Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1Un5Y9B6R1tllkhPGf_74uapJ_E.roa
File: 1Un5Y9B6R1tllkhPGf_74uapJ_E.roa (raw, json)
Hash identifier: jqC1vIyNT6AQo5HxqzcRnAqvbtYhzALDkfjLIYl487s=
Subject key identifier: D5:49:F9:63:D0:7A:47:5B:65:96:48:4F:19:FF:FB:E2:E6:A9:27:F1
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 01926C4A758660A76DC237616427392DF46B
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1Un5Y9B6R1tllkhPGf_74uapJ_E.roa
Signing time: Tue 08 Oct 2024 13:21:11 +0000
ROA not before: Tue 08 Oct 2024 13:21:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211970
IP address blocks: 131.117.230.0/24 maxlen: 24
131.117.231.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
185.21.136.0/24 maxlen: 24
185.21.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:4a:75:86:60:a7:6d:c2:37:61:64:27:39:2d:f4:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Oct 8 13:21:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d549f963d07a475b6596484f19fffbe2e6a927f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ed:89:2b:9a:18:36:f0:69:f6:4c:86:76:ff:
b9:26:84:bd:1c:03:ea:f1:4d:1e:3a:27:4f:d3:60:
57:8d:06:48:46:c3:6a:23:8b:4d:7c:b8:ab:75:05:
c1:fa:ab:f4:ae:f8:31:ee:b6:83:42:04:d0:27:09:
82:8f:0c:f8:a1:b8:58:55:64:b7:20:51:35:0b:da:
b3:9b:7f:4e:02:f5:f1:10:df:76:55:76:9a:9b:d5:
91:be:c4:16:d8:72:cc:30:3d:90:84:4b:73:0c:8b:
b3:79:6b:e0:75:d5:35:e2:4a:88:31:1d:e5:eb:79:
60:df:5c:d8:5c:33:15:0f:96:76:80:66:03:d1:2d:
93:c8:6d:15:6e:c8:0e:c0:da:bd:0c:8c:4b:6a:d9:
43:7b:3e:c6:c0:f0:c0:bd:eb:4d:83:5a:11:87:08:
8d:4b:33:fc:7d:13:88:9b:81:b5:7a:91:e7:06:f1:
b8:dd:de:08:91:9e:d1:55:47:d4:b7:db:c5:11:bf:
e3:e6:81:09:5f:c6:cb:63:d6:5c:ae:d4:8c:8a:6b:
ca:f4:64:d8:98:31:7a:11:2e:c4:eb:7d:35:d7:f3:
2c:f0:88:41:35:7a:a5:10:40:30:81:72:26:ca:76:
3d:c7:e4:16:6e:93:c3:d6:e5:dc:c8:38:4a:81:ad:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:49:F9:63:D0:7A:47:5B:65:96:48:4F:19:FF:FB:E2:E6:A9:27:F1
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1Un5Y9B6R1tllkhPGf_74uapJ_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.230.0/23
131.117.233.0/24
185.21.136.0/24
185.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:5a:96:a0:3a:83:0b:17:8c:bd:9a:90:1f:1b:0f:db:d6:6c:
56:89:6a:37:f4:1f:f4:ff:17:0a:61:34:ed:be:2c:49:f8:a0:
68:eb:8f:1e:10:25:65:b9:e9:2d:43:20:a3:70:7c:a9:df:98:
04:f6:40:f3:ca:6a:54:c1:c3:a8:5a:40:6b:56:07:ff:50:cd:
a6:53:92:00:d9:75:f5:7a:41:e5:03:12:56:a0:82:40:d3:5f:
77:d5:a2:c8:44:26:bd:32:67:30:00:bf:66:72:d1:d9:51:2e:
21:5c:45:f8:bc:fd:7e:aa:7d:52:75:ab:df:ae:b9:17:ec:69:
1c:68:be:35:db:3d:e9:e2:46:0e:73:e3:81:b5:48:6d:72:ff:
00:e3:4c:8c:2e:cb:fd:37:e5:52:d8:71:42:e7:e2:1f:53:de:
32:13:1a:b4:57:f7:05:11:fe:e1:cd:8a:db:a5:24:f6:74:56:
7c:b5:08:08:58:57:e5:18:39:76:94:a7:e9:e2:ac:b3:98:02:
d5:74:c8:0e:bc:61:b8:93:8c:b9:26:7a:ca:97:54:35:fe:a3:
49:4c:9d:25:20:f6:3c:a2:95:55:40:d6:14:23:87:1f:74:6c:
a9:0d:73:bb:b6:4a:ad:b6:f2:eb:4f:c0:ed:13:7b:ae:90:ef:
96:7b:c4:34
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJsSnWGYKdtwjdhZCc5LfRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjQxMDA4MTMyMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ5Zjk2M2QwN2E0NzViNjU5NjQ4NGYxOWZmZmJlMmU2YTkyN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e2JK5oYNvBp9kyGdv+5JoS9HAPq
8U0eOidP02BXjQZIRsNqI4tNfLirdQXB+qv0rvgx7raDQgTQJwmCjwz4obhYVWS3
IFE1C9qzm39OAvXxEN92VXaam9WRvsQW2HLMMD2QhEtzDIuzeWvgddU14kqIMR3l
63lg31zYXDMVD5Z2gGYD0S2TyG0VbsgOwNq9DIxLatlDez7GwPDAvetNg1oRhwiN
SzP8fROIm4G1epHnBvG43d4IkZ7RVUfUt9vFEb/j5oEJX8bLY9ZcrtSMimvK9GTY
mDF6ES7E63011/Ms8IhBNXqlEEAwgXImynY9x+QWbpPD1uXcyDhKga2U+QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNVJ+WPQekdbZZZITxn/++LmqSfxMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xLzFVbjVZOUI2UjF0bGxraFBHZl83NHVhcEpfRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAGDdeYD
BACDdekDBAC5FYgDBAC5FYswDQYJKoZIhvcNAQELBQADggEBANBalqA6gwsXjL2a
kB8bD9vWbFaJajf0H/T/FwphNO2+LEn4oGjrjx4QJWW56S1DIKNwfKnfmAT2QPPK
alTBw6haQGtWB/9QzaZTkgDZdfV6QeUDElaggkDTX3fVoshEJr0yZzAAv2Zy0dlR
LiFcRfi8/X6qfVJ1q9+uuRfsaRxovjXbPeniRg5z44G1SG1y/wDjTIwuy/035VLY
cULn4h9T3jITGrRX9wUR/uHNitulJPZ0Vny1CAhYV+UYOXaUp+nirLOYAtV0yA68
YbiTjLkmesqXVDX+o0lMnSUg9jyilVVA1hQjhx90bKkNc7u2Sq228utPwO0Te66Q
75Z7xDQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:46:55 2025 by rpki-client