Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/0-fx0oSF7fgjU8VfYauSEy7W_aA.roa
File: 0-fx0oSF7fgjU8VfYauSEy7W_aA.roa (raw, json)
Hash identifier: vdRMMD+YHBuJ2iSzNCg6OCzlfcHbG9ZQUkBK/YdR9w8=
Subject key identifier: D3:E7:F1:D2:84:85:ED:F8:23:53:C5:5F:61:AB:92:13:2E:D6:FD:A0
Certificate issuer: /CN=9f822437f49ed53886689022afddda59f79f8a71
Certificate serial: 0191D1F41F47F6DF06E4FDABECB951376957
Authority key identifier: 9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/0-fx0oSF7fgjU8VfYauSEy7W_aA.roa
Signing time: Sun 08 Sep 2024 14:05:22 +0000
ROA not before: Sun 08 Sep 2024 14:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35819
IP address blocks: 149.126.14.0/24 maxlen: 24
149.126.15.0/24 maxlen: 24
185.133.180.0/24 maxlen: 24
185.133.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Sep 2024 14:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:f4:1f:47:f6:df:06:e4:fd:ab:ec:b9:51:37:69:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f822437f49ed53886689022afddda59f79f8a71
Validity
Not Before: Sep 8 14:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3e7f1d28485edf82353c55f61ab92132ed6fda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:eb:46:83:42:2e:9d:ad:58:eb:eb:99:45:7e:
a3:bf:71:69:db:d2:77:2c:09:f3:f1:73:1a:8d:ca:
85:03:b2:92:e3:b2:91:5d:9e:40:f5:82:77:28:32:
a4:7c:78:8c:0c:27:d9:2c:2f:ff:27:10:cb:29:fa:
82:72:0c:51:19:06:25:0a:7b:eb:c2:43:f4:65:54:
be:72:38:1b:5a:ee:4e:51:dd:fc:6f:f1:3b:39:9d:
3d:bb:81:37:e3:05:f2:17:43:ee:1d:9c:e3:c9:f7:
e3:38:40:3c:67:0d:57:f4:56:06:45:b2:8e:d3:31:
99:de:ad:51:24:8d:b7:7d:4c:9b:79:d8:ea:c3:1f:
a6:a7:71:5d:fe:25:c7:07:90:19:c7:e5:2e:8c:0d:
be:2e:5c:cb:f0:53:eb:18:4d:49:13:ed:43:6f:05:
e7:a4:fb:f1:67:e6:46:bd:b2:8a:e8:ac:62:8a:0b:
93:3d:94:1e:ce:1b:8f:5e:43:af:95:49:70:32:a9:
97:24:97:37:af:1b:1f:92:d8:3f:76:ff:b8:61:7d:
36:9b:e1:dd:81:d4:2d:aa:60:5e:51:06:4f:21:b5:
b7:8e:be:96:00:b7:40:99:d5:7e:1c:75:1f:3c:3d:
bb:00:47:d2:b6:86:73:d1:ff:29:cb:52:bd:f7:7e:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E7:F1:D2:84:85:ED:F8:23:53:C5:5F:61:AB:92:13:2E:D6:FD:A0
X509v3 Authority Key Identifier:
keyid:9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/0-fx0oSF7fgjU8VfYauSEy7W_aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/n4IkN_Se1TiGaJAir93aWfefinE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.14.0/23
185.133.180.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:3a:40:f8:3e:24:25:6d:a3:cf:49:35:4a:8c:d0:2c:30:ca:
e4:3a:f2:a9:cd:da:40:22:e7:4d:7f:0a:a0:3e:23:dd:96:3f:
36:3c:d1:e0:30:7d:f0:65:1e:34:a3:f7:b3:f7:ca:45:b4:65:
97:86:11:d4:3d:ce:db:8e:29:f3:14:1b:92:99:ac:cc:14:1d:
8c:df:36:f5:03:d5:49:06:f8:8f:7b:3c:86:52:e6:a8:3b:e1:
ec:c6:83:36:20:2b:21:f1:5f:79:d1:42:40:a4:40:c6:24:e3:
56:05:32:b7:be:cb:fb:ca:ee:2e:0a:d2:81:65:28:e4:c9:88:
71:8d:35:8a:69:99:62:d7:94:eb:c0:93:0e:7e:72:b0:fa:dd:
94:12:c9:0e:b8:49:a1:c4:92:3c:1f:55:bd:11:f5:66:5e:fd:
ab:66:bf:7f:d7:54:94:fa:09:3a:e8:b9:15:33:7a:5d:8d:e6:
ec:a7:10:3c:70:b4:a5:54:4f:bf:d3:b4:1c:3f:34:67:b5:df:
54:9f:90:4f:92:23:38:08:f8:75:d4:8e:71:dc:dc:38:28:31:
14:aa:ca:49:11:38:15:24:52:35:15:04:11:1e:9e:14:36:f9:
9f:4e:9f:d2:92:6e:95:fd:bf:ff:3e:91:59:cd:29:f2:a2:75:
51:bc:42:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHR9B9H9t8G5P2r7LlRN2lXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODIyNDM3ZjQ5ZWQ1Mzg4NjY4OTAyMmFmZGRkYTU5Zjc5
ZjhhNzEwHhcNMjQwOTA4MTQwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U3ZjFkMjg0ODVlZGY4MjM1M2M1NWY2MWFiOTIxMzJlZDZmZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOtGg0Iuna1Y6+uZRX6jv3Fp29J3
LAnz8XMajcqFA7KS47KRXZ5A9YJ3KDKkfHiMDCfZLC//JxDLKfqCcgxRGQYlCnvr
wkP0ZVS+cjgbWu5OUd38b/E7OZ09u4E34wXyF0PuHZzjyffjOEA8Zw1X9FYGRbKO
0zGZ3q1RJI23fUybedjqwx+mp3Fd/iXHB5AZx+UujA2+LlzL8FPrGE1JE+1DbwXn
pPvxZ+ZGvbKK6KxiiguTPZQezhuPXkOvlUlwMqmXJJc3rxsfktg/dv+4YX02m+Hd
gdQtqmBeUQZPIbW3jr6WALdAmdV+HHUfPD27AEfStoZz0f8py1K99367PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPn8dKEhe34I1PFX2GrkhMu1v2gMB8GA1UdIwQY
MBaAFJ+CJDf0ntU4hmiQIq/d2ln3n4pxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWIt
MTRlYzQxZDRjMGE2LzEvMC1meDBvU0Y3ZmdqVThWZllhdVNFeTdXX2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWItMTRlYzQxZDRjMGE2
LzEvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBlX4OAwQB
uYW0MA0GCSqGSIb3DQEBCwUAA4IBAQCdOkD4PiQlbaPPSTVKjNAsMMrkOvKpzdpA
IudNfwqgPiPdlj82PNHgMH3wZR40o/ez98pFtGWXhhHUPc7bjinzFBuSmazMFB2M
3zb1A9VJBviPezyGUuaoO+HsxoM2ICsh8V950UJApEDGJONWBTK3vsv7yu4uCtKB
ZSjkyYhxjTWKaZli15TrwJMOfnKw+t2UEskOuEmhxJI8H1W9EfVmXv2rZr9/11SU
+gk66LkVM3pdjebspxA8cLSlVE+/07QcPzRntd9Un5BPkiM4CPh11I5x3Nw4KDEU
qspJETgVJFI1FQQRHp4UNvmfTp/Skm6V/b//PpFZzSnyonVRvEJh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:54 2025 by rpki-client