Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/0q77Ak4D-6FX71djCEM9JmV0xw8.roa
File: 0q77Ak4D-6FX71djCEM9JmV0xw8.roa (raw, json)
Hash identifier: Cyz3ZnbY0e/NRkK1pKxtKzeA4vzj/Zh4UKKHrlH/C08=
Subject key identifier: D2:AE:FB:02:4E:03:FB:A1:57:EF:57:63:08:43:3D:26:65:74:C7:0F
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01927EA4F1CE96940CD91885E1F62276B75F
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/0q77Ak4D-6FX71djCEM9JmV0xw8.roa
Signing time: Sat 12 Oct 2024 02:53:11 +0000
ROA not before: Sat 12 Oct 2024 02:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19740
IP address blocks: 147.189.129.0/24 maxlen: 24
176.111.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7e:a4:f1:ce:96:94:0c:d9:18:85:e1:f6:22:76:b7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Oct 12 02:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2aefb024e03fba157ef576308433d266574c70f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:79:d9:67:99:48:1c:95:a5:5e:46:db:11:01:
2c:a7:aa:32:7d:15:45:51:11:06:a3:9f:33:2a:44:
bb:22:76:c1:5f:f4:ad:9c:ba:df:81:5d:64:fe:d7:
9d:a6:e4:d2:95:f6:37:63:bc:45:ff:f3:75:0d:a4:
d3:2f:f0:5b:76:26:c2:45:eb:21:a9:02:dd:70:30:
6f:5f:b6:68:1a:6e:cf:f4:8f:d3:f8:2c:ef:41:cb:
a6:b0:2c:c9:ce:70:5b:19:d8:bb:9d:67:dd:99:43:
10:d2:95:5e:91:f7:46:c8:d0:94:bb:a1:e6:c8:6f:
df:69:cc:92:dd:9a:cd:e1:f2:58:c1:f7:35:d5:d8:
aa:90:93:ce:7b:4a:87:1c:46:60:48:17:26:b6:87:
ab:ee:24:c9:e0:c9:b4:52:77:70:11:43:cf:a4:62:
f0:69:63:c7:02:78:d3:15:70:91:21:aa:8c:bb:d4:
71:dc:aa:eb:ae:23:b1:b4:d4:0a:2f:db:fc:38:b6:
a2:7b:80:08:cb:0a:9f:79:a5:25:3d:42:8f:79:ce:
2c:a2:3f:f5:df:9b:4a:4a:05:1b:38:66:a5:a1:12:
88:94:99:1b:b3:41:e5:d6:36:6d:f3:2a:6d:70:36:
9b:5f:7a:4f:a1:1e:78:e9:ca:6b:6a:5b:30:5d:3d:
75:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AE:FB:02:4E:03:FB:A1:57:EF:57:63:08:43:3D:26:65:74:C7:0F
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/0q77Ak4D-6FX71djCEM9JmV0xw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.129.0/24
176.111.218.0/24
Signature Algorithm: sha256WithRSAEncryption
29:d2:1f:24:99:24:e3:ab:37:e5:e8:ff:50:3f:0c:d7:3b:71:
02:29:ae:21:90:67:f6:56:82:8b:e2:4b:6b:89:8a:5f:41:80:
1e:a2:81:ed:aa:1a:3a:de:07:92:09:78:59:d7:ef:81:27:51:
f1:78:44:99:17:a7:16:f3:cd:1a:73:e7:59:71:a1:27:50:41:
b4:f3:76:63:97:89:8b:fd:9c:f0:78:e4:b3:15:36:38:1c:88:
05:79:0f:2d:f5:bb:c9:14:2e:03:82:3b:db:d8:74:29:f0:24:
bd:cd:52:5b:ba:7f:22:49:e2:46:91:0d:2e:7c:0e:23:0d:cf:
93:1d:38:fd:58:96:98:4f:e1:78:09:94:7e:16:c2:a4:f5:d2:
ac:3d:02:33:7c:c5:31:8f:2c:55:3b:0f:57:53:4b:2f:78:51:
63:3b:17:b7:ba:03:29:7a:77:46:72:36:8e:80:0b:5d:c5:aa:
f9:42:26:b5:73:62:0c:88:ea:2d:d7:19:01:6e:fb:81:45:6e:
30:7c:3b:22:4b:fc:e3:23:8c:ee:a2:df:be:12:c0:d3:dc:16:
f7:dc:50:57:2c:6f:05:53:ba:09:ec:cb:78:74:da:88:48:bd:
d2:55:91:9e:3f:d9:72:6a:5b:12:f0:6c:d6:27:82:25:95:01:
b9:6a:de:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ+pPHOlpQM2RiF4fYidrdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQxMDEyMDI1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFlZmIwMjRlMDNmYmExNTdlZjU3NjMwODQzM2QyNjY1NzRjNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunnZZ5lIHJWlXkbbEQEsp6oyfRVF
UREGo58zKkS7InbBX/StnLrfgV1k/tedpuTSlfY3Y7xF//N1DaTTL/BbdibCResh
qQLdcDBvX7ZoGm7P9I/T+CzvQcumsCzJznBbGdi7nWfdmUMQ0pVekfdGyNCUu6Hm
yG/facyS3ZrN4fJYwfc11diqkJPOe0qHHEZgSBcmtoer7iTJ4Mm0UndwEUPPpGLw
aWPHAnjTFXCRIaqMu9Rx3KrrriOxtNQKL9v8OLaie4AIywqfeaUlPUKPec4soj/1
35tKSgUbOGaloRKIlJkbs0Hl1jZt8yptcDabX3pPoR546cpralswXT11wwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNKu+wJOA/uhV+9XYwhDPSZldMcPMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzBxNzdBazRELTZGWDcxZGpDRU05Sm1WMHh3OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACTvYED
BACwb9owDQYJKoZIhvcNAQELBQADggEBACnSHySZJOOrN+Xo/1A/DNc7cQIpriGQ
Z/ZWgoviS2uJil9BgB6ige2qGjreB5IJeFnX74EnUfF4RJkXpxbzzRpz51lxoSdQ
QbTzdmOXiYv9nPB45LMVNjgciAV5Dy31u8kULgOCO9vYdCnwJL3NUlu6fyJJ4kaR
DS58DiMNz5MdOP1YlphP4XgJlH4WwqT10qw9AjN8xTGPLFU7D1dTSy94UWM7F7e6
Ayl6d0ZyNo6AC13FqvlCJrVzYgyI6i3XGQFu+4FFbjB8OyJL/OMjjO6i374SwNPc
FvfcUFcsbwVTugnsy3h02ohIvdJVkZ4/2XJqWxLwbNYngiWVAblq3kY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:05 2025 by rpki-client