Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/iwyRfeKOlB2VOasOuDnXFsQxSLo.roa
File: iwyRfeKOlB2VOasOuDnXFsQxSLo.roa (raw, json)
Hash identifier: 1l0inoHG+GrkwgLe4n7oDogLuYv58DdnOZNidZjtVkc=
Subject key identifier: 8B:0C:91:7D:E2:8E:94:1D:95:39:AB:0E:B8:39:D7:16:C4:31:48:BA
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0191C7122D15DCC72A0E215DD5D3B962F196
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/iwyRfeKOlB2VOasOuDnXFsQxSLo.roa
Signing time: Fri 06 Sep 2024 11:22:22 +0000
ROA not before: Fri 06 Sep 2024 11:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39700
IP address blocks: 78.108.128.0/20 maxlen: 24
80.246.202.0/24 maxlen: 24
81.30.38.0/24 maxlen: 24
91.142.240.0/22 maxlen: 22
91.142.246.0/23 maxlen: 23
91.142.248.0/22 maxlen: 22
141.255.178.0/23 maxlen: 23
176.74.224.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb9::/32 maxlen: 32
2a00:c080:101c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Oct 2024 09:26:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:12:2d:15:dc:c7:2a:0e:21:5d:d5:d3:b9:62:f1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Sep 6 11:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b0c917de28e941d9539ab0eb839d716c43148ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4d:8f:72:a5:4f:92:0f:24:8b:10:33:52:db:
34:f4:ae:b5:2d:f0:c3:e4:50:33:f4:eb:0c:84:c1:
5e:80:14:fe:39:0f:31:f4:71:20:2d:a2:8e:77:83:
c3:17:66:60:28:44:49:75:bb:a3:96:c2:8b:48:bb:
48:39:08:82:72:54:7d:ec:97:7d:5d:44:d6:7b:5e:
c5:91:80:51:b7:f7:bd:ff:97:4d:67:21:4b:bb:a1:
de:9a:9f:da:16:6c:d4:31:8a:ba:bd:6d:cc:dc:d2:
ac:1d:ab:f2:e1:38:c7:a2:98:7e:4f:69:00:15:f6:
3e:59:18:da:a7:38:94:2c:64:8d:13:83:d2:18:b2:
a7:80:4e:21:ea:df:a4:2b:83:87:23:d3:61:49:48:
dc:aa:a3:e1:58:67:2a:b6:b2:4d:67:96:20:8a:56:
58:cb:6a:61:a9:86:b9:8d:3b:e8:a8:10:f2:d2:a4:
d4:cc:58:9b:6b:c8:51:7c:96:f3:ea:f2:ca:03:56:
d5:ed:d8:9e:a8:d6:45:7a:22:bb:62:9e:ca:36:f7:
9f:38:23:06:62:bd:d6:03:fd:f4:a5:f0:9f:5a:21:
de:c9:3f:8b:70:f3:cb:52:80:3d:fd:9d:a5:33:ad:
1b:78:da:a2:5c:4b:c4:db:6d:9a:92:f7:ea:02:a3:
ef:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0C:91:7D:E2:8E:94:1D:95:39:AB:0E:B8:39:D7:16:C4:31:48:BA
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/iwyRfeKOlB2VOasOuDnXFsQxSLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
80.246.202.0/24
81.30.38.0/24
91.142.240.0/22
91.142.246.0-91.142.251.255
