Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/9PguXCJzx4WIvLcl8No578Vrob0.roa
File: 9PguXCJzx4WIvLcl8No578Vrob0.roa (raw, json)
Hash identifier: WE/gA5e8zDQidK2MFIREeaQ26mBxo6xmyd5jzLCmusg=
Subject key identifier: F4:F8:2E:5C:22:73:C7:85:88:BC:B7:25:F0:DA:39:EF:C5:6B:A1:BD
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 0193971B51B42FD62DB2AB85FF8E9F566CCD
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/9PguXCJzx4WIvLcl8No578Vrob0.roa
Signing time: Thu 05 Dec 2024 13:56:10 +0000
ROA not before: Thu 05 Dec 2024 13:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59795
IP address blocks: 213.184.84.0/24 maxlen: 24
213.184.85.0/24 maxlen: 24
213.184.86.0/24 maxlen: 24
2a09:3a00:3000::/40 maxlen: 48
2a09:3a00:3a00::/40 maxlen: 48
2a09:3a00:4000::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:1b:51:b4:2f:d6:2d:b2:ab:85:ff:8e:9f:56:6c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Dec 5 13:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f82e5c2273c78588bcb725f0da39efc56ba1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0e:9b:a2:82:55:09:d9:16:02:9b:37:c0:14:
17:b6:fa:15:ac:c3:53:42:3d:13:ca:ba:d6:5a:28:
37:3f:c7:f9:ba:71:a8:a0:a3:3e:4f:f4:e9:b5:c9:
eb:3b:c4:24:3d:ad:de:75:4e:29:9a:91:b8:35:07:
37:66:53:1e:79:30:71:29:9d:50:fe:77:8e:fd:55:
55:b3:5b:58:f6:b6:fb:14:ef:57:e8:56:45:6e:53:
3f:1f:12:bb:cc:6c:5c:e8:77:02:f1:70:00:ba:25:
bb:43:e1:1b:a3:7c:39:76:2e:83:e6:8d:65:9d:0a:
75:38:84:d0:4e:93:6c:c6:b4:b9:cd:50:57:a9:47:
f5:6b:f7:89:88:b4:19:0f:c0:0f:7c:64:42:b6:95:
82:dc:c1:95:c0:cb:04:ea:12:8b:81:d2:1a:67:b2:
eb:9f:d1:34:02:31:42:5d:c5:76:a8:55:9a:0e:71:
14:12:8a:fd:32:90:7c:7e:89:09:16:df:d9:72:2c:
85:f8:c2:50:5a:3a:0f:66:7e:33:dd:c1:da:46:f9:
18:1b:7a:27:dd:16:8d:0f:53:0b:ba:63:89:74:ac:
47:c8:89:48:23:9a:44:29:37:49:8b:39:b7:60:76:
ad:8b:3a:42:47:a8:d8:12:96:42:b6:a1:2e:76:5e:
d2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F8:2E:5C:22:73:C7:85:88:BC:B7:25:F0:DA:39:EF:C5:6B:A1:BD
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/9PguXCJzx4WIvLcl8No578Vrob0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.84.0-213.184.86.255
IPv6:
2a09:3a00:3000::/40
2a09:3a00:3a00::/40
2a09:3a00:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:31:ba:11:05:35:79:19:69:1a:16:7d:a9:98:92:f0:da:d4:
f9:06:57:62:2b:c8:33:d5:b1:a5:97:c0:87:c5:98:0d:46:0c:
22:2f:be:df:06:18:fe:1b:ec:de:ce:2b:1e:8e:87:73:58:b3:
ae:f8:ca:16:3c:46:f9:b7:6b:51:f4:e4:6e:3f:0e:4f:f4:f0:
08:61:3d:96:eb:f9:2d:be:6e:fc:29:93:f5:77:51:58:92:9c:
87:96:c3:b1:32:fa:79:45:fe:af:36:08:c7:9d:ef:75:9f:14:
e9:ea:8f:62:9c:04:36:90:e5:09:1b:d8:1e:39:54:73:39:2d:
25:75:91:7a:62:d6:78:b0:02:d0:bb:bb:c8:d1:bc:07:92:cd:
23:67:79:67:e7:52:32:74:ba:68:84:18:5a:99:71:36:4e:31:
a0:5b:4f:01:fd:5d:ea:07:74:c1:56:73:d6:ca:94:04:85:52:
23:9e:da:e0:01:aa:09:58:50:02:2f:56:cb:64:0b:86:0b:34:
8c:6c:c9:1d:aa:e9:f9:6c:dd:7d:05:5b:49:03:4a:01:02:0c:
09:10:9c:2f:79:5b:21:9d:3a:22:58:33:bf:09:1e:86:6a:2d:
94:fc:16:6d:d3:dc:2b:72:0e:1c:90:eb:4e:36:a5:ae:ac:a5:
de:a3:ae:dd
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZOXG1G0L9YtsquF/46fVmzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw
Yjc3NjEwHhcNMjQxMjA1MTM1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY4MmU1YzIyNzNjNzg1ODhiY2I3MjVmMGRhMzllZmM1NmJhMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g6booJVCdkWAps3wBQXtvoVrMNT
Qj0TyrrWWig3P8f5unGooKM+T/TptcnrO8QkPa3edU4pmpG4NQc3ZlMeeTBxKZ1Q
/neO/VVVs1tY9rb7FO9X6FZFblM/HxK7zGxc6HcC8XAAuiW7Q+Ebo3w5di6D5o1l
nQp1OITQTpNsxrS5zVBXqUf1a/eJiLQZD8APfGRCtpWC3MGVwMsE6hKLgdIaZ7Lr
n9E0AjFCXcV2qFWaDnEUEor9MpB8fokJFt/ZciyF+MJQWjoPZn4z3cHaRvkYG3on
3RaND1MLumOJdKxHyIlII5pEKTdJizm3YHatizpCR6jYEpZCtqEudl7S/QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPT4Llwic8eFiLy3JfDaOe/Fa6G9MB8GA1UdIwQY
MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt
MTk4YjZhNjFjZTg1LzEvOVBndVhDSnp4NFdJdkxjbDhObzU3OFZyb2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1
LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAUBAIAATAOMAwDBALVuFQD
BADVuFYwHgQCAAIwGAMGACoJOgAwAwYAKgk6ADoDBgAqCToAQDANBgkqhkiG9w0B
AQsFAAOCAQEAnDG6EQU1eRlpGhZ9qZiS8NrU+QZXYivIM9WxpZfAh8WYDUYMIi++
3wYY/hvs3s4rHo6Hc1izrvjKFjxG+bdrUfTkbj8OT/TwCGE9luv5Lb5u/CmT9XdR
WJKch5bDsTL6eUX+rzYIx53vdZ8U6eqPYpwENpDlCRvYHjlUczktJXWRemLWeLAC
0Lu7yNG8B5LNI2d5Z+dSMnS6aIQYWplxNk4xoFtPAf1d6gd0wVZz1sqUBIVSI57a
4AGqCVhQAi9Wy2QLhgs0jGzJHarp+WzdfQVbSQNKAQIMCRCcL3lbIZ06Ilgzvwke
hmotlPwWbdPcK3IOHJDrTjalrqyl3qOu3Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:55 2025 by rpki-client