Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/U7Bem_VIz4heqNk3-JP8xQrX6Js.roa
File: U7Bem_VIz4heqNk3-JP8xQrX6Js.roa (raw, json)
Hash identifier: HD6AKrLzc9FXtxu8sAXvr1KBBkehh9yW5XPlQ43CeuE=
Subject key identifier: 53:B0:5E:9B:F5:48:CF:88:5E:A8:D9:37:F8:93:FC:C5:0A:D7:E8:9B
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01907A6E2AAE69565C76955FB0E83DF8E55B
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/U7Bem_VIz4heqNk3-JP8xQrX6Js.roa
Signing time: Wed 03 Jul 2024 21:09:18 +0000
ROA not before: Wed 03 Jul 2024 21:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 91.147.119.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 20:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7a:6e:2a:ae:69:56:5c:76:95:5f:b0:e8:3d:f8:e5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jul 3 21:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53b05e9bf548cf885ea8d937f893fcc50ad7e89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c1:99:8e:bb:71:54:a3:ea:7d:52:55:64:c6:
b0:17:4e:0a:db:24:f0:51:43:56:52:b3:c5:c7:80:
99:0d:7a:dc:f0:18:10:7b:89:6a:69:5a:38:0c:03:
79:da:36:ce:57:55:5b:46:9e:38:89:25:08:79:57:
95:7b:77:c5:fd:9d:90:aa:d8:58:11:56:af:74:11:
b4:41:4d:f8:63:42:b3:e6:98:5b:38:db:64:60:be:
91:2e:7b:8e:e9:71:43:d3:11:34:87:95:ea:f2:1c:
ee:4e:5a:7e:ec:7b:92:02:72:f1:49:86:e4:3b:73:
c2:f3:85:ba:1c:9c:86:e1:8c:0f:8a:6b:0d:b0:93:
c7:70:dd:d8:1f:a0:a1:bb:8c:4e:80:83:88:04:de:
11:d1:27:7b:8a:f7:dd:20:fc:7d:a3:45:03:23:5d:
5d:95:2c:fa:b3:7f:97:e4:6e:c1:85:ae:8b:0d:95:
17:c4:06:19:b3:bf:d1:3a:b5:0f:b9:e8:48:f5:a8:
3d:94:94:6c:7f:8c:63:2e:27:4f:d5:9a:1e:18:55:
76:7b:b7:45:57:0c:2e:4f:c9:59:0e:db:a5:fa:32:
c4:be:f4:53:04:2b:af:91:a5:54:94:0a:72:4f:20:
a2:33:1f:14:42:da:96:94:2c:74:8d:01:b2:87:37:
12:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B0:5E:9B:F5:48:CF:88:5E:A8:D9:37:F8:93:FC:C5:0A:D7:E8:9B
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/U7Bem_VIz4heqNk3-JP8xQrX6Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.123.0/24
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:9a:d7:f5:01:75:70:1d:85:08:d6:08:7e:a6:69:8f:40:01:
6a:64:3f:22:47:4b:1d:ce:90:c5:4b:4f:2d:c3:78:9c:30:e3:
2d:42:44:bd:07:91:67:58:93:7f:fb:80:df:81:7b:d3:f1:40:
46:34:92:cd:50:d6:93:ed:3f:eb:09:77:f8:e5:0c:bc:a3:cd:
a7:f4:27:df:41:10:6e:b7:28:f0:0f:c2:70:16:18:5e:17:40:
b8:6a:de:80:2f:9a:cb:cd:37:92:12:29:d0:90:6d:a7:8a:69:
da:cf:59:09:b5:83:6b:fd:dc:2b:9c:ae:0e:00:6f:29:b7:c6:
bc:41:76:8e:23:7e:55:f1:6a:8e:7f:b0:06:f6:2b:bc:c1:76:
ad:3e:f3:60:db:b2:8d:f3:e7:74:1a:59:93:23:3a:9c:af:b6:
0a:2a:97:55:e1:69:7c:c4:78:7b:30:91:62:ae:83:fb:c2:7e:
f9:26:bb:49:57:89:e4:ab:08:d6:0d:0e:3e:7e:4b:48:09:09:
c7:fe:80:35:70:49:17:1c:af:29:f2:d4:0c:1c:41:47:44:7d:
0f:91:b1:d2:63:f8:59:10:2b:ef:18:65:32:d8:46:12:5a:6c:
13:aa:27:05:2c:4d:e6:d5:b5:fd:a0:7e:f2:f2:6d:0a:28:88:
a7:80:05:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZB6biquaVZcdpVfsOg9+OVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQwNzAzMjEwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2IwNWU5YmY1NDhjZjg4NWVhOGQ5MzdmODkzZmNjNTBhZDdlODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcGZjrtxVKPqfVJVZMawF04K2yTw
UUNWUrPFx4CZDXrc8BgQe4lqaVo4DAN52jbOV1VbRp44iSUIeVeVe3fF/Z2QqthY
EVavdBG0QU34Y0Kz5phbONtkYL6RLnuO6XFD0xE0h5Xq8hzuTlp+7HuSAnLxSYbk
O3PC84W6HJyG4YwPimsNsJPHcN3YH6Chu4xOgIOIBN4R0Sd7ivfdIPx9o0UDI11d
lSz6s3+X5G7Bha6LDZUXxAYZs7/ROrUPuehI9ag9lJRsf4xjLidP1ZoeGFV2e7dF
VwwuT8lZDtul+jLEvvRTBCuvkaVUlApyTyCiMx8UQtqWlCx0jQGyhzcSrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFOwXpv1SM+IXqjZN/iT/MUK1+ibMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvVTdCZW1fVkl6NGhlcU5rMy1KUDh4UXJYNkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW5N3AwQA
W5N7AwQBW5N+AwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQBrmtf1AXVw
HYUI1gh+pmmPQAFqZD8iR0sdzpDFS08tw3icMOMtQkS9B5FnWJN/+4DfgXvT8UBG
NJLNUNaT7T/rCXf45Qy8o82n9CffQRButyjwD8JwFhheF0C4at6AL5rLzTeSEinQ
kG2nimnaz1kJtYNr/dwrnK4OAG8pt8a8QXaOI35V8WqOf7AG9iu8wXatPvNg27KN
8+d0GlmTIzqcr7YKKpdV4Wl8xHh7MJFiroP7wn75JrtJV4nkqwjWDQ4+fktICQnH
/oA1cEkXHK8p8tQMHEFHRH0PkbHSY/hZECvvGGUy2EYSWmwTqicFLE3m1bX9oH7y
8m0KKIingAWM
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:01 2025 by rpki-client