Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/fSHE1Rqtfpq0EaYG8iGFMSEd3Ms.roa
File: fSHE1Rqtfpq0EaYG8iGFMSEd3Ms.roa (raw, json)
Hash identifier: bDLADJtpRoZ6s3t/q3aw59ZK98IvMyYssHQL9CUMTD4=
Subject key identifier: 7D:21:C4:D5:1A:AD:7E:9A:B4:11:A6:06:F2:21:85:31:21:1D:DC:CB
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01938E46E0EAFAC36A88CA120222EAD3D58C
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/fSHE1Rqtfpq0EaYG8iGFMSEd3Ms.roa
Signing time: Tue 03 Dec 2024 20:47:09 +0000
ROA not before: Tue 03 Dec 2024 20:47:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 91.147.119.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.236.0/23 maxlen: 23
212.116.238.0/23 maxlen: 23
212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8e:46:e0:ea:fa:c3:6a:88:ca:12:02:22:ea:d3:d5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Dec 3 20:47:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d21c4d51aad7e9ab411a606f2218531211ddccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:c8:9b:7a:b0:3c:8f:9d:0a:ed:ae:92:be:
04:a7:e5:c0:3f:c3:4d:ab:5c:be:21:6d:d3:84:a6:
d6:b8:65:b3:e8:2c:88:f4:9a:51:92:89:bf:86:95:
9b:1b:05:1d:03:d3:fa:b6:68:c3:78:24:cf:ab:e9:
59:56:6f:2e:99:88:7e:8a:7a:c0:13:ca:d8:26:68:
be:3b:10:d1:7e:8e:3d:be:2f:cd:9f:ae:80:70:51:
87:10:39:a5:cc:00:98:4c:a5:41:d0:b2:4a:9d:18:
8c:cc:1b:92:b6:9f:28:ed:8f:69:b4:67:8a:51:5b:
96:39:62:a0:7b:81:97:23:d0:cb:15:8f:e2:9e:7c:
1e:dc:e9:13:90:3c:af:d4:44:38:fa:7a:45:54:80:
6b:fd:08:7c:f3:4c:b4:30:77:ad:e1:9d:1e:c2:be:
0f:30:01:c8:e7:43:34:43:16:75:eb:f5:64:95:e6:
60:01:73:c2:d0:94:e1:40:97:1c:f8:8c:87:34:8c:
b4:99:db:08:f6:10:8d:ac:7f:b7:39:11:14:30:66:
25:77:31:eb:9a:a5:95:39:7d:18:90:ec:bd:97:d4:
a4:c2:e4:47:25:ba:26:de:5d:f0:0b:9d:23:d6:82:
dc:c2:e5:ae:75:f9:89:d0:2a:df:64:7a:ba:45:5d:
a3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:21:C4:D5:1A:AD:7E:9A:B4:11:A6:06:F2:21:85:31:21:1D:DC:CB
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/fSHE1Rqtfpq0EaYG8iGFMSEd3Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.123.0/24
91.147.126.0/23
212.116.236.0/22
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e9:dc:54:7f:0c:41:b3:38:8f:e6:af:80:fe:14:8c:07:cd:
15:80:1a:66:6b:04:7d:7c:72:a7:87:34:86:80:c6:42:43:0c:
a3:f2:a3:43:bf:aa:cb:df:ca:c6:39:f9:68:91:f8:e9:6d:3d:
b3:66:43:b9:d0:7a:bf:36:be:52:9f:9c:0e:fe:8a:b0:9b:5b:
ce:4e:8e:fd:f5:b1:0a:8d:33:c7:f6:9b:9f:35:4c:d8:d2:98:
ac:5d:fc:cf:53:10:e6:d2:da:87:71:39:3c:8d:30:83:57:f7:
e3:49:a1:fb:df:18:3c:a7:66:a7:63:af:fe:23:9f:31:96:8e:
d8:fe:f8:a4:6d:11:55:48:b9:fd:71:37:51:a4:41:6e:59:12:
c2:37:42:92:19:67:dc:fa:08:d1:c3:cf:d2:17:36:69:a3:21:
34:14:55:0e:00:e6:7d:34:7f:32:c8:34:c3:28:06:06:1b:02:
76:21:f7:aa:b2:0e:7f:79:76:ed:a9:6e:f5:d3:95:bc:2c:a8:
d3:d1:66:15:9f:26:27:e4:6f:4e:db:3b:22:8a:1a:03:17:e4:
81:fd:b2:fe:3a:5b:49:6c:cd:d4:99:22:1c:f1:6e:fc:53:55:
f9:1a:06:2d:a8:a7:7e:8c:53:83:e3:7c:29:2d:82:13:e7:e6:
91:50:1d:65
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZOORuDq+sNqiMoSAiLq09WMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQxMjAzMjA0NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDIxYzRkNTFhYWQ3ZTlhYjQxMWE2MDZmMjIxODUzMTIxMWRkY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyrIm3qwPI+dCu2ukr4Ep+XAP8NN
q1y+IW3ThKbWuGWz6CyI9JpRkom/hpWbGwUdA9P6tmjDeCTPq+lZVm8umYh+inrA
E8rYJmi+OxDRfo49vi/Nn66AcFGHEDmlzACYTKVB0LJKnRiMzBuStp8o7Y9ptGeK
UVuWOWKge4GXI9DLFY/innwe3OkTkDyv1EQ4+npFVIBr/Qh880y0MHet4Z0ewr4P
MAHI50M0QxZ16/VkleZgAXPC0JThQJcc+IyHNIy0mdsI9hCNrH+3OREUMGYldzHr
mqWVOX0YkOy9l9SkwuRHJbom3l3wC50j1oLcwuWudfmJ0CrfZHq6RV2jZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH0hxNUarX6atBGmBvIhhTEhHdzLMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvZlNIRTFScXRmcHEwRWFZRzhpR0ZNU0VkM01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW5N3AwQA
W5N7AwQBW5N+AwQC1HTsAwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQAc
6dxUfwxBsziP5q+A/hSMB80VgBpmawR9fHKnhzSGgMZCQwyj8qNDv6rL38rGOflo
kfjpbT2zZkO50Hq/Nr5Sn5wO/oqwm1vOTo799bEKjTPH9pufNUzY0pisXfzPUxDm
0tqHcTk8jTCDV/fjSaH73xg8p2anY6/+I58xlo7Y/vikbRFVSLn9cTdRpEFuWRLC
N0KSGWfc+gjRw8/SFzZpoyE0FFUOAOZ9NH8yyDTDKAYGGwJ2Ifeqsg5/eXbtqW71
05W8LKjT0WYVnyYn5G9O2zsiihoDF+SB/bL+OltJbM3UmSIc8W78U1X5GgYtqKd+
jFOD43wpLYIT5+aRUB1l
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:51 2025 by rpki-client