Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/i_gX74rcggz7tSVFokAa7wNxkx4.roa
File: i_gX74rcggz7tSVFokAa7wNxkx4.roa (raw, json)
Hash identifier: 7QJbXGZi2vzStanOrwcSLICUVitRKtmMqhfouE7nid4=
Subject key identifier: 8B:F8:17:EF:8A:DC:82:0C:FB:B5:25:45:A2:40:1A:EF:03:71:93:1E
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 01911D1164B5D6916BDAFCBCEFF45B31F289
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/i_gX74rcggz7tSVFokAa7wNxkx4.roa
Signing time: Sun 04 Aug 2024 11:06:04 +0000
ROA not before: Sun 04 Aug 2024 11:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48851
IP address blocks: 92.61.238.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
94.188.222.0/24 maxlen: 24
94.188.223.0/24 maxlen: 24
94.188.230.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 12:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:11:64:b5:d6:91:6b:da:fc:bc:ef:f4:5b:31:f2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Aug 4 11:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bf817ef8adc820cfbb52545a2401aef0371931e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f3:1b:83:09:46:3f:2b:dc:8a:e7:67:8a:ad:
1d:0d:ff:8b:54:46:9e:1d:8c:9d:53:93:ef:2d:00:
8d:6a:05:68:10:92:a7:f1:f8:e7:3b:bb:11:86:47:
30:a5:1d:84:39:0c:29:72:cb:46:73:e6:0d:68:58:
66:2a:3b:36:3c:ba:ff:7a:ef:4a:df:7d:a6:6f:b7:
34:30:f6:31:1a:ff:2e:87:a8:16:75:67:9e:d3:2c:
77:f0:44:1c:d9:e5:a4:0d:3d:59:e7:e1:a3:0e:af:
54:2b:d4:77:8b:fe:41:65:95:63:da:b8:b5:64:6d:
80:a6:65:5c:e1:e0:43:74:78:15:73:ee:0d:8c:cf:
d1:72:a1:fd:cf:ba:cf:3c:4b:e4:29:19:d6:22:65:
20:5b:8c:a4:4b:35:7e:7c:9a:5c:0c:90:ec:de:cd:
bc:bf:88:01:42:0c:eb:ef:58:82:33:7c:08:88:a5:
07:5c:97:84:6b:13:b1:f4:f6:99:a9:a7:66:ba:2a:
6d:8b:73:c7:14:02:7d:39:43:29:f1:b4:0a:89:fc:
b9:78:00:54:de:7c:5f:44:8e:7e:c1:8b:9d:fc:8b:
1e:cf:93:30:f3:bf:94:62:42:7f:84:d1:e8:55:d6:
5c:1f:8f:ea:14:aa:40:f3:4a:48:8e:7d:e5:12:38:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F8:17:EF:8A:DC:82:0C:FB:B5:25:45:A2:40:1A:EF:03:71:93:1E
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/i_gX74rcggz7tSVFokAa7wNxkx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.238.0/24
94.188.210.0/24
94.188.222.0/23
94.188.230.0/24
94.188.232.0-94.188.237.255
Signature Algorithm: sha256WithRSAEncryption
70:79:17:1d:95:27:bb:3e:d4:8f:fa:02:29:c0:6e:33:63:f2:
de:98:21:85:e4:cc:09:ec:47:44:6d:d1:5b:28:c4:95:66:10:
e4:85:c8:e3:1b:8f:20:62:6f:13:7f:f7:e3:0a:71:ad:e8:e1:
60:94:92:8a:94:c8:61:7b:01:67:ed:7c:8b:35:b1:73:b2:9c:
1f:9d:11:81:e9:e1:3d:38:f6:18:b1:48:ac:d2:db:32:11:03:
83:4d:56:96:af:14:f4:5b:05:48:f2:8a:f7:46:5d:2f:b7:b7:
fe:3f:cb:09:ac:4f:41:97:72:27:c9:9d:98:9d:88:61:82:15:
d7:ef:70:90:9d:28:4c:54:13:a2:c1:64:db:18:f5:2b:84:50:
98:5e:f1:c0:60:06:da:aa:d4:87:61:25:93:e2:e9:dd:a1:74:
ee:44:3d:68:0c:5c:95:43:a2:3e:dc:99:cb:f8:65:33:53:8f:
2f:b8:56:58:5b:39:8c:79:b7:ef:fa:bd:c9:98:90:5d:4d:4b:
ab:7d:38:00:07:da:f5:51:ca:d3:f7:04:c3:cb:45:ac:71:ef:
7c:3c:4c:03:43:88:bb:38:6b:82:56:64:b0:dd:4b:7f:27:43:
57:40:4f:30:2c:2b:10:3e:54:b7:f0:61:a4:4c:0c:be:fc:32:
89:3d:4b:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZEdEWS11pFr2vy87/RbMfKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwODA0MTEwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY4MTdlZjhhZGM4MjBjZmJiNTI1NDVhMjQwMWFlZjAzNzE5MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/MbgwlGPyvciudniq0dDf+LVEae
HYydU5PvLQCNagVoEJKn8fjnO7sRhkcwpR2EOQwpcstGc+YNaFhmKjs2PLr/eu9K
332mb7c0MPYxGv8uh6gWdWee0yx38EQc2eWkDT1Z5+GjDq9UK9R3i/5BZZVj2ri1
ZG2ApmVc4eBDdHgVc+4NjM/RcqH9z7rPPEvkKRnWImUgW4ykSzV+fJpcDJDs3s28
v4gBQgzr71iCM3wIiKUHXJeEaxOx9PaZqadmuipti3PHFAJ9OUMp8bQKify5eABU
3nxfRI5+wYud/Isez5Mw87+UYkJ/hNHoVdZcH4/qFKpA80pIjn3lEjjWKQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIv4F++K3IIM+7UlRaJAGu8DcZMeMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvaV9nWDc0cmNnZ3o3dFNWRm9rQWE3d054a3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXD3uAwQA
XrzSAwQBXrzeAwQAXrzmMAwDBANevOgDBAFevOwwDQYJKoZIhvcNAQELBQADggEB
AHB5Fx2VJ7s+1I/6AinAbjNj8t6YIYXkzAnsR0Rt0VsoxJVmEOSFyOMbjyBibxN/
9+MKca3o4WCUkoqUyGF7AWftfIs1sXOynB+dEYHp4T049hixSKzS2zIRA4NNVpav
FPRbBUjyivdGXS+3t/4/ywmsT0GXcifJnZidiGGCFdfvcJCdKExUE6LBZNsY9SuE
UJhe8cBgBtqq1IdhJZPi6d2hdO5EPWgMXJVDoj7cmcv4ZTNTjy+4VlhbOYx5t+/6
vcmYkF1NS6t9OAAH2vVRytP3BMPLRaxx73w8TANDiLs4a4JWZLDdS38nQ1dATzAs
KxA+VLfwYaRMDL78Mok9S+c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:53 2025 by rpki-client