Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/4Di7OBwljEK6GEnGq43UrxGgQ-w.roa
File: 4Di7OBwljEK6GEnGq43UrxGgQ-w.roa (raw, json)
Hash identifier: frvNZDXvczONrwmlDoj58JenKbzvT8oB4iGft9//scc=
Subject key identifier: E0:38:BB:38:1C:25:8C:42:BA:18:49:C6:AB:8D:D4:AF:11:A0:43:EC
Certificate issuer: /CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Certificate serial: 018DEB937DB3AEAC1F446CC0FD46859200FA
Authority key identifier: 58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/4Di7OBwljEK6GEnGq43UrxGgQ-w.roa
Signing time: Tue 27 Feb 2024 17:18:48 +0000
ROA not before: Tue 27 Feb 2024 17:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212598
IP address blocks: 91.142.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 16:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:93:7d:b3:ae:ac:1f:44:6c:c0:fd:46:85:92:00:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Validity
Not Before: Feb 27 17:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e038bb381c258c42ba1849c6ab8dd4af11a043ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:40:31:85:ad:12:e0:1e:f9:83:59:7e:50:8c:
8b:60:54:47:f5:ad:28:f2:0e:7d:04:18:3c:d6:cf:
27:58:9e:11:19:2a:b3:d1:04:1e:04:fc:42:5f:a7:
da:80:ce:f5:53:cb:a2:20:0b:78:81:dc:24:df:c0:
6a:90:cf:7e:b9:76:24:59:1a:81:df:2e:9c:3e:ab:
73:78:eb:78:3e:0b:a8:00:d0:ff:7c:cb:ca:04:78:
37:17:a5:8f:88:89:8c:73:13:66:dd:1c:c0:9f:a4:
87:a1:59:be:b2:70:42:33:09:57:0b:52:b2:18:4f:
37:8a:b6:01:19:c4:c2:c8:d0:ab:28:ad:64:84:90:
00:c4:8f:ea:b8:d8:9b:ac:ec:34:40:ec:c8:74:5f:
31:5e:2c:5e:62:30:c8:86:6a:16:e3:c6:16:b4:35:
b6:1d:fd:a7:71:39:e4:ff:c2:9a:25:43:69:2b:a6:
4f:da:80:eb:32:b0:35:31:dc:ea:62:f2:58:2d:89:
e3:92:eb:48:08:49:77:39:cb:83:27:5c:90:e1:80:
23:3a:4a:eb:3f:f4:1c:e0:5a:76:79:6d:3d:9d:59:
67:96:55:4c:0f:3d:49:05:33:fa:5f:b2:63:14:aa:
1e:fa:e9:41:8e:85:77:0b:1a:fc:a0:ca:48:b9:82:
79:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:38:BB:38:1C:25:8C:42:BA:18:49:C6:AB:8D:D4:AF:11:A0:43:EC
X509v3 Authority Key Identifier:
keyid:58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/4Di7OBwljEK6GEnGq43UrxGgQ-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.130.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:78:2f:f6:4c:46:7c:ea:9d:18:1b:ca:1d:85:43:f7:6a:52:
10:74:84:70:e3:7e:8d:0e:b0:49:4d:79:23:49:8f:00:b2:e0:
79:27:95:fc:48:0b:78:76:62:18:77:0f:9f:ed:5d:43:d6:0e:
b3:45:94:e3:33:40:2d:94:7b:93:e6:cd:80:0a:ea:c7:b7:63:
65:db:46:00:92:46:9d:ac:d9:ad:25:e5:51:6d:97:6d:f8:ed:
3d:93:f7:72:76:b3:53:bd:2a:89:53:7f:85:84:d9:74:36:5a:
9b:ae:28:ec:f5:b1:a0:3b:79:b6:e6:ea:45:bb:2a:c5:40:58:
aa:25:40:99:e2:96:ef:e5:9c:42:e5:3d:cc:6e:37:d6:b4:b8:
7f:71:62:0a:e4:d0:26:c4:5c:a0:38:fe:27:4c:c9:cf:4b:f5:
df:e7:7e:44:15:f2:4e:34:cd:b6:bc:5c:3d:a0:d8:50:94:ba:
ec:83:a6:f7:28:9d:f4:88:2c:05:05:2d:88:83:57:97:60:40:
07:e0:7e:1e:74:ec:1b:49:e4:56:ca:1c:32:c9:79:03:3e:8d:
dd:0b:5a:d9:1b:cb:ef:56:a5:c0:ef:0a:42:d6:99:41:d7:b1:
49:09:b0:ea:5e:f8:b7:56:25:4f:e9:1f:e2:55:fa:2e:85:06:
d9:f5:bb:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3rk32zrqwfRGzA/UaFkgD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmM3NGZjNTliN2FiMDk2YTI1N2QzYjYyOTlkMmY2ZmRh
NDZhODAwHhcNMjQwMjI3MTcxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM4YmIzODFjMjU4YzQyYmExODQ5YzZhYjhkZDRhZjExYTA0M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UAxha0S4B75g1l+UIyLYFRH9a0o
8g59BBg81s8nWJ4RGSqz0QQeBPxCX6fagM71U8uiIAt4gdwk38BqkM9+uXYkWRqB
3y6cPqtzeOt4PguoAND/fMvKBHg3F6WPiImMcxNm3RzAn6SHoVm+snBCMwlXC1Ky
GE83irYBGcTCyNCrKK1khJAAxI/quNibrOw0QOzIdF8xXixeYjDIhmoW48YWtDW2
Hf2ncTnk/8KaJUNpK6ZP2oDrMrA1MdzqYvJYLYnjkutICEl3OcuDJ1yQ4YAjOkrr
P/Qc4Fp2eW09nVlnllVMDz1JBTP6X7JjFKoe+ulBjoV3Cxr8oMpIuYJ5YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOA4uzgcJYxCuhhJxquN1K8RoEPsMB8GA1UdIwQY
MBaAFFgsdPxZt6sJaiV9O2KZ0vb9pGqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUt
ZjllZmMwNDU3ZmI5LzEvNERpN09Cd2xqRUs2R0VuR3E0M1VyeEdnUS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUtZjllZmMwNDU3ZmI5
LzEvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46CMA0G
CSqGSIb3DQEBCwUAA4IBAQC5eC/2TEZ86p0YG8odhUP3alIQdIRw436NDrBJTXkj
SY8AsuB5J5X8SAt4dmIYdw+f7V1D1g6zRZTjM0AtlHuT5s2ACurHt2Nl20YAkkad
rNmtJeVRbZdt+O09k/dydrNTvSqJU3+FhNl0Nlqbrijs9bGgO3m25upFuyrFQFiq
JUCZ4pbv5ZxC5T3MbjfWtLh/cWIK5NAmxFygOP4nTMnPS/Xf535EFfJONM22vFw9
oNhQlLrsg6b3KJ30iCwFBS2Ig1eXYEAH4H4edOwbSeRWyhwyyXkDPo3dC1rZG8vv
VqXA7wpC1plB17FJCbDqXvi3ViVP6R/iVfouhQbZ9btz
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:27:06 2025 by rpki-client