Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/IQH0yD5obC0d69ImWCEcoX_tKU8.roa
File: IQH0yD5obC0d69ImWCEcoX_tKU8.roa (raw, json)
Hash identifier: PImbsFJZrpxIf4gmuJJtJVycOSHio0+vXvj/bzFoEY0=
Subject key identifier: 21:01:F4:C8:3E:68:6C:2D:1D:EB:D2:26:58:21:1C:A1:7F:ED:29:4F
Certificate issuer: /CN=282eadb8d8c29f2e70355043e26786229734f0b2
Certificate serial: 018CC7932D21CC8F1B1BE6EB1B2D1F8F550A
Authority key identifier: 28:2E:AD:B8:D8:C2:9F:2E:70:35:50:43:E2:67:86:22:97:34:F0:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KC6tuNjCny5wNVBD4meGIpc08LI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/IQH0yD5obC0d69ImWCEcoX_tKU8.roa
Signing time: Tue 02 Jan 2024 00:29:20 +0000
ROA not before: Tue 02 Jan 2024 00:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48344
IP address blocks: 91.207.17.0/24 maxlen: 24
91.207.16.0/23 maxlen: 24
91.207.16.0/24 maxlen: 24
195.210.27.0/24 maxlen: 24
195.210.26.0/23 maxlen: 23
195.210.26.0/24 maxlen: 24
91.228.170.0/23 maxlen: 24
91.228.171.0/24 maxlen: 24
2001:67c:140::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2d:21:cc:8f:1b:1b:e6:eb:1b:2d:1f:8f:55:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282eadb8d8c29f2e70355043e26786229734f0b2
Validity
Not Before: Jan 2 00:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2101f4c83e686c2d1debd22658211ca17fed294f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:1a:3f:98:11:fd:bb:6b:23:66:fb:a1:31:
d7:b7:b1:ce:39:12:8c:e6:e1:98:f7:80:cd:9e:95:
e9:c0:41:f2:ac:8c:41:78:5d:0b:a8:c7:76:20:9d:
20:e2:ae:d3:48:29:da:46:fd:e2:9f:a1:79:a3:36:
96:a5:ac:8b:b7:3b:ca:a4:33:4c:23:b8:7d:4f:9d:
58:56:cf:7b:fd:52:6b:23:d1:be:af:91:54:d9:86:
bc:3c:d9:87:26:32:0a:9d:ca:ac:6d:8a:f3:89:00:
61:0a:22:c2:96:17:17:93:e0:1a:92:43:72:0b:de:
20:76:e9:b0:19:69:20:b2:36:57:74:c9:db:dd:9b:
34:1e:4d:2e:e2:13:22:5d:dc:9f:65:67:ec:41:fa:
a8:dc:54:77:46:fe:52:e5:61:33:5c:ec:09:28:01:
29:7f:93:29:3c:3a:54:50:a6:42:51:39:5d:1f:9f:
9c:7d:03:3a:b9:e1:9c:60:72:65:6e:05:ac:ce:fb:
46:25:54:4f:43:fb:50:93:74:06:53:d4:0f:8d:a8:
34:34:1c:93:d2:94:3a:09:ff:97:3a:18:5d:d8:4e:
21:f0:a5:89:ab:0d:b5:31:71:38:dc:7c:87:6c:13:
37:7c:ce:a5:ac:10:2a:59:8f:c0:b5:d5:ee:3b:e6:
0f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:01:F4:C8:3E:68:6C:2D:1D:EB:D2:26:58:21:1C:A1:7F:ED:29:4F
X509v3 Authority Key Identifier:
keyid:28:2E:AD:B8:D8:C2:9F:2E:70:35:50:43:E2:67:86:22:97:34:F0:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KC6tuNjCny5wNVBD4meGIpc08LI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/IQH0yD5obC0d69ImWCEcoX_tKU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0faf70-4c38-406f-8ccd-b67f40b4ec14/1/KC6tuNjCny5wNVBD4meGIpc08LI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.16.0/23
