Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/LeFGIe7WPWn2gnTADeRhUTtxQW8.roa
File: LeFGIe7WPWn2gnTADeRhUTtxQW8.roa (raw, json)
Hash identifier: ALM+ChBuaBW0WSUbHMAT+QaSfhcgpzQPdEQ0BqtStPg=
Subject key identifier: 2D:E1:46:21:EE:D6:3D:69:F6:82:74:C0:0D:E4:61:51:3B:71:41:6F
Certificate issuer: /CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Certificate serial: 01906E05C791B8B9226E3AC7044A42918FE7
Authority key identifier: B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/LeFGIe7WPWn2gnTADeRhUTtxQW8.roa
Signing time: Mon 01 Jul 2024 11:19:50 +0000
ROA not before: Mon 01 Jul 2024 11:19:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208124
IP address blocks: 91.209.161.0/24 maxlen: 24
2a10:b240::/29 maxlen: 29
2a10:c4c0::/29 maxlen: 29
2a12:8840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:05:c7:91:b8:b9:22:6e:3a:c7:04:4a:42:91:8f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Validity
Not Before: Jul 1 11:19:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2de14621eed63d69f68274c00de461513b71416f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:76:4e:d4:94:79:59:07:cb:4c:ba:45:d2:32:
09:fa:a9:d6:19:ea:92:25:f6:e0:99:44:e0:bc:5b:
c7:fe:cb:67:b4:88:82:c7:11:0d:cf:b9:7d:61:1e:
4a:55:dc:49:06:25:1e:8a:b3:32:44:c1:4b:ca:a1:
a3:9a:9c:ba:c0:3a:56:49:78:59:f7:ed:b4:a0:8d:
f3:40:08:33:ed:7c:c0:18:0c:f1:9e:c5:f5:ed:5d:
c8:87:70:2e:a4:02:d8:09:b4:42:0b:a0:77:dc:11:
32:10:1f:59:a0:6e:73:2c:4e:a0:de:70:3d:33:5c:
d2:e3:6c:4e:d2:3c:69:e0:98:85:6e:4d:3d:f3:09:
47:3c:a9:55:38:79:fd:ec:0b:3f:a9:35:ee:01:a9:
40:0d:b5:ef:1b:56:80:9d:ca:13:a1:39:db:c0:2b:
2a:cb:d0:39:1f:e3:00:4a:54:ae:39:28:3f:ec:da:
d4:9f:84:13:ce:6b:9d:b4:4a:6b:c9:16:43:cb:eb:
2a:79:bd:ee:cc:8e:4f:75:f6:1d:73:5b:dc:1c:63:
0e:37:15:5d:6f:42:d0:ec:39:fa:d6:0b:8a:dc:b0:
8f:59:cd:aa:76:43:b5:79:c0:66:13:ea:00:1f:7a:
1a:e0:ba:0d:4d:25:53:15:be:f1:d5:e0:74:cf:a9:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E1:46:21:EE:D6:3D:69:F6:82:74:C0:0D:E4:61:51:3B:71:41:6F
X509v3 Authority Key Identifier:
keyid:B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/LeFGIe7WPWn2gnTADeRhUTtxQW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.161.0/24
IPv6:
2a10:b240::/29
2a10:c4c0::/29
2a12:8840::/29
Signature Algorithm: sha256WithRSAEncryption
58:0b:97:12:e7:f1:3e:fa:2a:1d:e6:bd:cf:47:97:2e:df:f7:
b3:b5:4e:11:0b:48:26:52:b5:cd:1c:bd:82:42:8c:59:62:61:
33:22:95:f8:c5:64:1b:06:d2:fc:8a:24:f9:61:6d:5a:ed:70:
da:25:2f:88:71:4d:58:7e:d7:67:85:c9:35:67:f8:94:df:6d:
26:26:81:a9:1c:49:71:49:9f:6e:3e:97:89:43:8b:36:f2:ed:
32:3d:a2:ba:47:c5:13:ad:54:6b:57:ba:5b:22:f8:12:cf:3a:
27:2f:02:04:8c:44:b0:f6:8c:70:d6:0d:9d:fc:30:8d:f0:bb:
02:cf:ff:fa:31:f1:fd:95:57:d5:c4:c9:e9:3b:e4:c4:26:77:
c6:6d:dd:b6:a8:34:ab:6a:af:b4:20:82:69:a3:4c:0b:74:3e:
5b:b8:5e:8c:92:72:2e:d8:35:c9:86:be:46:09:19:16:b5:a9:
63:10:e3:1e:9b:aa:29:4f:53:64:0a:01:a4:e1:9a:e6:53:e4:
cc:f0:dc:d3:c6:8a:d1:d7:3a:a8:cd:2c:f1:e9:7c:32:4b:e9:
87:3f:c0:91:1f:37:bb:85:8b:20:15:d3:00:0b:fe:19:88:44:
f6:9c:36:a0:53:30:9f:da:3b:16:d2:27:5a:c6:3a:dc:b9:d1:
bd:37:49:03
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZBuBceRuLkibjrHBEpCkY/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZGFmYTdlYTU1MzE3ODEzM2U3ZTg0ZmVlYjhhYzNhOWRi
Y2Y5Y2EwHhcNMjQwNzAxMTExOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGUxNDYyMWVlZDYzZDY5ZjY4Mjc0YzAwZGU0NjE1MTNiNzE0MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HZO1JR5WQfLTLpF0jIJ+qnWGeqS
JfbgmUTgvFvH/stntIiCxxENz7l9YR5KVdxJBiUeirMyRMFLyqGjmpy6wDpWSXhZ
9+20oI3zQAgz7XzAGAzxnsX17V3Ih3AupALYCbRCC6B33BEyEB9ZoG5zLE6g3nA9
M1zS42xO0jxp4JiFbk098wlHPKlVOHn97As/qTXuAalADbXvG1aAncoToTnbwCsq
y9A5H+MASlSuOSg/7NrUn4QTzmudtEpryRZDy+sqeb3uzI5PdfYdc1vcHGMONxVd
b0LQ7Dn61guK3LCPWc2qdkO1ecBmE+oAH3oa4LoNTSVTFb7x1eB0z6mH+QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFC3hRiHu1j1p9oJ0wA3kYVE7cUFvMB8GA1UdIwQY
MBaAFLja+n6lUxeBM+foT+64rDqdvPnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUt
NmI4OWZhNDY3NTdjLzEvTGVGR0llN1dQV24yZ25UQURlUmhVVHR4UVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUtNmI4OWZhNDY3NTdj
LzEvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAW9GhMBsE
AgACMBUDBQMqELJAAwUDKhDEwAMFAyoSiEAwDQYJKoZIhvcNAQELBQADggEBAFgL
lxLn8T76Kh3mvc9Hly7f97O1ThELSCZStc0cvYJCjFliYTMilfjFZBsG0vyKJPlh
bVrtcNolL4hxTVh+12eFyTVn+JTfbSYmgakcSXFJn24+l4lDizby7TI9orpHxROt
VGtXulsi+BLPOicvAgSMRLD2jHDWDZ38MI3wuwLP//ox8f2VV9XEyek75MQmd8Zt
3baoNKtqr7QggmmjTAt0Plu4XoySci7YNcmGvkYJGRa1qWMQ4x6bqilPU2QKAaTh
muZT5Mzw3NPGitHXOqjNLPHpfDJL6Yc/wJEfN7uFiyAV0wAL/hmIRPacNqBTMJ/a
OxbSJ1rGOty50b03SQM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:51:36 2025 by rpki-client