Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xf1ieMbDTGE0tj-b8ohJCeVNmmg.roa
File: xf1ieMbDTGE0tj-b8ohJCeVNmmg.roa (raw, json)
Hash identifier: lURSRfz+NdAGBhhgmmdaWtMzdPe0vA7H8nu11QsgAr4=
Subject key identifier: C5:FD:62:78:C6:C3:4C:61:34:B6:3F:9B:F2:88:49:09:E5:4D:9A:68
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019421B206F652A0A4FB03F29FB012CB42C7
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xf1ieMbDTGE0tj-b8ohJCeVNmmg.roa
Signing time: Wed 01 Jan 2025 11:48:22 +0000
ROA not before: Wed 01 Jan 2025 11:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 91.147.119.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.236.0/23 maxlen: 23
212.116.238.0/23 maxlen: 23
212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 21:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:06:f6:52:a0:a4:fb:03:f2:9f:b0:12:cb:42:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 11:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5fd6278c6c34c6134b63f9bf2884909e54d9a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d9:5c:44:bd:2f:04:8b:63:af:fd:18:a5:38:
b7:f8:63:11:5d:b5:fc:56:d9:de:76:cd:96:42:6c:
32:33:51:c6:20:a8:59:cc:ce:a8:f1:41:f5:a9:78:
07:25:e9:ea:ff:be:4a:52:1f:b1:ac:61:ef:90:8b:
2c:d1:c2:75:f0:5e:85:5f:1e:f2:36:cc:3b:49:48:
f8:95:bf:c2:61:d9:72:93:a4:1f:56:03:9f:84:09:
f8:71:22:d1:db:5c:5c:11:76:d4:96:41:b2:dc:c2:
e8:21:f3:8d:73:dc:20:8d:b0:72:db:d6:29:18:82:
c9:b1:14:a5:61:33:d3:9a:cb:f8:5b:9a:4c:d9:d7:
f8:61:ea:4d:9a:11:61:3c:5f:31:30:3d:93:66:a7:
0d:02:34:71:b4:37:1e:e0:ee:ec:0e:16:9f:51:b1:
0b:43:ce:9b:32:10:21:e3:88:fd:7c:1d:62:c7:f9:
da:ed:c2:6a:36:62:ca:ae:ae:7c:13:26:f7:b9:27:
fd:2f:3f:ea:8e:df:a2:66:fd:5c:64:1b:56:b4:8a:
50:0f:28:f8:91:90:de:09:b7:b8:7f:ed:8b:1a:df:
3a:f0:fb:76:57:b9:d8:f8:ca:c6:0a:02:6d:cf:ba:
84:5d:38:7f:c7:5c:b9:69:39:27:de:a2:e8:96:7f:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FD:62:78:C6:C3:4C:61:34:B6:3F:9B:F2:88:49:09:E5:4D:9A:68
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/xf1ieMbDTGE0tj-b8ohJCeVNmmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.123.0/24
91.147.126.0/23
212.116.236.0/22
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:48:ba:18:10:2a:3f:16:8a:ba:1c:41:2e:82:8e:1c:d9:60:
25:0b:6d:01:4d:4f:62:60:28:b0:74:3c:fe:f9:6b:44:03:92:
e6:38:b3:20:92:e9:1c:81:69:ed:b7:04:b1:3b:af:a5:b7:c9:
c1:78:70:9d:65:23:33:9c:20:85:dc:34:d5:3a:b9:fe:e4:be:
94:cc:9f:95:62:7e:4c:80:d2:c6:fc:4e:cf:6a:8d:1c:65:f7:
58:b9:d5:70:76:6f:db:7d:10:fd:d3:45:89:77:c9:82:6b:6e:
d2:1e:fc:75:62:1b:19:83:67:cb:54:08:8a:cc:5d:32:36:7a:
58:3e:5f:06:84:13:f6:dc:46:0d:90:b3:3f:33:d4:7a:a5:df:
b3:08:b7:ba:e0:a1:b7:b8:4d:c7:51:e6:2e:f6:56:32:b8:93:
b1:75:1b:26:b2:59:77:65:21:e4:0a:64:cd:fe:ad:49:71:b0:
d2:3c:64:72:87:65:13:ce:e1:2f:38:45:dc:18:a2:95:cc:c3:
bb:ed:de:1a:c7:8d:47:48:db:ef:02:cf:01:d9:34:5f:31:90:
31:06:28:4c:1a:15:87:71:c7:d8:18:f1:d2:3e:d0:87:1a:3d:
30:07:bc:11:52:3b:c6:b9:27:f3:8e:d6:5b:b4:ac:73:de:f3:
1b:d7:f1:64
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhsgb2UqCk+wPyn7ASy0LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMTAxMTE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZkNjI3OGM2YzM0YzYxMzRiNjNmOWJmMjg4NDkwOWU1NGQ5YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9lcRL0vBItjr/0YpTi3+GMRXbX8
Vtneds2WQmwyM1HGIKhZzM6o8UH1qXgHJenq/75KUh+xrGHvkIss0cJ18F6FXx7y
Nsw7SUj4lb/CYdlyk6QfVgOfhAn4cSLR21xcEXbUlkGy3MLoIfONc9wgjbBy29Yp
GILJsRSlYTPTmsv4W5pM2df4YepNmhFhPF8xMD2TZqcNAjRxtDce4O7sDhafUbEL
Q86bMhAh44j9fB1ix/na7cJqNmLKrq58Eyb3uSf9Lz/qjt+iZv1cZBtWtIpQDyj4
kZDeCbe4f+2LGt868Pt2V7nY+MrGCgJtz7qEXTh/x1y5aTkn3qLoln9SvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMX9YnjGw0xhNLY/m/KISQnlTZpoMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEveGYxaWVNYkRUR0UwdGotYjhvaEpDZVZObW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW5N3AwQA
W5N7AwQBW5N+AwQC1HTsAwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQBM
SLoYECo/Foq6HEEugo4c2WAlC20BTU9iYCiwdDz++WtEA5LmOLMgkukcgWnttwSx
O6+lt8nBeHCdZSMznCCF3DTVOrn+5L6UzJ+VYn5MgNLG/E7Pao0cZfdYudVwdm/b
fRD900WJd8mCa27SHvx1YhsZg2fLVAiKzF0yNnpYPl8GhBP23EYNkLM/M9R6pd+z
CLe64KG3uE3HUeYu9lYyuJOxdRsmsll3ZSHkCmTN/q1JcbDSPGRyh2UTzuEvOEXc
GKKVzMO77d4ax41HSNvvAs8B2TRfMZAxBihMGhWHccfYGPHSPtCHGj0wB7wRUjvG
uSfzjtZbtKxz3vMb1/Fk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:25 2025 by rpki-client