141.255.178.0/23
176.74.224.0/24
IPv6:
2001:4cb8::/29
2a00:c080:101c::/48
Signature Algorithm: sha256WithRSAEncryption
ae:28:3c:40:68:91:87:9a:e8:08:1c:e8:3c:c3:16:7e:c2:e1:
6f:70:1e:2c:45:22:3b:4e:59:83:2a:bb:e5:37:13:41:d4:b8:
42:cd:89:a1:37:ad:11:22:d6:a8:e4:35:fc:1a:ca:aa:8b:fc:
94:37:23:c5:c3:91:88:70:dd:46:0a:18:dd:b2:27:e0:35:46:
ed:fd:d3:2a:f8:54:65:60:ed:73:57:33:b1:e1:4b:2e:74:10:
34:e6:75:c3:fa:9b:3c:f0:2e:56:d7:5f:46:2b:cd:b6:ac:3e:
3c:08:45:99:0f:b0:40:c1:df:5c:4a:8b:ef:97:49:15:60:41:
f6:f3:ef:60:60:9d:39:cc:32:33:6e:24:2d:e8:ea:60:89:5c:
44:fd:48:12:e2:40:59:fc:7e:73:06:af:b9:da:60:ab:1d:a1:
24:df:54:9b:67:9a:0e:78:43:71:8c:c6:be:c6:81:4b:f4:3e:
94:fb:15:68:89:10:65:fa:8c:f2:dd:ee:e8:5e:7f:6d:e5:31:
4e:8a:b8:dc:b9:ec:8f:b1:e0:50:1f:8f:c8:0e:3d:e5:f3:ac:
80:96:0d:15:ac:92:cd:80:12:f9:5b:3f:7e:32:46:5e:62:ae:
ff:45:2d:c6:b6:d8:82:f6:7b:b8:0a:5c:8b:43:3a:96:90:d1:
32:50:3f:74
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZHHEi0V3McqDiFd1dO5YvGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwOTA2MTEyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBjOTE3ZGUyOGU5NDFkOTUzOWFiMGViODM5ZDcxNmM0MzE0OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU2PcqVPkg8kixAzUts09K61LfDD
5FAz9OsMhMFegBT+OQ8x9HEgLaKOd4PDF2ZgKERJdbujlsKLSLtIOQiCclR97Jd9
XUTWe17FkYBRt/e9/5dNZyFLu6Hemp/aFmzUMYq6vW3M3NKsHavy4TjHoph+T2kA
FfY+WRjapziULGSNE4PSGLKngE4h6t+kK4OHI9NhSUjcqqPhWGcqtrJNZ5YgilZY
y2phqYa5jTvoqBDy0qTUzFiba8hRfJbz6vLKA1bV7dieqNZFeiK7Yp7KNvefOCMG
Yr3WA/30pfCfWiHeyT+LcPPLUoA9/Z2lM60beNqiXEvE222akvfqAqPvbwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFIsMkX3ijpQdlTmrDrg51xbEMUi6MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvaXd5UmZlS09sQjJWT2FzT3VEblhGc1F4U0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA4BAIAATAyAwQETmyAAwQA
UPbKAwQAUR4mAwQCW47wMAwDBAFbjvYDBAJbjvgDBAGN/7IDBACwSuAwFgQCAAIw
EAMFAyABTLgDBwAqAMCAEBwwDQYJKoZIhvcNAQELBQADggEBAK4oPEBokYea6Agc
6DzDFn7C4W9wHixFIjtOWYMqu+U3E0HUuELNiaE3rREi1qjkNfwayqqL/JQ3I8XD
kYhw3UYKGN2yJ+A1Ru390yr4VGVg7XNXM7HhSy50EDTmdcP6mzzwLlbXX0Yrzbas
PjwIRZkPsEDB31xKi++XSRVgQfbz72BgnTnMMjNuJC3o6mCJXET9SBLiQFn8fnMG
r7naYKsdoSTfVJtnmg54Q3GMxr7GgUv0PpT7FWiJEGX6jPLd7uhef23lMU6KuNy5
7I+x4FAfj8gOPeXzrICWDRWsks2AEvlbP34yRl5irv9FLca22IL2e7gKXItDOpaQ
0TJQP3Q=
-----END CERTIFICATE-----
Generated at Wed Oct 9 13:27:02 2024 by rpki-client on console-fra.rpki-client.org