Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fO7fouFGbxUVVWRSsOl1NXoFWRk.roa
File: fO7fouFGbxUVVWRSsOl1NXoFWRk.roa (raw, json)
Hash identifier: gQXC7HUvF/aXDhUmCmL+ClsejkljAkRgdEQepnKp0rM=
Subject key identifier: 7C:EE:DF:A2:E1:46:6F:15:15:55:64:52:B0:E9:75:35:7A:05:59:19
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5431A8F0D69FBDFAEBB2E6F5727D
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fO7fouFGbxUVVWRSsOl1NXoFWRk.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34753
IP address blocks: 213.91.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 11:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:54:31:a8:f0:d6:9f:bd:fa:eb:b2:e6:f5:72:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ceedfa2e1466f1515556452b0e975357a055919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:84:34:84:76:a0:54:97:37:75:66:e3:a6:b1:
95:02:78:ed:d6:18:ed:3b:a9:c2:55:5b:a5:67:b2:
e0:99:e1:d5:df:43:cf:4b:be:fd:42:d5:16:f7:39:
a4:59:35:9d:fe:95:d4:9e:6f:a4:78:cb:c4:af:eb:
f1:9f:f9:19:47:c0:af:d8:89:f6:b3:cf:1e:68:74:
15:9e:3a:c4:ad:5d:cd:b6:dc:fb:c8:33:24:1e:65:
b4:95:09:66:9d:1a:ff:48:21:96:c8:89:a3:6e:50:
3c:53:a2:ff:be:d8:1c:73:2d:b2:f4:42:e4:00:7c:
66:b3:01:9d:f1:17:db:65:d1:cf:65:ce:67:d1:7d:
07:eb:c5:8f:e9:ce:ab:4d:b4:61:24:42:81:85:cb:
f5:60:b5:09:2c:5c:97:77:ad:ae:dc:c2:94:fa:8d:
af:30:1e:71:a2:52:1b:8e:73:e2:16:9e:34:5b:75:
9f:ae:48:ff:78:83:65:17:71:57:87:3d:eb:d7:2d:
4a:05:58:40:d2:67:99:21:97:c0:75:01:06:05:28:
be:d8:f0:c3:f4:c9:c2:df:2b:a4:4f:b1:77:8b:d8:
fa:d0:81:f6:cb:a2:89:c8:b5:46:36:df:ef:20:7e:
9e:7f:df:32:a5:65:2a:82:0d:d5:ed:8a:fd:c8:91:
eb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EE:DF:A2:E1:46:6F:15:15:55:64:52:B0:E9:75:35:7A:05:59:19
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/fO7fouFGbxUVVWRSsOl1NXoFWRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.169.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ae:43:cb:e3:db:ca:81:f7:19:5c:4c:7e:60:23:90:ba:95:
c2:bd:0e:2e:90:54:d1:02:2e:a1:36:3e:b5:5e:11:bf:94:9c:
4f:9c:1b:d1:d6:33:55:17:18:13:7a:ce:21:0c:be:d7:62:fc:
e0:2c:6c:45:03:fd:b8:8e:af:f7:4b:ef:7e:ed:eb:bb:46:9f:
60:c1:d2:5b:6a:f8:97:ec:91:0c:f2:bc:f0:93:41:e9:8d:c3:
e9:11:44:98:5b:a0:cc:1b:39:4e:02:ce:b9:be:81:40:aa:9d:
b9:c4:66:11:f2:09:92:97:ae:ed:4d:b6:50:49:4c:6e:b4:12:
61:56:29:d2:5a:cf:0a:16:5c:56:a0:5f:5c:39:0e:fe:90:53:
47:40:10:11:1e:cd:b6:91:64:1b:30:c3:06:23:72:b1:c0:3f:
a8:13:7d:94:07:65:e4:3a:06:9c:fa:0d:7f:40:f3:bf:7b:05:
8c:50:41:93:cb:4a:b3:96:df:d0:42:2a:c8:5c:d3:b9:1a:9b:
db:12:c7:db:fd:16:56:e8:39:28:a9:39:29:62:07:29:24:e4:
43:a2:83:06:30:47:42:87:89:e0:6e:19:a3:a9:da:94:8b:61:
da:90:bd:ae:1d:cc:9c:28:80:d6:d5:16:49:06:bd:a0:d2:8a:
59:fd:43:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVQxqPDWn73667Lm9XJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2VlZGZhMmUxNDY2ZjE1MTU1NTY0NTJiMGU5NzUzNTdhMDU1OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Q0hHagVJc3dWbjprGVAnjt1hjt
O6nCVVulZ7LgmeHV30PPS779QtUW9zmkWTWd/pXUnm+keMvEr+vxn/kZR8Cv2In2
s88eaHQVnjrErV3Nttz7yDMkHmW0lQlmnRr/SCGWyImjblA8U6L/vtgccy2y9ELk
AHxmswGd8RfbZdHPZc5n0X0H68WP6c6rTbRhJEKBhcv1YLUJLFyXd62u3MKU+o2v
MB5xolIbjnPiFp40W3Wfrkj/eINlF3FXhz3r1y1KBVhA0meZIZfAdQEGBSi+2PDD
9MnC3yukT7F3i9j60IH2y6KJyLVGNt/vIH6ef98ypWUqgg3V7Yr9yJHrewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzu36LhRm8VFVVkUrDpdTV6BVkZMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZk83Zm91RkdieFVWVldSU3NPbDFOWG9GV1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VupMA0G
CSqGSIb3DQEBCwUAA4IBAQBDrkPL49vKgfcZXEx+YCOQupXCvQ4ukFTRAi6hNj61
XhG/lJxPnBvR1jNVFxgTes4hDL7XYvzgLGxFA/24jq/3S+9+7eu7Rp9gwdJbaviX
7JEM8rzwk0HpjcPpEUSYW6DMGzlOAs65voFAqp25xGYR8gmSl67tTbZQSUxutBJh
VinSWs8KFlxWoF9cOQ7+kFNHQBARHs22kWQbMMMGI3KxwD+oE32UB2XkOgac+g1/
QPO/ewWMUEGTy0qzlt/QQirIXNO5GpvbEsfb/RZW6DkoqTkpYgcpJORDooMGMEdC
h4ngbhmjqdqUi2HakL2uHcycKIDW1RZJBr2g0opZ/UMS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:11 2025 by rpki-client