Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0g4mPTQMCAgqM7P91R4aMSnj4_c.roa
File: 0g4mPTQMCAgqM7P91R4aMSnj4_c.roa (raw, json)
Hash identifier: bjs5+fa1lmd3LPGb0YgtqjmB53IYN3eQFXNxWAV4IZA=
Subject key identifier: D2:0E:26:3D:34:0C:08:08:2A:33:B3:FD:D5:1E:1A:31:29:E3:E3:F7
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018CC42477817F246A69A70C51F1C4E96CE7
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0g4mPTQMCAgqM7P91R4aMSnj4_c.roa
Signing time: Mon 01 Jan 2024 08:29:33 +0000
ROA not before: Mon 01 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.50.0/24 maxlen: 24
91.241.49.0/24 maxlen: 24
194.5.236.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc0::/29 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 27 Jan 2024 14:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:77:81:7f:24:6a:69:a7:0c:51:f1:c4:e9:6c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jan 1 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d20e263d340c08082a33b3fdd51e1a3129e3e3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:01:13:c4:28:29:2b:48:42:03:08:8e:e4:9b:
24:1c:fa:7d:d3:47:8b:b4:d6:f6:da:f5:6c:01:6f:
c5:5e:bb:b8:6f:d7:e4:a9:d2:86:12:f7:e0:2b:94:
05:79:7b:7e:c4:a7:a0:ea:67:43:19:29:ae:d2:3a:
3e:b5:5e:e9:9e:53:17:e5:35:5a:67:be:d7:b9:a7:
6d:42:d2:61:18:3d:60:c2:4a:87:bf:6a:8e:06:48:
36:ec:c1:d4:18:3d:69:96:02:d1:b9:a6:cd:95:6c:
fc:b0:b4:ec:4e:68:25:d7:c6:67:e6:20:30:33:ed:
2b:b5:9d:62:0f:a6:97:47:6b:f7:0d:fc:6b:2b:86:
99:4b:60:06:bc:0f:93:de:dc:9d:e3:2e:44:3e:a3:
5a:f2:ca:82:0b:fa:01:e2:f1:71:9a:94:6e:8e:f9:
58:9a:64:55:5b:67:97:2f:b6:72:89:f7:5a:58:83:
58:ee:70:ea:fa:b2:cf:0b:0a:f4:c3:95:fb:1b:b8:
6e:67:d0:07:8d:6d:21:05:55:f6:2a:1a:49:e9:c2:
f1:4e:0a:4c:4a:90:ac:a9:80:62:7e:02:b7:03:43:
11:bc:b5:7b:c5:6f:f5:87:b6:47:66:b8:68:1f:40:
10:dc:f3:89:ff:69:6d:9b:74:1d:d1:8c:38:dc:1a:
00:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0E:26:3D:34:0C:08:08:2A:33:B3:FD:D5:1E:1A:31:29:E3:E3:F7
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/0g4mPTQMCAgqM7P91R4aMSnj4_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.49.0-91.241.50.255
194.5.236.0/23
IPv6:
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
60:38:84:c5:bd:59:b1:35:68:41:8a:b5:a2:54:8d:08:06:ab:
ed:8d:4a:19:7e:7b:da:95:08:14:5f:03:2f:ab:fd:5b:d6:b5:
8b:86:29:71:48:7e:8e:91:c8:61:ce:39:b6:57:1a:41:98:81:
9a:ba:28:e3:b5:e4:12:47:e3:6f:56:67:a2:fa:7c:82:04:85:
86:99:9e:01:aa:6c:ba:7d:f7:e3:f0:93:82:2c:33:18:fc:5d:
cf:eb:71:e4:a8:83:06:99:43:6f:7c:4f:40:9b:0d:bb:3f:f0:
77:39:2d:fb:ca:51:7b:65:34:9d:99:4c:fa:06:a7:20:82:94:
c7:ec:bf:aa:e0:00:9f:b4:6e:88:2f:26:7b:56:bf:f8:fe:4e:
7e:63:01:5d:8b:40:d4:28:1d:c8:6c:32:99:d6:19:1e:18:45:
1c:5c:86:40:6b:17:f8:45:14:cf:01:a5:38:e1:ee:80:fe:0c:
aa:e1:24:cf:27:60:cc:20:98:57:a1:ad:a0:5e:f3:56:0d:ba:
c8:1b:28:80:8f:76:6d:0a:13:f1:aa:f9:59:89:6b:76:1d:ca:
f5:23:b7:1f:38:19:09:61:be:28:ec:d3:e3:6f:32:dd:bc:ab:
0a:51:e7:2d:51:18:7c:76:7f:fb:04:a2:2b:6b:99:e9:ac:c5:
54:81:aa:2a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJHeBfyRqaacMUfHE6WznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjQwMTAxMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBlMjYzZDM0MGMwODA4MmEzM2IzZmRkNTFlMWEzMTI5ZTNlM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAETxCgpK0hCAwiO5JskHPp900eL
tNb22vVsAW/FXru4b9fkqdKGEvfgK5QFeXt+xKeg6mdDGSmu0jo+tV7pnlMX5TVa
Z77XuadtQtJhGD1gwkqHv2qOBkg27MHUGD1plgLRuabNlWz8sLTsTmgl18Zn5iAw
M+0rtZ1iD6aXR2v3DfxrK4aZS2AGvA+T3tyd4y5EPqNa8sqCC/oB4vFxmpRujvlY
mmRVW2eXL7ZyifdaWINY7nDq+rLPCwr0w5X7G7huZ9AHjW0hBVX2KhpJ6cLxTgpM
SpCsqYBifgK3A0MRvLV7xW/1h7ZHZrhoH0AQ3POJ/2ltm3Qd0Yw43BoApQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNIOJj00DAgIKjOz/dUeGjEp4+P3MB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvMGc0bVBUUU1DQWdxTTdQOTFSNGFNU25qNF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABb8TED
BABb8TIDBAHCBewwDQQCAAIwBwMFAyoMjcAwDQYJKoZIhvcNAQELBQADggEBAGA4
hMW9WbE1aEGKtaJUjQgGq+2NShl+e9qVCBRfAy+r/VvWtYuGKXFIfo6RyGHOObZX
GkGYgZq6KOO15BJH429WZ6L6fIIEhYaZngGqbLp99+Pwk4IsMxj8Xc/rceSogwaZ
Q298T0CbDbs/8Hc5LfvKUXtlNJ2ZTPoGpyCClMfsv6rgAJ+0bogvJntWv/j+Tn5j
AV2LQNQoHchsMpnWGR4YRRxchkBrF/hFFM8BpTjh7oD+DKrhJM8nYMwgmFehraBe
81YNusgbKICPdm0KE/Gq+VmJa3YdyvUjtx84GQlhvijs0+NvMt28qwpR5y1RGHx2
f/sEoitrmemsxVSBqio=
-----END CERTIFICATE-----
Generated at Wed Apr 16 01:15:05 2025 by rpki-client