Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/fBcfXEjOBGbI5ioH2sW2sEgAjsM.roa
File: fBcfXEjOBGbI5ioH2sW2sEgAjsM.roa (raw, json)
Hash identifier: 3h8mYNIN7y1mNjA7QCdeaKUIkHPpeN+9yoBixyFePs0=
Subject key identifier: 7C:17:1F:5C:48:CE:04:66:C8:E6:2A:07:DA:C5:B6:B0:48:00:8E:C3
Certificate issuer: /CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Certificate serial: 018CC56E1A7CDCFEF4ED2CA37079D594C213
Authority key identifier: 69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/fBcfXEjOBGbI5ioH2sW2sEgAjsM.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196658
IP address blocks: 91.213.102.0/24 maxlen: 24
146.0.88.0/21 maxlen: 21
185.195.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 25 Aug 2024 04:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1a:7c:dc:fe:f4:ed:2c:a3:70:79:d5:94:c2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6951d4551d26a51c0f92b77c2d378fb34758b877
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c171f5c48ce0466c8e62a07dac5b6b048008ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:56:47:b2:50:02:ad:e5:69:cd:c3:02:02:
7c:a8:ce:f3:46:b9:58:f1:c3:40:d4:ac:f1:8e:a2:
71:f0:c6:d3:25:9f:4c:c0:08:cd:0b:58:b1:98:0a:
c1:0d:8d:f3:28:d1:d0:cc:4f:a3:3a:e6:5c:b2:00:
03:98:a8:f3:98:a4:9f:63:f3:34:fe:7f:2f:b6:8c:
97:64:00:0c:61:36:0b:2e:5e:b8:c3:59:f7:ba:ba:
91:2f:f1:77:6a:97:0b:2c:94:0d:89:c1:5e:d3:83:
af:4e:49:51:08:17:5c:1e:c3:ec:99:61:be:cd:3a:
39:15:ef:cd:0e:0a:d5:cb:ab:02:28:6f:e1:2b:aa:
0a:74:32:cc:6b:ce:7f:79:0e:9c:6e:9b:15:35:83:
db:45:9d:97:50:9f:ae:79:ca:3d:ac:e2:94:ca:fa:
d5:91:8a:64:91:cd:19:0e:5a:ea:4a:d2:62:1b:27:
ff:0e:ba:79:51:79:75:f3:c2:98:8e:35:f5:83:e9:
75:99:2f:0c:48:33:5b:30:10:f8:47:24:c9:fa:e0:
d5:01:63:58:2e:44:ec:f4:b6:4e:30:9f:d2:ab:b4:
45:8a:aa:59:e6:55:aa:d1:98:a8:00:c5:60:db:49:
79:28:36:00:86:c3:5d:a3:62:f4:4b:ef:df:48:61:
66:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:17:1F:5C:48:CE:04:66:C8:E6:2A:07:DA:C5:B6:B0:48:00:8E:C3
X509v3 Authority Key Identifier:
keyid:69:51:D4:55:1D:26:A5:1C:0F:92:B7:7C:2D:37:8F:B3:47:58:B8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVHUVR0mpRwPkrd8LTePs0dYuHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/fBcfXEjOBGbI5ioH2sW2sEgAjsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/02610f-6913-4049-97f0-a2eda946ed29/1/aVHUVR0mpRwPkrd8LTePs0dYuHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.102.0/24
146.0.88.0/21
