Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/0WtPUXDHNEitfM5nKBfDzJrC00Y.roa
File: 0WtPUXDHNEitfM5nKBfDzJrC00Y.roa (raw, json)
Hash identifier: rKIhbjcKwCN+5PYES1elzmirVUXJSL1V24OQZcvRE/w=
Subject key identifier: D1:6B:4F:51:70:C7:34:48:AD:7C:CE:67:28:17:C3:CC:9A:C2:D3:46
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 019291A12C1919B13411645CFB914C8F8583
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/0WtPUXDHNEitfM5nKBfDzJrC00Y.roa
Signing time: Tue 15 Oct 2024 19:21:51 +0000
ROA not before: Tue 15 Oct 2024 19:21:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208537
IP address blocks: 91.230.237.0/24 maxlen: 24
94.101.104.0/24 maxlen: 24
192.83.120.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
213.159.24.0/23 maxlen: 23
2a11:800::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:a1:2c:19:19:b1:34:11:64:5c:fb:91:4c:8f:85:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Oct 15 19:21:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d16b4f5170c73448ad7cce672817c3cc9ac2d346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c7:91:6a:73:a1:8e:b9:ca:24:a9:6d:0b:fd:
0b:a5:a4:95:30:ff:74:39:1a:d1:c2:47:05:16:8b:
ac:e1:68:e6:3f:43:bf:35:de:e1:01:80:cb:0e:59:
46:55:43:50:18:cc:65:54:3e:ff:e8:2a:0b:93:4a:
7d:bb:07:11:33:d9:ad:18:a5:59:ea:f1:9b:17:c5:
cb:b8:a0:56:6d:56:33:2e:98:5b:8b:a4:29:32:43:
23:7c:9c:83:01:1a:24:13:57:16:a7:54:32:03:71:
32:50:a8:e5:b4:21:38:89:b8:7b:e2:b1:8c:e9:9c:
3c:04:68:7f:7b:a4:88:24:03:df:b8:09:10:ea:c2:
be:d6:b9:fd:66:a1:d3:50:d6:f4:8c:b3:85:d1:e1:
b2:6c:e8:5a:91:8b:49:12:67:46:53:24:8f:56:ef:
09:8d:1f:49:d7:19:09:15:19:c2:35:e8:1c:52:09:
64:a7:35:be:fd:ae:3f:f6:5d:1c:61:71:e3:d9:ea:
99:14:36:33:bb:43:dd:02:78:90:c7:28:58:2e:fa:
3d:42:18:c9:e3:7e:aa:88:bd:91:68:1e:ea:11:96:
32:24:4e:f1:e9:67:de:16:8b:29:5a:e9:6a:93:b8:
69:3e:ff:8b:9e:d8:1f:19:40:c9:71:1e:bb:7c:7e:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6B:4F:51:70:C7:34:48:AD:7C:CE:67:28:17:C3:CC:9A:C2:D3:46
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/0WtPUXDHNEitfM5nKBfDzJrC00Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.237.0/24
94.101.104.0/24
192.83.120.0/24
194.102.239.0/24
213.159.24.0/23
IPv6:
2a11:800::/29
Signature Algorithm: sha256WithRSAEncryption
64:06:37:ec:af:c2:f4:0a:94:2d:d6:36:9d:a7:c2:0a:30:88:
84:f5:c1:73:c3:bb:8e:cc:39:69:c2:cd:05:06:bd:79:6e:e5:
a3:b3:ce:8f:da:2f:de:39:71:ed:7e:02:77:fb:90:e1:fe:e3:
1b:c4:35:28:ef:8e:0a:5d:26:1a:85:92:17:93:09:66:10:d9:
df:1d:78:ee:37:4a:7e:71:89:a4:c9:bb:c2:c1:8d:83:15:6e:
b0:16:da:c4:a9:43:d3:15:58:0d:78:d0:97:7b:82:34:12:81:
b8:57:2b:51:81:fb:7d:48:c0:73:f9:77:4a:cc:e3:51:30:37:
1d:23:df:57:c9:62:b7:e8:95:52:b7:05:b9:08:6c:e9:4d:ff:
61:a6:24:46:3b:45:bf:4e:2d:e2:b8:d9:9e:19:34:1a:7a:0a:
1e:df:2d:5b:ec:23:09:ea:fc:11:a4:d4:79:33:7f:0a:5f:39:
c6:78:2f:7a:db:2d:1e:5a:1d:24:ad:7e:59:e4:0c:50:63:0d:
fb:62:76:10:60:3b:5a:42:e3:cb:ab:24:78:e5:ef:ae:ed:21:
01:ae:df:62:5a:0c:ff:30:36:66:6b:89:1b:b0:43:ac:2b:c9:
16:72:24:2e:aa:23:de:07:8c:4c:17:a3:5e:30:38:52:7a:83:
d9:01:ec:f5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZKRoSwZGbE0EWRc+5FMj4WDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjQxMDE1MTkyMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZiNGY1MTcwYzczNDQ4YWQ3Y2NlNjcyODE3YzNjYzlhYzJkMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwceRanOhjrnKJKltC/0LpaSVMP90
ORrRwkcFFous4WjmP0O/Nd7hAYDLDllGVUNQGMxlVD7/6CoLk0p9uwcRM9mtGKVZ
6vGbF8XLuKBWbVYzLphbi6QpMkMjfJyDARokE1cWp1QyA3EyUKjltCE4ibh74rGM
6Zw8BGh/e6SIJAPfuAkQ6sK+1rn9ZqHTUNb0jLOF0eGybOhakYtJEmdGUySPVu8J
jR9J1xkJFRnCNegcUglkpzW+/a4/9l0cYXHj2eqZFDYzu0PdAniQxyhYLvo9QhjJ
436qiL2RaB7qEZYyJE7x6WfeFospWulqk7hpPv+LntgfGUDJcR67fH55vQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNFrT1FwxzRIrXzOZygXw8yawtNGMB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvMFd0UFVYREhORWl0Zk01bktCZkR6SnJDMDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW+btAwQA
XmVoAwQAwFN4AwQAwmbvAwQB1Z8YMA0EAgACMAcDBQMqEQgAMA0GCSqGSIb3DQEB
CwUAA4IBAQBkBjfsr8L0CpQt1jadp8IKMIiE9cFzw7uOzDlpws0FBr15buWjs86P
2i/eOXHtfgJ3+5Dh/uMbxDUo744KXSYahZIXkwlmENnfHXjuN0p+cYmkybvCwY2D
FW6wFtrEqUPTFVgNeNCXe4I0EoG4VytRgft9SMBz+XdKzONRMDcdI99XyWK36JVS
twW5CGzpTf9hpiRGO0W/Ti3iuNmeGTQaegoe3y1b7CMJ6vwRpNR5M38KXznGeC96
2y0eWh0krX5Z5AxQYw37YnYQYDtaQuPLqyR45e+u7SEBrt9iWgz/MDZma4kbsEOs
K8kWciQuqiPeB4xMF6NeMDhSeoPZAez1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:28 2025 by rpki-client