Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/826oUwTT7q600JmvV1lpIz9XbFk.roa
File: 826oUwTT7q600JmvV1lpIz9XbFk.roa (raw, json)
Hash identifier: G1N/HZ4L5FqJ19UrvB7+Ek6QGeYUrVchzobeGkSoYlA=
Subject key identifier: F3:6E:A8:53:04:D3:EE:AE:B4:D0:99:AF:57:59:69:23:3F:57:6C:59
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 01930B6C17ADB8F84B38ED4AA4E2DB43C99B
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/826oUwTT7q600JmvV1lpIz9XbFk.roa
Signing time: Fri 08 Nov 2024 10:57:33 +0000
ROA not before: Fri 08 Nov 2024 10:57:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.161.132.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:6c:17:ad:b8:f8:4b:38:ed:4a:a4:e2:db:43:c9:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Nov 8 10:57:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f36ea85304d3eeaeb4d099af575969233f576c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:41:6d:a4:c3:0a:a2:9d:ea:b0:16:1e:50:ab:
99:30:11:0f:d7:82:3d:78:b0:a6:91:e9:ce:44:3e:
08:35:98:cc:00:42:9c:0b:69:99:d4:d7:fc:3e:1b:
c0:ab:4a:74:a0:02:1f:1b:67:ff:1b:fc:32:db:8b:
5c:53:19:d4:3f:87:bd:69:29:9f:20:b4:0e:67:3f:
eb:a9:ba:60:f6:76:49:13:e3:38:72:9c:c8:2c:63:
b4:6f:92:7d:49:2b:d1:f5:98:9f:6d:82:c7:74:44:
b7:c6:81:f1:c1:48:62:46:a8:c3:ec:08:49:cc:15:
46:a5:e7:8b:2d:25:b8:0c:6c:65:ad:a8:48:c7:9a:
1a:ac:f2:22:69:4d:14:f3:bc:6d:29:47:db:a0:e5:
17:b6:b3:ef:b3:fc:7c:4a:58:22:9b:92:13:e3:a6:
88:6a:31:73:82:3c:fa:35:c8:15:9e:48:8c:97:a5:
54:70:dc:8d:7b:e5:af:11:be:b8:36:09:f3:2e:9d:
55:d5:3c:42:30:15:92:63:de:9b:02:d5:75:1e:b5:
68:5d:3b:cb:f0:f8:cf:9c:9a:3f:db:45:f0:40:2f:
84:aa:51:d2:7f:77:51:07:ac:12:e5:e7:5b:5d:97:
72:64:d7:2f:71:99:91:30:65:1d:e7:79:59:69:d0:
6b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6E:A8:53:04:D3:EE:AE:B4:D0:99:AF:57:59:69:23:3F:57:6C:59
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/826oUwTT7q600JmvV1lpIz9XbFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
185.66.205.0-185.66.206.255
185.149.208.0/24
185.149.210.0/23
185.161.132.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
27:fd:52:bf:95:8a:4d:f4:d9:92:00:fb:37:c5:b7:bb:63:4b:
07:3d:37:e0:b5:12:56:38:43:c0:72:c9:7d:35:9b:fe:97:e3:
c3:49:ef:a3:98:20:08:98:60:b7:fc:c3:67:56:f0:4e:21:5f:
cc:fc:0f:ed:a6:0c:69:cb:64:5a:cf:2a:1d:b5:8b:a0:8f:2a:
0f:0f:5d:b9:8e:1c:e7:51:34:91:d4:21:f3:13:7d:f7:8e:8c:
af:39:02:7d:cb:9b:e8:27:90:a7:dc:1e:93:82:f0:d1:e1:81:
7a:da:8d:86:3f:e7:31:35:46:03:e7:cb:88:34:45:15:e8:1c:
7e:19:b0:0c:1c:2b:cd:ce:37:94:9f:a6:63:f6:1a:45:34:71:
62:5d:78:8f:94:df:d1:bf:be:47:28:5d:72:92:b6:ea:9c:11:
07:ae:57:81:c2:13:d0:9c:de:b5:f9:ff:48:f6:89:b5:61:7a:
38:0d:dd:04:7e:d6:f2:b3:2d:b6:6e:27:d8:d7:bc:01:82:01:
fe:bc:f5:7e:95:44:f4:f8:d9:1d:ba:8b:73:87:7f:a8:cc:9d:
be:20:0d:9e:67:39:e2:52:f0:d8:91:8b:6b:44:a7:44:e3:8e:
a0:cc:d6:81:d4:0b:75:29:56:b0:a0:b8:8f:6c:a7:5b:2e:10:
26:67:83:95
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZMLbBetuPhLOO1KpOLbQ8mbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjQxMTA4MTA1NzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzZlYTg1MzA0ZDNlZWFlYjRkMDk5YWY1NzU5NjkyMzNmNTc2YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukFtpMMKop3qsBYeUKuZMBEP14I9
eLCmkenORD4INZjMAEKcC2mZ1Nf8PhvAq0p0oAIfG2f/G/wy24tcUxnUP4e9aSmf
ILQOZz/rqbpg9nZJE+M4cpzILGO0b5J9SSvR9ZifbYLHdES3xoHxwUhiRqjD7AhJ
zBVGpeeLLSW4DGxlrahIx5oarPIiaU0U87xtKUfboOUXtrPvs/x8Slgim5IT46aI
ajFzgjz6NcgVnkiMl6VUcNyNe+WvEb64NgnzLp1V1TxCMBWSY96bAtV1HrVoXTvL
8PjPnJo/20XwQC+EqlHSf3dRB6wS5edbXZdyZNcvcZmRMGUd53lZadBrtQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPNuqFME0+6utNCZr1dZaSM/V2xZMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvODI2b1V3VFQ3cTYwMEptdlYxbHBJejlYYkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAyBAIAATAsAwQCW+s4MAwD
BAC5Qs0DBAC5Qs4DBAC5ldADBAG5ldIDBAK5oYQDBALCAHQwGwQCAAIwFQMFAyoE
GEADBQMqC4ZAAwUDKg/NQDANBgkqhkiG9w0BAQsFAAOCAQEAJ/1Sv5WKTfTZkgD7
N8W3u2NLBz034LUSVjhDwHLJfTWb/pfjw0nvo5ggCJhgt/zDZ1bwTiFfzPwP7aYM
actkWs8qHbWLoI8qDw9duY4c51E0kdQh8xN9946MrzkCfcub6CeQp9wek4Lw0eGB
etqNhj/nMTVGA+fLiDRFFegcfhmwDBwrzc43lJ+mY/YaRTRxYl14j5Tf0b++Ryhd
cpK26pwRB65XgcIT0Jzetfn/SPaJtWF6OA3dBH7W8rMttm4n2Ne8AYIB/rz1fpVE
9PjZHbqLc4d/qMydviANnmc54lLw2JGLa0SnROOOoMzWgdQLdSlWsKC4j2ynWy4Q
JmeDlQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:49 2025 by rpki-client