91.228.170.0/23
195.210.26.0/23
IPv6:
2001:67c:140::/48
Signature Algorithm: sha256WithRSAEncryption
7e:b8:a7:1d:dd:63:bd:8f:5d:36:7b:3e:24:a8:39:a1:2a:45:
ca:f5:97:c2:f1:8d:6d:03:8d:71:e1:db:f3:63:d0:e7:c7:be:
ec:bb:55:9f:c4:6e:88:9c:0c:ef:98:3b:b1:fb:b3:e4:09:91:
5d:01:1e:6a:9c:ff:61:83:23:bc:0e:fa:d0:0f:9c:1b:e4:25:
24:4d:d5:84:44:a6:a0:7b:39:ad:ff:48:36:c2:8d:e0:41:d0:
17:ef:1f:16:97:15:1d:9b:26:d0:c4:75:bd:1b:19:69:0a:7f:
0c:8a:ea:43:19:c2:47:83:8d:b4:17:25:87:4e:e4:88:db:f3:
50:de:a3:5c:9f:c3:cd:21:9c:44:d9:f2:a0:b2:93:7c:ae:c1:
6e:ec:39:46:05:25:4b:5b:9b:fd:4c:19:2a:57:36:9a:5c:39:
09:61:14:e4:09:fe:91:92:e7:18:47:40:dc:57:d5:da:f1:93:
c2:94:b8:94:6e:c5:44:03:de:5b:4a:a6:17:b9:fb:b2:e4:ab:
1c:45:3a:61:28:ee:7f:55:2f:8a:02:20:3b:ef:9c:ea:12:33:
d4:32:6d:be:d3:28:76:3d:50:a3:a0:c4:2a:9f:df:28:52:aa:
c3:7a:3b:eb:fa:e1:ac:35:77:aa:ff:cb:e5:34:cc:f6:06:17:
bd:d5:3e:e7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHky0hzI8bG+brGy0fj1UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmVhZGI4ZDhjMjlmMmU3MDM1NTA0M2UyNjc4NjIyOTcz
NGYwYjIwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAxZjRjODNlNjg2YzJkMWRlYmQyMjY1ODIxMWNhMTdmZWQyOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoIaP5gR/btrI2b7oTHXt7HOORKM
5uGY94DNnpXpwEHyrIxBeF0LqMd2IJ0g4q7TSCnaRv3in6F5ozaWpayLtzvKpDNM
I7h9T51YVs97/VJrI9G+r5FU2Ya8PNmHJjIKncqsbYrziQBhCiLClhcXk+AakkNy
C94gdumwGWkgsjZXdMnb3Zs0Hk0u4hMiXdyfZWfsQfqo3FR3Rv5S5WEzXOwJKAEp
f5MpPDpUUKZCUTldH5+cfQM6ueGcYHJlbgWszvtGJVRPQ/tQk3QGU9QPjag0NByT
0pQ6Cf+XOhhd2E4h8KWJqw21MXE43HyHbBM3fM6lrBAqWY/AtdXuO+YPswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCEB9Mg+aGwtHevSJlghHKF/7SlPMB8GA1UdIwQY
MBaAFCgurbjYwp8ucDVQQ+JnhiKXNPCyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0M2dHVOakNueTV3TlZCRDRtZUdJcGMwOExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wZmFmNzAtNGMzOC00MDZmLThjY2Qt
YjY3ZjQwYjRlYzE0LzEvSVFIMHlENW9iQzBkNjlJbVdDRWNvWF90S1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wZmFmNzAtNGMzOC00MDZmLThjY2QtYjY3ZjQwYjRlYzE0
LzEvS0M2dHVOakNueTV3TlZCRDRtZUdJcGMwOExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW88QAwQB
W+SqAwQBw9IaMA8EAgACMAkDBwAgAQZ8AUAwDQYJKoZIhvcNAQELBQADggEBAH64
px3dY72PXTZ7PiSoOaEqRcr1l8LxjW0DjXHh2/Nj0OfHvuy7VZ/EboicDO+YO7H7
s+QJkV0BHmqc/2GDI7wO+tAPnBvkJSRN1YREpqB7Oa3/SDbCjeBB0BfvHxaXFR2b
JtDEdb0bGWkKfwyK6kMZwkeDjbQXJYdO5Ijb81Deo1yfw80hnETZ8qCyk3yuwW7s
OUYFJUtbm/1MGSpXNppcOQlhFOQJ/pGS5xhHQNxX1drxk8KUuJRuxUQD3ltKphe5
+7LkqxxFOmEo7n9VL4oCIDvvnOoSM9Qybb7TKHY9UKOgxCqf3yhSqsN6O+v64aw1
d6r/y+U0zPYGF73VPuc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:21 2025 by rpki-client