Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/0H73X5c6aiHi6GPz21uYPsHe6nw.roa
File: 0H73X5c6aiHi6GPz21uYPsHe6nw.roa (raw, json)
Hash identifier: Rn4KEy7TTHRZso561V/bkQCbqFl31W38PopWMOSIlgo=
Subject key identifier: D0:7E:F7:5F:97:3A:6A:21:E2:E8:63:F3:DB:5B:98:3E:C1:DE:EA:7C
Certificate issuer: /CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Certificate serial: 0190E66A4DB78558A346DB14754DA900DFC5
Authority key identifier: 0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/0H73X5c6aiHi6GPz21uYPsHe6nw.roa
Signing time: Wed 24 Jul 2024 20:24:04 +0000
ROA not before: Wed 24 Jul 2024 20:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214815
IP address blocks: 91.90.166.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
2001:67c:328::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e6:6a:4d:b7:85:58:a3:46:db:14:75:4d:a9:00:df:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8be474c155fc13847b859501a553cffc3ac4b2
Validity
Not Before: Jul 24 20:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d07ef75f973a6a21e2e863f3db5b983ec1deea7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:14:e0:e1:e3:8c:08:db:56:97:76:4f:09:d7:
27:4c:ad:30:26:ae:25:83:4d:14:c3:3d:d0:a7:b5:
5e:de:46:27:76:e2:74:39:a1:58:69:a5:aa:30:af:
9b:a9:9b:ed:5e:85:06:43:24:46:3b:cc:09:de:b5:
0f:24:e0:95:83:f5:34:e3:1e:d4:d3:a7:7b:5d:d5:
b0:93:0d:2e:0f:c1:f8:84:f7:27:eb:ae:22:13:ff:
b4:69:e0:fc:3b:39:85:c7:ae:db:86:4d:63:b8:0f:
ff:2a:79:b5:40:f0:16:6d:c1:8e:c3:e1:01:01:d3:
c9:01:d2:d6:45:05:ee:41:b0:4a:b2:a7:72:98:0e:
49:ff:65:d7:bd:bc:c1:03:e9:9d:89:0c:ab:32:1b:
4d:ce:f0:f8:5b:6c:50:ba:d5:30:c5:52:16:93:ff:
7b:eb:82:5a:9a:cd:9c:35:47:06:cd:bb:9c:61:cd:
65:6a:78:0f:88:8f:96:8e:c3:b8:30:01:5d:d0:26:
74:f3:6c:a3:df:06:ef:fa:40:89:ef:25:d6:cc:73:
02:6d:4f:25:c0:7c:4d:0a:d0:cd:2a:71:3f:df:10:
44:00:3d:5f:1f:a2:81:92:f2:f3:77:7c:85:85:16:
ce:e9:b4:3d:76:69:f3:55:01:c1:7d:d6:52:d3:6d:
5d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7E:F7:5F:97:3A:6A:21:E2:E8:63:F3:DB:5B:98:3E:C1:DE:EA:7C
X509v3 Authority Key Identifier:
keyid:0D:8B:E4:74:C1:55:FC:13:84:7B:85:95:01:A5:53:CF:FC:3A:C4:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYvkdMFV_BOEe4WVAaVTz_w6xLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/0H73X5c6aiHi6GPz21uYPsHe6nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/fd2efe-1471-42d8-9347-4861d43e24ef/1/DYvkdMFV_BOEe4WVAaVTz_w6xLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.166.0/24
147.189.163.0/24
