Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/2ehH0SulFiVWfUza7QpNXWGq_5I.roa
File: 2ehH0SulFiVWfUza7QpNXWGq_5I.roa (raw, json)
Hash identifier: obmxI9Ed8RmQcaakf7Ou03Y0hgBOSbgsybsepqMHTPs=
Subject key identifier: D9:E8:47:D1:2B:A5:16:25:56:7D:4C:DA:ED:0A:4D:5D:61:AA:FF:92
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 0192D81F8490EE8471CC6989BBB56079C721
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/2ehH0SulFiVWfUza7QpNXWGq_5I.roa
Signing time: Tue 29 Oct 2024 11:53:16 +0000
ROA not before: Tue 29 Oct 2024 11:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
45.130.212.0/22 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 18:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:1f:84:90:ee:84:71:cc:69:89:bb:b5:60:79:c7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Oct 29 11:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9e847d12ba51625567d4cdaed0a4d5d61aaff92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:88:01:33:bf:a8:43:72:a6:a8:bd:24:91:
bf:66:d1:a6:77:00:9b:74:28:03:75:01:e1:d4:25:
ca:42:7b:51:59:ad:5d:e1:e6:4e:3d:f8:dc:51:83:
6e:c4:99:62:9d:68:f8:40:3e:92:8d:f4:6a:fe:4b:
ec:4e:42:c8:09:7f:a5:f4:29:13:35:cd:28:8b:3c:
47:27:c1:81:fe:39:42:22:11:bd:46:1a:1a:d3:03:
50:19:05:dc:48:f7:ce:e2:b4:e0:70:1e:c3:6e:16:
05:7e:50:bf:a6:c1:10:8a:30:35:35:4a:71:47:0a:
72:40:35:94:89:07:6c:8e:b3:1b:4d:d2:55:74:b3:
97:a5:32:f6:9e:6e:d5:5a:87:56:38:3b:2e:cc:87:
df:3d:d2:51:06:c3:d0:39:52:c5:4a:b6:23:f6:e2:
9b:22:37:cd:64:4f:70:a2:4f:5f:c2:cb:fb:e6:5f:
a5:ee:fd:bf:61:63:96:14:f6:cf:b2:c5:28:84:2e:
f9:d9:a7:82:e7:c8:79:ce:b8:76:55:11:9b:60:27:
57:ab:fd:c6:91:c7:97:4d:c7:6d:db:16:2e:ae:b7:
43:c7:47:3f:ee:fb:06:4a:c2:52:ed:dc:c8:25:5e:
e5:26:c4:18:8c:be:06:ed:f1:18:cb:ca:2d:8f:a1:
d3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E8:47:D1:2B:A5:16:25:56:7D:4C:DA:ED:0A:4D:5D:61:AA:FF:92
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/2ehH0SulFiVWfUza7QpNXWGq_5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
45.130.212.0/22
90.156.254.0/23
91.218.142.0/23
Signature Algorithm: sha256WithRSAEncryption
55:61:5e:78:58:ab:3f:a0:1b:17:18:99:42:46:f9:7b:43:1a:
b1:3e:fd:44:f4:60:cb:c1:64:f3:2a:b3:e5:75:8e:90:5f:82:
e5:1b:f7:de:03:ad:9d:27:ba:9d:ec:f2:c4:0f:ef:4a:96:13:
bb:50:45:9d:55:2e:f9:6a:ab:8b:dc:ac:41:c7:27:a4:32:76:
27:0f:67:f6:f2:56:81:3c:c9:26:2c:75:dd:21:10:17:4c:14:
2f:71:1a:47:f3:f7:00:a0:ef:55:ed:2e:e6:48:f4:5f:bf:ad:
f2:a5:59:50:f8:38:0a:e9:88:84:39:57:34:92:cd:bb:4f:f7:
27:88:0c:32:12:bb:f5:14:fd:a0:5a:30:be:2e:28:7f:83:7e:
39:47:df:ac:ce:ea:30:c5:86:fa:c8:f8:b5:67:1d:d0:67:c1:
cc:15:d2:2d:40:16:1c:80:ba:db:d1:87:77:58:5b:ac:37:ec:
1a:5b:a8:f6:98:69:8c:ac:47:f3:a8:ae:e4:8c:12:6c:b5:b0:
91:92:1e:de:dd:42:e6:25:ce:a6:2e:8e:ba:65:b8:16:ae:12:
81:cf:2a:d8:03:4c:d6:8f:24:d8:9f:8f:99:1e:92:c8:ea:40:
be:7b:41:5d:72:24:92:c0:fe:84:9f:13:8c:0a:51:46:c2:75:
1f:51:bb:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLYH4SQ7oRxzGmJu7VgecchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQxMDI5MTE1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU4NDdkMTJiYTUxNjI1NTY3ZDRjZGFlZDBhNGQ1ZDYxYWFmZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofaIATO/qENypqi9JJG/ZtGmdwCb
dCgDdQHh1CXKQntRWa1d4eZOPfjcUYNuxJlinWj4QD6SjfRq/kvsTkLICX+l9CkT
Nc0oizxHJ8GB/jlCIhG9Rhoa0wNQGQXcSPfO4rTgcB7DbhYFflC/psEQijA1NUpx
RwpyQDWUiQdsjrMbTdJVdLOXpTL2nm7VWodWODsuzIffPdJRBsPQOVLFSrYj9uKb
IjfNZE9wok9fwsv75l+l7v2/YWOWFPbPssUohC752aeC58h5zrh2VRGbYCdXq/3G
kceXTcdt2xYurrdDx0c/7vsGSsJS7dzIJV7lJsQYjL4G7fEYy8otj6HTsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNnoR9ErpRYlVn1M2u0KTV1hqv+SMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvMmVoSDBTdWxGaVZXZlV6YTdRcE5YV0dxXzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4AgAwQC
LYLUAwQBWpz+AwQBW9qOMA0GCSqGSIb3DQEBCwUAA4IBAQBVYV54WKs/oBsXGJlC
Rvl7QxqxPv1E9GDLwWTzKrPldY6QX4LlG/feA62dJ7qd7PLED+9KlhO7UEWdVS75
aquL3KxBxyekMnYnD2f28laBPMkmLHXdIRAXTBQvcRpH8/cAoO9V7S7mSPRfv63y
pVlQ+DgK6YiEOVc0ks27T/cniAwyErv1FP2gWjC+Lih/g345R9+szuowxYb6yPi1
Zx3QZ8HMFdItQBYcgLrb0Yd3WFusN+waW6j2mGmMrEfzqK7kjBJstbCRkh7e3ULm
Jc6mLo66ZbgWrhKBzyrYA0zWjyTYn4+ZHpLI6kC+e0FdciSSwP6EnxOMClFGwnUf
Ubvu
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:10 2025 by rpki-client