:7a:f0:a0:a1:20:bb:a3:e2:17:
ed:c7:16:3c:97:2b:1d:6f:9f:fe:d8:4e:72:fa:1a:
45:69:d2:c4:ae:ad:19:e3:db:07:59:39:fb:fc:74:
1d:ad:f3:e6:b5:34:14:07:70:3c:18:89:29:eb:9b:
a3:97:3d:d4:08:05:20:b9:4a:8b:19:52:c3:0c:71:
4d:98:2d:3e:92:2f:07:a9:12:74:a1:2e:21:e4:8a:
f4:62:51:bb:44:22:91:2a:8c:f2:4b:5f:52:00:1e:
c2:04:4a:f2:e5:67:ef:81:03:90:95:cc:c2:29:1f:
cc:d2:08:fe:3b:0c:a3:16:18:a5:99:d7:99:00:2b:
2c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2F:E8:5D:2F:0F:74:D1:AE:25:16:C2:67:3C:7F:4F:A8:DD:E0:75
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/mS_oXS8PdNGuJRbCZzx_T6jd4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.108.0/22
193.239.24.0/24
193.239.26.0/23
195.3.132.0/22
195.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
30:d7:d1:52:59:d1:9e:4d:58:14:1d:31:a0:42:f4:ae:a6:71:
86:0f:85:f4:77:ef:be:ff:87:80:76:6a:35:84:0d:91:b0:f3:
c8:b7:a7:87:70:91:24:91:7d:0b:ee:29:1b:57:d9:e5:b7:26:
6f:5e:69:8f:94:f0:78:8d:20:ae:5b:4b:3a:8c:e2:60:78:98:
de:dd:ee:cd:21:48:4b:c5:4d:bd:61:f2:d7:fd:01:b8:7b:3a:
a0:26:7d:0c:4b:5d:a4:0a:44:cf:0c:f7:f1:fa:33:f6:4e:57:
da:fd:fe:12:6e:54:34:7f:fd:9f:ba:00:9a:17:8d:67:48:a2:
2b:f9:a1:de:06:4e:f4:b2:1d:b9:a0:60:9f:0d:bf:73:fc:d5:
0a:ed:8d:e4:5a:63:1a:96:20:0a:1d:ad:ac:c8:b0:aa:a9:e1:
a4:88:bf:5d:4b:3e:be:61:22:d1:f0:d8:37:0b:18:85:f7:25:
78:b5:31:fe:00:de:6e:ab:f7:b3:12:e0:6f:c9:c3:a8:47:5f:
5d:10:a2:e5:d9:23:b1:07:e7:86:10:1d:52:d6:90:32:4e:52:
e8:6c:1b:5e:30:18:5e:d8:97:ef:22:f9:48:ac:46:6f:78:ef:
a0:0e:c2:cf:4f:18:de:4e:13:ed:dc:8a:97:bf:fd:56:de:27:
16:e8:52:40
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbRfC9i3ZxjhRfNwfki9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlk
NTA1ZjMwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJmZTg1ZDJmMGY3NGQxYWUyNTE2YzI2NzNjN2Y0ZmE4ZGRlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQu9Juo/Dux5qZN5++80UkSS/JhS
eomUoHpBkXVAKI91GI3g63k0BRhmcJ/oP4AI67VqxkkWeNgvDtRzt1xrR2vI11cn
u9WHnZPQa8To0EwAKyDqaGGszS4XsLj5Svllw437/MY9rOawek3PWGzHLPXctYJK
LZliaIvlbOV68KChILuj4hftxxY8lysdb5/+2E5y+hpFadLErq0Z49sHWTn7/HQd
rfPmtTQUB3A8GIkp65ujlz3UCAUguUqLGVLDDHFNmC0+ki8HqRJ0oS4h5Ir0YlG7
RCKRKozyS19SAB7CBEry5WfvgQOQlczCKR/M0gj+OwyjFhilmdeZACssTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJkv6F0vD3TRriUWwmc8f0+o3eB1MB8GA1UdIwQY
MBaAFB5H4r85dHIer7+4wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQt
ZTM2OWQ2NjAyZTZmLzEvbVNfb1hTOFBkTkd1SlJiQ1p6eF9UNmpkNEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZm
LzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8lsAwQA
we8YAwQBwe8aAwQCwwOEAwQCw0XIMA0GCSqGSIb3DQEBCwUAA4IBAQAw19FSWdGe
TVgUHTGgQvSupnGGD4X0d+++/4eAdmo1hA2RsPPIt6eHcJEkkX0L7ikbV9nltyZv
XmmPlPB4jSCuW0s6jOJgeJje3e7NIUhLxU29YfLX/QG4ezqgJn0MS12kCkTPDPfx
+jP2Tlfa/f4SblQ0f/2fugCaF41nSKIr+aHeBk70sh25oGCfDb9z/NUK7Y3kWmMa
liAKHa2syLCqqeGkiL9dSz6+YSLR8Ng3CxiF9yV4tTH+AN5uq/ezEuBvycOoR19d
EKLl2SOxB+eGEB1S1pAyTlLobBteMBhe2JfvIvlIrEZveO+gDsLPTxjeThPt3IqX
v/1W3icW6FJA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:51 2025 by rpki-client