Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/G57989nGZiAqURgMNliBQt0Mq9c.roa
File: G57989nGZiAqURgMNliBQt0Mq9c.roa (raw, json)
Hash identifier: tCXp38rXwmlCs7Kh4Cgt7GGYgp5dZI4/D9/V6UbRFN4=
Subject key identifier: 1B:9E:FD:F3:D9:C6:66:20:2A:51:18:0C:36:58:81:42:DD:0C:AB:D7
Certificate issuer: /CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Certificate serial: 01934E370A8C6C861F1AAC59F5EABBF9059C
Authority key identifier: 2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/G57989nGZiAqURgMNliBQt0Mq9c.roa
Signing time: Thu 21 Nov 2024 10:14:10 +0000
ROA not before: Thu 21 Nov 2024 10:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206049
IP address blocks: 185.197.56.0/22 maxlen: 24
212.11.67.0/24 maxlen: 24
212.11.76.0/24 maxlen: 24
2a0a:7640::/29 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:37:0a:8c:6c:86:1f:1a:ac:59:f5:ea:bb:f9:05:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52
Validity
Not Before: Nov 21 10:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b9efdf3d9c666202a51180c36588142dd0cabd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:49:1a:88:54:3a:48:c6:5e:e2:5c:29:ae:ec:
e1:67:c5:06:9d:11:6d:58:f9:1e:3c:32:dd:d0:72:
52:7a:66:c8:5a:1f:65:9e:07:f8:04:53:d7:94:8d:
05:0a:45:da:a9:5d:bb:7e:67:64:b7:c0:d4:15:7d:
96:f2:5f:7b:39:1e:c7:f1:27:13:85:32:29:d0:dc:
0d:29:13:9a:8b:1b:3c:34:8e:37:4e:d0:31:b2:0f:
05:9d:85:98:39:d4:42:d3:ac:4b:50:ed:98:e5:aa:
f1:e7:3d:ec:38:f1:b2:f7:a5:2c:4f:ba:65:4d:1c:
7b:e0:bb:6f:0e:0e:a4:76:f2:38:00:55:47:4a:8e:
d6:c3:03:30:29:1a:02:8d:39:8c:87:c1:fd:45:d2:
7e:3f:e8:7a:14:16:5b:bf:eb:af:3f:87:53:bc:71:
3f:9b:54:d2:b8:59:28:af:7b:aa:8e:8a:b3:85:ba:
65:cf:e3:22:de:ef:b5:0a:ff:65:5a:82:5a:6c:52:
16:7b:a5:44:0f:11:63:12:e1:41:77:9b:ae:4b:5f:
09:ce:4c:da:fa:ca:81:6d:7d:f1:c5:f9:5f:67:39:
5b:36:18:2d:39:95:03:c4:97:60:f7:9c:24:72:4f:
10:9a:5d:8d:56:ab:9b:d3:90:f5:68:36:82:a8:70:
40:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9E:FD:F3:D9:C6:66:20:2A:51:18:0C:36:58:81:42:DD:0C:AB:D7
X509v3 Authority Key Identifier:
keyid:2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/G57989nGZiAqURgMNliBQt0Mq9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.56.0/22
212.11.67.0/24
212.11.76.0/24
IPv6:
2a0a:7640::/29
Signature Algorithm: sha256WithRSAEncryption
43:01:10:ed:09:d0:70:50:67:f9:2c:ae:dd:0a:23:55:6e:9c:
24:06:61:fb:03:5a:ad:53:bc:d3:ad:c4:2a:fd:53:47:0e:90:
9d:47:97:bc:51:2f:a9:51:7f:16:a0:ef:e7:5b:b0:e4:e4:79:
78:04:b2:3b:fc:1a:f4:c6:fa:70:1e:b9:c6:52:4f:b6:16:66:
dc:18:af:82:0f:34:fa:7b:00:17:2a:cb:1a:b9:ba:f8:62:29:
76:62:3c:96:28:b7:74:ce:ed:02:4b:26:1f:4f:0a:41:35:88:
a4:a7:92:a7:54:ee:b4:b5:72:cd:d3:00:b3:5b:01:13:d5:7d:
4a:18:e6:a2:39:78:78:2e:16:f2:c3:db:c5:82:19:37:00:db:
5f:28:58:10:61:75:68:0e:66:60:35:dd:7d:7b:fa:01:0f:7b:
11:e0:6b:f0:f3:c5:b5:e3:da:7f:8f:72:0c:cd:5b:ec:52:e5:
78:91:ff:91:dc:3a:1e:78:e3:d0:31:e5:2a:f8:59:1f:40:80:
e4:38:56:57:0f:8c:39:fd:17:97:72:f1:8d:0f:77:db:90:5b:
89:2c:96:e9:a8:44:69:6c:b6:2e:de:b9:99:15:f3:ea:3a:5c:
7d:c9:b8:57:ac:ad:73:d7:77:98:c5:a5:25:8e:2d:4e:fc:44:
56:a9:40:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNONwqMbIYfGqxZ9eq7+QWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTRkNzBjZmI3ZTY5MDE5YTJlMDFjODdkMGE1ZDU0NWE1
OTliNTIwHhcNMjQxMTIxMTAxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjllZmRmM2Q5YzY2NjIwMmE1MTE4MGMzNjU4ODE0MmRkMGNhYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUkaiFQ6SMZe4lwpruzhZ8UGnRFt
WPkePDLd0HJSembIWh9lngf4BFPXlI0FCkXaqV27fmdkt8DUFX2W8l97OR7H8ScT
hTIp0NwNKROaixs8NI43TtAxsg8FnYWYOdRC06xLUO2Y5arx5z3sOPGy96UsT7pl
TRx74LtvDg6kdvI4AFVHSo7WwwMwKRoCjTmMh8H9RdJ+P+h6FBZbv+uvP4dTvHE/
m1TSuFkor3uqjoqzhbplz+Mi3u+1Cv9lWoJabFIWe6VEDxFjEuFBd5uuS18Jzkza
+sqBbX3xxflfZzlbNhgtOZUDxJdg95wkck8Qml2NVqub05D1aDaCqHBAEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBue/fPZxmYgKlEYDDZYgULdDKvXMB8GA1UdIwQY
MBaAFCyU1wz7fmkBmi4ByH0KXVRaWZtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTkt
NjlmYzA1NmIyNjI1LzEvRzU3OTg5bkdaaUFxVVJnTU5saUJRdDBNcTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTktNjlmYzA1NmIyNjI1
LzEvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCucU4AwQA
1AtDAwQA1AtMMA0EAgACMAcDBQMqCnZAMA0GCSqGSIb3DQEBCwUAA4IBAQBDARDt
CdBwUGf5LK7dCiNVbpwkBmH7A1qtU7zTrcQq/VNHDpCdR5e8US+pUX8WoO/nW7Dk
5Hl4BLI7/Br0xvpwHrnGUk+2FmbcGK+CDzT6ewAXKssaubr4Yil2YjyWKLd0zu0C
SyYfTwpBNYikp5KnVO60tXLN0wCzWwET1X1KGOaiOXh4Lhbyw9vFghk3ANtfKFgQ
YXVoDmZgNd19e/oBD3sR4Gvw88W149p/j3IMzVvsUuV4kf+R3DoeeOPQMeUq+Fkf
QIDkOFZXD4w5/ReXcvGND3fbkFuJLJbpqERpbLYu3rmZFfPqOlx9ybhXrK1z13eY
xaUlji1O/ERWqUDU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:54 2025 by rpki-client