Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/ER52aGjJLAjYIxuYfNWziWT5gUM.roa
File: ER52aGjJLAjYIxuYfNWziWT5gUM.roa (raw, json)
Hash identifier: 4FDurOSJVWc6c38XtMGVR/kWihA9oFKS6UkWqnL4k64=
Subject key identifier: 11:1E:76:68:68:C9:2C:08:D8:23:1B:98:7C:D5:B3:89:64:F9:81:43
Certificate issuer: /CN=7985c5bc754ca585bd2592e6bf1cfa6f649cd9f4
Certificate serial: 018CC87069A9DD8A3B268756C4AD5F62AD54
Authority key identifier: 79:85:C5:BC:75:4C:A5:85:BD:25:92:E6:BF:1C:FA:6F:64:9C:D9:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/ER52aGjJLAjYIxuYfNWziWT5gUM.roa
Signing time: Tue 02 Jan 2024 04:30:59 +0000
ROA not before: Tue 02 Jan 2024 04:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15889
IP address blocks: 193.23.137.0/24 maxlen: 24
91.208.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:69:a9:dd:8a:3b:26:87:56:c4:ad:5f:62:ad:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7985c5bc754ca585bd2592e6bf1cfa6f649cd9f4
Validity
Not Before: Jan 2 04:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=111e766868c92c08d8231b987cd5b38964f98143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:31:72:db:b2:ae:50:35:a5:16:74:6a:8a:8d:
63:3b:db:7a:c4:a1:07:5c:61:e0:ea:f9:79:a1:08:
e5:69:df:ec:6e:7f:1b:cb:45:71:5d:3b:29:4e:4b:
02:d7:23:b1:81:dc:26:f8:a7:ce:6b:a7:40:45:9a:
ca:e5:73:fc:6f:c0:c6:c0:57:39:d8:e4:af:1b:8e:
2a:46:18:ec:ac:be:87:a5:67:d3:58:79:02:cb:16:
6d:8f:c6:cc:c6:93:57:8a:3b:24:15:c6:09:c0:df:
8c:87:40:20:dd:35:89:9c:45:0b:d5:b6:0f:71:9d:
91:a9:1d:13:20:47:46:d8:0b:63:8e:a9:05:fb:f2:
5f:c9:e6:d6:bb:27:10:63:13:9a:b6:51:fb:a4:fc:
ba:3c:0f:6e:9f:c8:8e:1e:0a:41:82:bd:1e:e1:4d:
4c:eb:58:35:e6:c0:f1:7c:38:82:38:d1:1c:12:30:
81:92:28:9c:b4:13:9f:08:04:e3:70:8c:c5:b5:be:
88:3f:9e:a8:ec:72:2b:8b:5c:4c:fb:47:79:45:96:
d6:1a:7b:01:a1:49:38:88:be:d2:7b:d2:46:42:fd:
ed:db:9a:3e:54:0c:fa:e6:00:cb:74:14:12:92:70:
b5:76:63:22:4c:c5:cc:f5:f2:30:52:77:93:b6:e7:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1E:76:68:68:C9:2C:08:D8:23:1B:98:7C:D5:B3:89:64:F9:81:43
X509v3 Authority Key Identifier:
keyid:79:85:C5:BC:75:4C:A5:85:BD:25:92:E6:BF:1C:FA:6F:64:9C:D9:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/ER52aGjJLAjYIxuYfNWziWT5gUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.125.0/24
193.23.137.0/24
Signature Algorithm: sha256WithRSAEncryption
98:1c:6f:c3:fb:a0:fd:d0:37:56:07:be:2d:f9:84:32:75:c5:
