Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/183jb6r-5NB3dJoTY75rLIPcOok.roa
File: 183jb6r-5NB3dJoTY75rLIPcOok.roa (raw, json)
Hash identifier: UjGN8iEpvveloJBp1EXhubF9biUYJlFLEHS+MsPrUms=
Subject key identifier: D7:CD:E3:6F:AA:FE:E4:D0:77:74:9A:13:63:BE:6B:2C:83:DC:3A:89
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018CC3489C40A9DDF75D32071FA71A6852B4
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/183jb6r-5NB3dJoTY75rLIPcOok.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Jun 2024 13:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9c:40:a9:dd:f7:5d:32:07:1f:a7:1a:68:52:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7cde36faafee4d077749a1363be6b2c83dc3a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:5f:e7:48:5d:ae:7d:ba:f0:61:50:ec:9d:
4b:94:b6:3c:95:2b:2c:d8:e2:f3:33:06:8d:2b:de:
51:83:c0:57:53:1f:da:35:fe:1c:ae:98:21:bd:40:
c7:da:d8:3f:b6:2a:35:de:da:4d:82:22:8b:79:7c:
d4:c0:fc:f5:8f:14:d9:51:e3:da:71:8a:90:56:1e:
eb:f6:99:40:c9:f0:b8:1d:a5:78:42:7b:be:50:71:
31:96:95:41:7e:4b:fa:2d:67:c0:f3:c4:5a:71:97:
1d:33:66:cd:72:65:09:71:24:53:59:ff:9f:78:3c:
db:f8:e9:f3:b2:8b:7e:83:1f:11:b8:f1:39:04:76:
17:4c:4f:66:ff:5d:3d:bb:6b:08:cc:2e:5c:e1:51:
58:bd:e2:f1:d8:67:6d:c7:ce:18:7a:21:57:3d:36:
08:e7:98:4a:ab:38:4d:ef:0f:5e:79:7a:f8:19:cd:
9c:f5:d3:b8:32:11:75:13:ce:09:6b:7a:fc:51:3f:
b3:39:f5:b2:be:a4:75:47:00:74:b6:50:d9:fd:5e:
cf:e7:c5:69:13:8c:27:bf:9e:25:c7:31:d1:a0:05:
2d:ca:3f:4d:20:6b:00:6c:f9:20:32:1a:d8:7c:3f:
53:1f:09:f6:cc:d4:5b:da:d7:f9:26:ff:33:34:d4:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CD:E3:6F:AA:FE:E4:D0:77:74:9A:13:63:BE:6B:2C:83:DC:3A:89
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/183jb6r-5NB3dJoTY75rLIPcOok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.123.0/24
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:75:34:63:c4:fa:79:bf:52:7e:38:1f:83:3c:53:67:2b:c4:
2d:59:bf:c8:87:95:ca:26:b0:33:94:f5:eb:de:9b:a6:0b:38:
7a:ce:9f:8f:aa:7c:a3:ad:0c:c1:d0:2e:eb:57:b9:35:23:72:
7a:6c:05:26:17:c2:1a:23:c8:09:cf:1e:24:4b:a6:91:5a:2a:
b3:02:f2:bf:c8:f9:46:cf:70:6e:be:5d:62:41:4d:2e:8f:4a:
e7:cc:ca:3e:a5:93:ed:68:07:bd:4d:ab:6a:b7:95:d5:c7:31:
c3:64:09:cd:2f:9e:76:3f:65:b9:ad:b9:05:b7:38:46:d4:73:
3b:af:b5:48:ed:ee:a0:63:2a:51:11:60:e7:56:29:06:6b:ee:
ae:52:67:5f:c8:11:d9:88:cd:2a:e4:03:7f:fb:70:80:85:45:
74:55:cd:2a:10:9c:09:64:c1:e2:d5:d5:19:3f:18:83:f9:6f:
c2:81:85:3d:81:4f:bb:e1:e1:e2:cd:82:4e:3c:aa:91:ff:73:
46:e7:7e:75:78:ce:71:62:f8:9b:25:21:69:22:21:c0:34:b0:
b9:f2:2b:d4:78:86:cd:6d:07:9b:49:f9:18:da:d0:80:49:90:
1a:d4:9f:a1:d2:7b:f8:ee:8c:af:ed:79:a4:32:1e:42:05:e9:
d4:d6:dc:d7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSJxAqd33XTIHH6caaFK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NkZTM2ZmFhZmVlNGQwNzc3NDlhMTM2M2JlNmIyYzgzZGMzYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQVf50hdrn268GFQ7J1LlLY8lSss
2OLzMwaNK95Rg8BXUx/aNf4crpghvUDH2tg/tio13tpNgiKLeXzUwPz1jxTZUePa
cYqQVh7r9plAyfC4HaV4Qnu+UHExlpVBfkv6LWfA88RacZcdM2bNcmUJcSRTWf+f
eDzb+Onzsot+gx8RuPE5BHYXTE9m/109u2sIzC5c4VFYveLx2Gdtx84YeiFXPTYI
55hKqzhN7w9eeXr4Gc2c9dO4MhF1E84Ja3r8UT+zOfWyvqR1RwB0tlDZ/V7P58Vp
E4wnv54lxzHRoAUtyj9NIGsAbPkgMhrYfD9THwn2zNRb2tf5Jv8zNNQvBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNfN42+q/uTQd3SaE2O+ayyD3DqJMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvMTgzamI2ci01TkIzZEpvVFk3NXJMSVBjT29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW5N3AwQA
W5N7AwQBW5N+AwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQDPdTRjxPp5
v1J+OB+DPFNnK8QtWb/Ih5XKJrAzlPXr3pumCzh6zp+PqnyjrQzB0C7rV7k1I3J6
bAUmF8IaI8gJzx4kS6aRWiqzAvK/yPlGz3Buvl1iQU0uj0rnzMo+pZPtaAe9Tatq
t5XVxzHDZAnNL552P2W5rbkFtzhG1HM7r7VI7e6gYypREWDnVikGa+6uUmdfyBHZ
iM0q5AN/+3CAhUV0Vc0qEJwJZMHi1dUZPxiD+W/CgYU9gU+74eHizYJOPKqR/3NG
5351eM5xYvibJSFpIiHANLC58ivUeIbNbQebSfkY2tCASZAa1J+h0nv47oyv7Xmk
Mh5CBenU1tzX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:51 2025 by rpki-client