Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/spziDgOXjlnpR77IWYLXyeCrKyQ.roa
File: spziDgOXjlnpR77IWYLXyeCrKyQ.roa (raw, json)
Hash identifier: u4Ctpe313wK4ahzWI4l9fzKqJlTYVCTbDO2WhCtKxCU=
Subject key identifier: B2:9C:E2:0E:03:97:8E:59:E9:47:BE:C8:59:82:D7:C9:E0:AB:2B:24
Certificate issuer: /CN=0032534e8d560d73553c632bba10344a7c816614
Certificate serial: 018CC79501D2099BDC7692E8C6A846422339
Authority key identifier: 00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/spziDgOXjlnpR77IWYLXyeCrKyQ.roa
Signing time: Tue 02 Jan 2024 00:31:20 +0000
ROA not before: Tue 02 Jan 2024 00:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24685
IP address blocks: 91.202.108.0/24 maxlen: 32
194.28.198.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:01:d2:09:9b:dc:76:92:e8:c6:a8:46:42:23:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0032534e8d560d73553c632bba10344a7c816614
Validity
Not Before: Jan 2 00:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b29ce20e03978e59e947bec85982d7c9e0ab2b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:0d:57:95:34:a1:cd:b6:93:ed:77:4a:00:
33:78:8e:0a:64:11:22:8f:3c:a3:61:9c:93:f9:cc:
0c:e4:54:1b:64:c8:53:be:20:9b:c9:fe:5a:34:a0:
13:84:49:5c:4a:25:f1:94:5a:10:41:ac:ab:2c:79:
35:7f:d4:72:26:69:e7:53:c5:05:7e:b9:dd:f5:77:
03:06:64:02:ff:a4:f3:da:a0:c7:95:85:c9:bb:a7:
bb:31:e2:4d:ed:6c:1b:15:63:13:32:17:9c:d2:5f:
c4:8c:37:cc:e2:6a:ac:f7:fa:25:95:e3:77:59:5d:
67:a2:47:d5:e9:21:84:25:73:93:5c:a8:84:57:41:
ad:d3:40:a8:28:96:92:e5:8e:43:21:65:80:39:81:
10:ed:d7:b9:99:01:e0:69:d6:78:3a:b9:00:f9:f7:
4f:ab:04:33:33:f2:9d:05:1a:05:29:ea:a8:86:0f:
b5:11:07:46:7d:36:cd:8e:26:14:6b:ff:70:0f:9b:
04:66:ad:62:2a:d1:73:c2:96:5e:b9:e7:b3:f0:27:
6f:75:9e:e1:bd:00:97:50:60:84:12:4f:03:30:60:
b4:a7:96:94:14:51:e9:55:ad:c8:40:34:45:43:11:
1f:67:9e:84:8e:80:a8:fa:79:04:a4:8e:cb:4b:ea:
55:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9C:E2:0E:03:97:8E:59:E9:47:BE:C8:59:82:D7:C9:E0:AB:2B:24
X509v3 Authority Key Identifier:
keyid:00:32:53:4E:8D:56:0D:73:55:3C:63:2B:BA:10:34:4A:7C:81:66:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADJTTo1WDXNVPGMruhA0SnyBZhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/spziDgOXjlnpR77IWYLXyeCrKyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dee1ee-9384-45ab-a70a-5eae6ed58375/1/ADJTTo1WDXNVPGMruhA0SnyBZhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.108.0/24