185.195.88.0/22
Signature Algorithm: sha256WithRSAEncryption
95:cc:60:6e:39:bd:51:cd:c0:03:9f:1d:09:95:98:56:fe:0c:
05:dd:91:5a:29:62:94:b9:7e:33:72:ba:66:9d:76:68:64:89:
95:29:66:2f:fa:f2:b0:ba:b1:00:d1:cc:6d:51:f3:01:6e:48:
eb:2c:ae:a6:e3:a0:f2:86:7e:34:98:06:0f:e6:2d:cb:de:9d:
32:03:e1:3c:14:68:d4:db:5a:63:1a:c0:7f:5a:fd:c7:cf:87:
91:63:fa:72:25:2c:d2:99:51:85:91:a2:01:d4:dd:1f:45:59:
e1:d7:4f:97:7a:28:98:14:35:e0:f2:2a:19:9d:7e:7f:a4:d4:
59:01:f5:0e:7a:12:b6:54:4d:02:f9:69:a6:14:2c:b3:2a:fe:
25:0a:e9:32:ad:f4:09:56:76:be:f4:8d:7a:16:fd:2f:71:f8:
f6:ce:76:eb:47:3d:7f:a6:77:14:d1:7c:fa:31:93:aa:c3:c1:
6d:37:91:c2:c0:48:94:2a:72:fe:a2:aa:32:59:63:7f:13:1b:
d0:e5:ec:8b:3d:15:75:b9:68:a1:cb:bf:d3:59:58:b1:e4:cb:
4f:09:dd:57:06:85:07:0b:43:d9:8c:3e:a4:c6:82:b1:e2:6d:
e0:d3:57:90:31:67:89:7b:ee:2b:9c:11:21:0a:c1:ee:7a:82:
15:b8:cd:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbhp83P707SyjcHnVlMITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTFkNDU1MWQyNmE1MWMwZjkyYjc3YzJkMzc4ZmIzNDc1
OGI4NzcwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE3MWY1YzQ4Y2UwNDY2YzhlNjJhMDdkYWM1YjZiMDQ4MDA4ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIVWR7JQAq3lac3DAgJ8qM7zRrlY
8cNA1KzxjqJx8MbTJZ9MwAjNC1ixmArBDY3zKNHQzE+jOuZcsgADmKjzmKSfY/M0
/n8vtoyXZAAMYTYLLl64w1n3urqRL/F3apcLLJQNicFe04OvTklRCBdcHsPsmWG+
zTo5Fe/NDgrVy6sCKG/hK6oKdDLMa85/eQ6cbpsVNYPbRZ2XUJ+ueco9rOKUyvrV
kYpkkc0ZDlrqStJiGyf/Drp5UXl188KYjjX1g+l1mS8MSDNbMBD4RyTJ+uDVAWNY
LkTs9LZOMJ/Sq7RFiqpZ5lWq0ZioAMVg20l5KDYAhsNdo2L0S+/fSGFmtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHwXH1xIzgRmyOYqB9rFtrBIAI7DMB8GA1UdIwQY
MBaAFGlR1FUdJqUcD5K3fC03j7NHWLh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAt
YTJlZGE5NDZlZDI5LzEvZkJjZlhFak9CR2JJNWlvSDJzVzJzRWdBanNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wMjYxMGYtNjkxMy00MDQ5LTk3ZjAtYTJlZGE5NDZlZDI5
LzEvYVZIVVZSMG1wUndQa3JkOExUZVBzMGRZdUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9VmAwQD
kgBYAwQCucNYMA0GCSqGSIb3DQEBCwUAA4IBAQCVzGBuOb1RzcADnx0JlZhW/gwF
3ZFaKWKUuX4zcrpmnXZoZImVKWYv+vKwurEA0cxtUfMBbkjrLK6m46Dyhn40mAYP
5i3L3p0yA+E8FGjU21pjGsB/Wv3Hz4eRY/pyJSzSmVGFkaIB1N0fRVnh10+XeiiY
FDXg8ioZnX5/pNRZAfUOehK2VE0C+WmmFCyzKv4lCukyrfQJVna+9I16Fv0vcfj2
znbrRz1/pncU0Xz6MZOqw8FtN5HCwEiUKnL+oqoyWWN/ExvQ5eyLPRV1uWihy7/T
WVix5MtPCd1XBoUHC0PZjD6kxoKx4m3g01eQMWeJe+4rnBEhCsHueoIVuM25
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:28 2025 by rpki-client