IPv6:
2001:67c:328::/48
Signature Algorithm: sha256WithRSAEncryption
6e:63:5a:50:7b:7a:50:8d:2e:a1:42:86:15:24:6b:91:13:40:
b2:ce:46:63:b5:2c:e8:bf:14:ed:0c:a9:bd:d9:43:b3:10:c2:
6b:f5:79:2d:56:b9:c7:38:0f:68:58:3e:02:2b:55:25:f7:b9:
af:ed:96:01:7e:a7:f6:c7:0a:a2:44:53:32:bd:5b:fb:02:ca:
13:1c:68:89:24:e8:5b:7b:c2:5d:84:0d:bc:2e:54:5f:41:81:
3b:76:5e:fe:c8:2c:ff:97:2b:a9:32:f6:18:25:e5:92:75:e0:
3c:37:bb:6d:de:b8:ab:3b:77:1f:13:48:2a:c6:14:30:9a:ec:
c2:43:5f:b7:d8:bb:d4:33:88:ad:61:06:53:1a:a8:e4:bf:9a:
26:1d:10:ff:87:50:56:79:d2:e6:d6:fd:2d:6f:42:ab:22:a9:
4b:d3:da:03:00:be:56:1b:f9:f2:40:b5:52:ad:50:1b:27:e1:
68:a0:2d:c0:c6:c3:29:26:81:05:cf:22:62:ff:17:74:0f:b9:
c5:2c:e1:50:11:36:89:88:1f:be:f5:90:ab:ff:56:ea:e1:29:
1c:dc:05:04:da:c4:e1:b6:95:97:bf:ed:ad:99:a1:14:2e:37:
ca:74:0e:b2:24:8e:9f:73:91:8b:2b:34:a6:54:a0:f8:81:44:
de:ec:2c:6d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZDmak23hVijRtsUdU2pAN/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGJlNDc0YzE1NWZjMTM4NDdiODU5NTAxYTU1M2NmZmMz
YWM0YjIwHhcNMjQwNzI0MjAyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdlZjc1Zjk3M2E2YTIxZTJlODYzZjNkYjViOTgzZWMxZGVlYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRTg4eOMCNtWl3ZPCdcnTK0wJq4l
g00Uwz3Qp7Ve3kYnduJ0OaFYaaWqMK+bqZvtXoUGQyRGO8wJ3rUPJOCVg/U04x7U
06d7XdWwkw0uD8H4hPcn664iE/+0aeD8OzmFx67bhk1juA//Knm1QPAWbcGOw+EB
AdPJAdLWRQXuQbBKsqdymA5J/2XXvbzBA+mdiQyrMhtNzvD4W2xQutUwxVIWk/97
64Jams2cNUcGzbucYc1langPiI+WjsO4MAFd0CZ082yj3wbv+kCJ7yXWzHMCbU8l
wHxNCtDNKnE/3xBEAD1fH6KBkvLzd3yFhRbO6bQ9dmnzVQHBfdZS021d6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNB+91+XOmoh4uhj89tbmD7B3up8MB8GA1UdIwQY
MBaAFA2L5HTBVfwThHuFlQGlU8/8OsSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDct
NDg2MWQ0M2UyNGVmLzEvMEg3M1g1YzZhaUhpNkdQejIxdVlQc0hlNm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mZDJlZmUtMTQ3MS00MmQ4LTkzNDctNDg2MWQ0M2UyNGVm
LzEvRFl2a2RNRlZfQk9FZTRXVkFhVlR6X3c2eExJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW1qmAwQA
k72jMA8EAgACMAkDBwAgAQZ8AygwDQYJKoZIhvcNAQELBQADggEBAG5jWlB7elCN
LqFChhUka5ETQLLORmO1LOi/FO0Mqb3ZQ7MQwmv1eS1Wucc4D2hYPgIrVSX3ua/t
lgF+p/bHCqJEUzK9W/sCyhMcaIkk6Ft7wl2EDbwuVF9BgTt2Xv7ILP+XK6ky9hgl
5ZJ14Dw3u23euKs7dx8TSCrGFDCa7MJDX7fYu9QziK1hBlMaqOS/miYdEP+HUFZ5
0ubW/S1vQqsiqUvT2gMAvlYb+fJAtVKtUBsn4WigLcDGwykmgQXPImL/F3QPucUs
4VARNomIH771kKv/VurhKRzcBQTaxOG2lZe/7a2ZoRQuN8p0DrIkjp9zkYsrNKZU
oPiBRN7sLG0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:13 2025 by rpki-client