194.28.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b8:3e:01:fc:63:26:d4:c0:aa:c5:dc:1b:0a:0e:94:bb:48:
f4:bd:a2:15:0d:69:fb:9e:7d:d3:8a:27:23:e7:05:ff:03:5d:
46:78:11:48:7c:34:42:b2:55:78:69:6a:d6:47:6d:6a:b7:08:
2a:20:23:0d:3c:c1:64:84:bb:1f:ba:dd:fb:65:12:89:0e:8a:
fb:42:82:e2:d5:a4:af:47:b6:3f:72:fb:c9:ca:37:cf:84:3a:
e1:74:96:a2:1a:9e:7f:d7:04:7b:44:5a:94:34:6b:e0:72:2f:
c5:20:88:d6:45:41:64:aa:fa:34:b2:13:0a:65:b3:23:a3:6e:
54:67:f2:3a:89:ce:8a:b6:5d:7c:76:b1:04:fe:70:d7:3d:f0:
6b:5c:6c:68:92:80:30:ae:f0:fa:c9:e8:5e:29:c1:bf:11:fd:
4e:22:73:62:54:b3:39:45:d7:eb:84:b8:5a:d0:40:c8:6e:40:
61:63:12:70:de:da:b8:e5:de:7b:76:d8:1f:1f:37:0c:46:ba:
72:a8:91:2b:6c:10:06:cb:e0:15:6d:8a:91:e2:73:ed:61:78:
98:43:8d:c8:f2:74:96:ad:cb:d4:99:10:6a:ca:c1:b3:ff:9a:
f3:8c:58:f9:dd:f1:20:33:2a:b5:1f:4d:97:ea:20:83:06:2f:
f3:ef:26:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlQHSCZvcdpLoxqhGQiM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMzI1MzRlOGQ1NjBkNzM1NTNjNjMyYmJhMTAzNDRhN2M4
MTY2MTQwHhcNMjQwMTAyMDAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjljZTIwZTAzOTc4ZTU5ZTk0N2JlYzg1OTgyZDdjOWUwYWIyYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKkNV5U0oc22k+13SgAzeI4KZBEi
jzyjYZyT+cwM5FQbZMhTviCbyf5aNKAThElcSiXxlFoQQayrLHk1f9RyJmnnU8UF
frnd9XcDBmQC/6Tz2qDHlYXJu6e7MeJN7WwbFWMTMhec0l/EjDfM4mqs9/olleN3
WV1nokfV6SGEJXOTXKiEV0Gt00CoKJaS5Y5DIWWAOYEQ7de5mQHgadZ4OrkA+fdP
qwQzM/KdBRoFKeqohg+1EQdGfTbNjiYUa/9wD5sEZq1iKtFzwpZeueez8CdvdZ7h
vQCXUGCEEk8DMGC0p5aUFFHpVa3IQDRFQxEfZ56EjoCo+nkEpI7LS+pVRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKc4g4Dl45Z6Ue+yFmC18ngqyskMB8GA1UdIwQY
MBaAFAAyU06NVg1zVTxjK7oQNEp8gWYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEt
NWVhZTZlZDU4Mzc1LzEvc3B6aURnT1hqbG5wUjc3SVdZTFh5ZUNyS3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZWUxZWUtOTM4NC00NWFiLWE3MGEtNWVhZTZlZDU4Mzc1
LzEvQURKVFRvMVdEWE5WUEdNcnVoQTBTbnlCWmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8psAwQA
whzGMA0GCSqGSIb3DQEBCwUAA4IBAQAKuD4B/GMm1MCqxdwbCg6Uu0j0vaIVDWn7
nn3Tiicj5wX/A11GeBFIfDRCslV4aWrWR21qtwgqICMNPMFkhLsfut37ZRKJDor7
QoLi1aSvR7Y/cvvJyjfPhDrhdJaiGp5/1wR7RFqUNGvgci/FIIjWRUFkqvo0shMK
ZbMjo25UZ/I6ic6Ktl18drEE/nDXPfBrXGxokoAwrvD6yeheKcG/Ef1OInNiVLM5
RdfrhLha0EDIbkBhYxJw3tq45d57dtgfHzcMRrpyqJErbBAGy+AVbYqR4nPtYXiY
Q43I8nSWrcvUmRBqysGz/5rzjFj53fEgMyq1H02X6iCDBi/z7yYR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:44 2025 by rpki-client