Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/P4rHRpRO5Vr-UEE6ndZk6Z1SI_Y.roa
File: P4rHRpRO5Vr-UEE6ndZk6Z1SI_Y.roa (raw, json)
Hash identifier: fU9T5g3biFJ9n3YYkN9WC38XhvF8yIJNfHbCyrRxSwI=
Subject key identifier: 3F:8A:C7:46:94:4E:E5:5A:FE:50:41:3A:9D:D6:64:E9:9D:52:23:F6
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0190D98743A84DBAD1773D810B7C2568A58F
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/P4rHRpRO5Vr-UEE6ndZk6Z1SI_Y.roa
Signing time: Mon 22 Jul 2024 08:20:38 +0000
ROA not before: Mon 22 Jul 2024 08:20:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49549
IP address blocks: 146.19.128.0/24 maxlen: 24
178.250.191.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
2a0f:cdc4::/32 maxlen: 32
2a0f:cdc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jul 2024 03:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:87:43:a8:4d:ba:d1:77:3d:81:0b:7c:25:68:a5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jul 22 08:20:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f8ac746944ee55afe50413a9dd664e99d5223f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b6:bb:67:74:6b:b3:64:b1:04:20:55:94:aa:
a5:23:7a:0c:33:47:7d:93:5c:37:9e:2b:79:ef:47:
b0:b9:0b:ae:67:8a:85:a5:90:95:0b:54:5e:c3:a6:
9a:b7:e8:a7:91:e3:35:0a:c7:f7:83:ad:59:7b:61:
54:a7:34:8a:32:61:77:02:6a:f8:02:4a:bd:94:6b:
66:5c:7d:b4:05:18:6c:50:18:4c:2a:82:22:67:4e:
80:c0:c6:c5:60:27:8a:a0:62:d3:15:e6:a0:18:a4:
d3:27:5f:ad:4f:4a:72:24:27:3b:55:36:a9:2a:e7:
2b:36:d2:c7:f5:0d:61:cc:3e:b3:cf:3b:b5:fa:3b:
af:ca:52:09:b5:6c:4d:0a:c8:49:7e:3a:ea:04:ed:
75:f5:2c:88:b6:b8:06:1b:06:00:ad:f5:3e:69:d7:
f2:c6:de:4d:12:01:53:f3:b2:dc:77:85:d9:c6:ca:
d3:50:b9:af:96:9c:00:7f:ca:a9:fa:01:05:01:10:
7e:42:37:39:ab:cd:0f:db:7f:a8:12:a2:d2:90:aa:
5d:f6:ee:dd:79:8f:20:2a:7e:06:cb:4a:a5:c7:89:
2f:45:ab:1d:71:34:36:9f:c1:5b:69:19:e7:77:fa:
9c:f9:93:44:5b:68:ef:73:f6:a0:81:ef:2f:29:f1:
48:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8A:C7:46:94:4E:E5:5A:FE:50:41:3A:9D:D6:64:E9:9D:52:23:F6
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/P4rHRpRO5Vr-UEE6ndZk6Z1SI_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
178.250.191.0/24
193.0.227.0/24
193.0.230.0/24
193.163.203.0/24
217.119.129.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/31
Signature Algorithm: sha256WithRSAEncryption
a2:aa:5f:6b:f4:6a:22:f7:37:33:b0:9f:6d:54:17:97:a4:8e:
73:1e:c5:4b:46:0e:03:5e:50:05:71:20:c9:5b:97:b2:03:95:
05:dd:d3:47:a3:a2:63:f8:b1:e8:eb:59:18:15:9d:1b:c3:f4:
50:ec:99:5e:b6:3c:3d:6b:86:bc:46:77:2e:80:b8:52:47:45:
24:9e:da:43:d4:bb:92:3c:c3:b6:77:55:80:6e:5b:d9:43:aa:
df:8b:20:50:ac:53:68:d8:16:93:d7:02:1a:2f:35:f3:28:1f:
97:2a:d0:0b:30:89:e2:d3:23:d5:49:81:1c:ba:d0:2f:1d:29:
b3:00:83:4b:80:92:1a:01:fa:24:30:52:5c:8a:16:82:fe:b3:
12:8c:7f:94:5f:c5:f0:b6:a0:23:d4:54:25:95:cb:c5:cc:be:
37:65:d2:87:cd:a7:c9:c1:18:5b:92:ea:08:5e:e3:b0:d8:a6:
44:a0:87:e9:e9:76:0c:6d:0e:6c:b5:e7:a9:e5:02:75:18:90:
32:11:8c:24:92:36:fb:d2:35:23:9b:82:22:99:55:d3:04:f7:
bd:c1:26:a0:ec:46:0a:c9:00:6d:44:79:80:53:09:0e:b3:d7:
b4:64:d4:ed:92:fe:4d:07:64:15:70:c5:8b:fa:fd:95:e7:40:
6c:e6:e4:ab
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZDZh0OoTbrRdz2BC3wlaKWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwNzIyMDgyMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhhYzc0Njk0NGVlNTVhZmU1MDQxM2E5ZGQ2NjRlOTlkNTIyM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLa7Z3Rrs2SxBCBVlKqlI3oMM0d9
k1w3nit570ewuQuuZ4qFpZCVC1Rew6aat+inkeM1Csf3g61Ze2FUpzSKMmF3Amr4
Akq9lGtmXH20BRhsUBhMKoIiZ06AwMbFYCeKoGLTFeagGKTTJ1+tT0pyJCc7VTap
KucrNtLH9Q1hzD6zzzu1+juvylIJtWxNCshJfjrqBO119SyItrgGGwYArfU+adfy
xt5NEgFT87Lcd4XZxsrTULmvlpwAf8qp+gEFARB+Qjc5q80P23+oEqLSkKpd9u7d
eY8gKn4Gy0qlx4kvRasdcTQ2n8FbaRnnd/qc+ZNEW2jvc/agge8vKfFI8wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFD+Kx0aUTuVa/lBBOp3WZOmdUiP2MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvUDRySFJwUk81VnItVUVFNm5kWms2WjFTSV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQAkhOAAwQA
svq/AwQAwQDjAwQAwQDmAwQAwaPLAwQA2XeBMBQEAgACMA4DBQAqD83CAwUBKg/N
xDANBgkqhkiG9w0BAQsFAAOCAQEAoqpfa/RqIvc3M7CfbVQXl6SOcx7FS0YOA15Q
BXEgyVuXsgOVBd3TR6OiY/ix6OtZGBWdG8P0UOyZXrY8PWuGvEZ3LoC4UkdFJJ7a
Q9S7kjzDtndVgG5b2UOq34sgUKxTaNgWk9cCGi818ygflyrQCzCJ4tMj1UmBHLrQ
Lx0pswCDS4CSGgH6JDBSXIoWgv6zEox/lF/F8LagI9RUJZXLxcy+N2XSh82nycEY
W5LqCF7jsNimRKCH6el2DG0ObLXnqeUCdRiQMhGMJJI2+9I1I5uCIplV0wT3vcEm
oOxGCskAbUR5gFMJDrPXtGTU7ZL+TQdkFXDFi/r9ledAbObkqw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:13 2025 by rpki-client