Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/fcWd4IYYLWwk_Ma3MsTP2QPK8SM.roa
File: fcWd4IYYLWwk_Ma3MsTP2QPK8SM.roa (raw, json)
Hash identifier: /8w8P/FDtdR3QUgSYiK1QKJOPB2WwjvCCgCrVlmu4Cc=
Subject key identifier: 7D:C5:9D:E0:86:18:2D:6C:24:FC:C6:B7:32:C4:CF:D9:03:CA:F1:23
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 018D502CF30B0502FBB96C8C0FCC68F90595
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/fcWd4IYYLWwk_Ma3MsTP2QPK8SM.roa
Signing time: Sun 28 Jan 2024 13:05:39 +0000
ROA not before: Sun 28 Jan 2024 13:05:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209596
IP address blocks: 91.184.88.0/21 maxlen: 21
109.162.240.0/20 maxlen: 20
213.207.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sun 28 Jan 2024 15:38:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:50:2c:f3:0b:05:02:fb:b9:6c:8c:0f:cc:68:f9:05:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 28 13:05:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dc59de086182d6c24fcc6b732c4cfd903caf123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:06:c2:50:8d:4c:89:0e:38:06:3b:87:57:90:
3e:4f:40:1a:e1:d2:d7:e3:75:8f:0a:c6:50:aa:14:
d6:ae:35:33:24:3c:f5:23:f7:f5:d1:2a:86:b8:f9:
4a:4f:7d:5a:ae:e8:81:43:80:2e:b1:8a:29:3f:56:
a0:51:ac:88:02:a4:95:64:4b:1d:a7:f2:dc:60:d8:
a2:b0:e9:e5:aa:c8:7e:5d:05:da:db:e2:a4:3a:9c:
76:e8:c2:8a:3a:ee:28:9b:7d:d8:db:e7:1b:66:0a:
02:45:44:56:a2:8e:16:d9:b2:cb:dd:6c:b7:1b:8b:
19:ea:4e:40:18:73:4b:67:d1:29:61:27:8c:f8:6d:
37:76:a1:76:ee:1e:6e:ce:a3:cd:91:34:ee:6f:08:
02:10:d7:e4:f4:9f:be:fe:d7:01:04:83:54:9f:2b:
07:97:d7:c2:b4:03:bb:92:71:d9:98:12:cf:7c:f7:
42:20:3c:4e:3a:76:bd:e6:3f:69:2a:6b:a7:8d:c4:
29:ee:6e:2d:3c:3e:9d:32:54:39:e4:f9:c5:5d:8a:
75:3f:47:50:c1:01:1e:7f:fa:5b:f5:e3:6b:fb:1f:
ac:d0:2d:47:c9:36:7c:56:b4:7d:64:f2:3e:86:e8:
53:51:87:c7:4f:3f:39:4e:a7:64:f3:be:4d:fa:f6:
a8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C5:9D:E0:86:18:2D:6C:24:FC:C6:B7:32:C4:CF:D9:03:CA:F1:23
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/fcWd4IYYLWwk_Ma3MsTP2QPK8SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.88.0/21
109.162.240.0/20
213.207.224.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:60:ea:8c:01:98:fc:58:8e:10:9f:d8:eb:c0:8d:63:dd:d8:
a8:aa:6d:b0:89:26:09:30:e1:50:ab:48:73:b9:43:f2:25:5f:
09:9d:ea:5f:9e:c3:1f:82:74:30:71:ec:18:74:05:5f:21:46:
8e:40:52:c2:aa:0c:81:e3:a0:81:94:66:62:7b:64:fa:8c:28:
13:cd:7e:16:1c:ba:fe:4e:e3:4f:de:75:96:7c:22:74:bf:5c:
bc:2b:0e:d1:57:33:06:dd:5c:39:3d:69:92:c2:d0:b3:fb:e6:
67:50:c2:04:77:44:d8:3c:27:3b:ef:22:73:11:e1:43:50:f0:
c9:a0:2f:8c:17:c6:27:cb:00:d0:15:84:ff:55:10:0b:b1:fa:
b8:37:2f:1f:bb:4c:9d:48:69:69:0d:32:58:f6:7a:9a:aa:be:
a1:2f:74:0c:24:27:aa:50:be:7c:3d:17:c6:47:fd:70:57:b8:
07:f4:34:33:61:ff:a2:a8:7f:e4:b2:da:58:26:97:07:55:c8:
f2:24:8c:37:41:9e:1b:e8:5a:52:76:d9:8d:02:62:cf:eb:4c:
f8:65:4e:4b:94:10:ad:4a:c3:51:9d:a6:5e:85:95:da:31:38:
57:f6:c4:51:1d:10:35:97:3d:1e:6e:1b:02:31:4b:86:b6:4b:
f6:66:ad:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1QLPMLBQL7uWyMD8xo+QWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjQwMTI4MTMwNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM1OWRlMDg2MTgyZDZjMjRmY2M2YjczMmM0Y2ZkOTAzY2FmMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwbCUI1MiQ44BjuHV5A+T0Aa4dLX
43WPCsZQqhTWrjUzJDz1I/f10SqGuPlKT31aruiBQ4AusYopP1agUayIAqSVZEsd
p/LcYNiisOnlqsh+XQXa2+KkOpx26MKKOu4om33Y2+cbZgoCRURWoo4W2bLL3Wy3
G4sZ6k5AGHNLZ9EpYSeM+G03dqF27h5uzqPNkTTubwgCENfk9J++/tcBBINUnysH
l9fCtAO7knHZmBLPfPdCIDxOOna95j9pKmunjcQp7m4tPD6dMlQ55PnFXYp1P0dQ
wQEef/pb9eNr+x+s0C1HyTZ8VrR9ZPI+huhTUYfHTz85Tqdk875N+vaotwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH3FneCGGC1sJPzGtzLEz9kDyvEjMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvZmNXZDRJWVlMV3drX01hM01zVFAyUVBLOFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW7hYAwQE
baLwAwQD1c/gMA0GCSqGSIb3DQEBCwUAA4IBAQANYOqMAZj8WI4Qn9jrwI1j3dio
qm2wiSYJMOFQq0hzuUPyJV8JnepfnsMfgnQwcewYdAVfIUaOQFLCqgyB46CBlGZi
e2T6jCgTzX4WHLr+TuNP3nWWfCJ0v1y8Kw7RVzMG3Vw5PWmSwtCz++ZnUMIEd0TY
PCc77yJzEeFDUPDJoC+MF8YnywDQFYT/VRALsfq4Ny8fu0ydSGlpDTJY9nqaqr6h
L3QMJCeqUL58PRfGR/1wV7gH9DQzYf+iqH/kstpYJpcHVcjyJIw3QZ4b6FpSdtmN
AmLP60z4ZU5LlBCtSsNRnaZehZXaMThX9sRRHRA1lz0ebhsCMUuGtkv2Zq1/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:51 2025 by rpki-client