04:bc:87:30:c4:ba:d2:d5:0f:fb:db:44:5f:35:63:42:78:97:
9a:d0:20:75:53:78:df:e6:76:6e:40:15:fc:c5:f1:79:50:a0:
57:75:09:62:97:67:d4:b3:a5:9f:ec:42:ba:84:26:63:9f:a0:
19:da:e9:18:56:a9:7f:a6:c5:53:83:f8:f3:36:b8:3c:a7:3f:
5f:32:f8:de:b6:07:d4:86:a7:3f:a9:1e:95:1f:1f:88:d6:6b:
6a:51:63:80:75:ad:2e:92:78:ac:c1:0f:77:bb:76:a1:6e:7e:
47:90:52:0b:72:e6:c9:db:96:3a:2b:7e:bd:bb:cb:a6:e9:c9:
e0:3c:8a:0a:bf:83:06:c1:d9:53:5d:dc:9b:3e:56:03:b8:46:
5a:16:45:26:67:3c:fe:67:73:be:34:22:46:23:0a:87:70:68:
77:13:20:74:7d:68:80:ba:82:aa:20:6f:b9:a4:fa:4b:e5:7f:
30:e1:6d:ea:43:fc:9a:99:f8:ba:df:82:2c:6f:fd:8b:6b:1e:
6f:26:9e:a9:a7:e4:96:3f:af:ce:8f:be:b1:fd:b8:63:42:b6:
9a:ba:22:1c:82:f0:42:a6:03:73:97:34:63:7f:59:96:7f:25:
aa:0b:43:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcGmp3Yo7JodWxK1fYq1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODVjNWJjNzU0Y2E1ODViZDI1OTJlNmJmMWNmYTZmNjQ5
Y2Q5ZjQwHhcNMjQwMTAyMDQzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFlNzY2ODY4YzkyYzA4ZDgyMzFiOTg3Y2Q1YjM4OTY0Zjk4MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjFy27KuUDWlFnRqio1jO9t6xKEH
XGHg6vl5oQjlad/sbn8by0VxXTspTksC1yOxgdwm+KfOa6dARZrK5XP8b8DGwFc5
2OSvG44qRhjsrL6HpWfTWHkCyxZtj8bMxpNXijskFcYJwN+Mh0Ag3TWJnEUL1bYP
cZ2RqR0TIEdG2AtjjqkF+/JfyebWuycQYxOatlH7pPy6PA9un8iOHgpBgr0e4U1M
61g15sDxfDiCONEcEjCBkiictBOfCATjcIzFtb6IP56o7HIri1xM+0d5RZbWGnsB
oUk4iL7Se9JGQv3t25o+VAz65gDLdBQSknC1dmMiTMXM9fIwUneTtudYYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBEedmhoySwI2CMbmHzVs4lk+YFDMB8GA1UdIwQY
MBaAFHmFxbx1TKWFvSWS5r8c+m9knNn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlYRnZIVk1wWVc5SlpMbXZ4ejZiMlNjMmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjliZDQtMmY2Yy00ZGEyLWJkZDct
MWM2N2QyNGFlNjcyLzEvRVI1MmFHakpMQWpZSXh1WWZOV3ppV1Q1Z1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjliZDQtMmY2Yy00ZGEyLWJkZDctMWM2N2QyNGFlNjcy
LzEvZVlYRnZIVk1wWVc5SlpMbXZ4ejZiMlNjMmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9B9AwQA
wReJMA0GCSqGSIb3DQEBCwUAA4IBAQCYHG/D+6D90DdWB74t+YQydcUEvIcwxLrS
1Q/720RfNWNCeJea0CB1U3jf5nZuQBX8xfF5UKBXdQlil2fUs6Wf7EK6hCZjn6AZ
2ukYVql/psVTg/jzNrg8pz9fMvjetgfUhqc/qR6VHx+I1mtqUWOAda0ukniswQ93
u3ahbn5HkFILcubJ25Y6K369u8um6cngPIoKv4MGwdlTXdybPlYDuEZaFkUmZzz+
Z3O+NCJGIwqHcGh3EyB0fWiAuoKqIG+5pPpL5X8w4W3qQ/yamfi634Isb/2Lax5v
Jp6pp+SWP6/Oj76x/bhjQraauiIcgvBCpgNzlzRjf1mWfyWqC0Ok
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:00 2025 by rpki-client