Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/4h-M6IlNh5x7sHvS0XWLHMyIoRw.roa
File: 4h-M6IlNh5x7sHvS0XWLHMyIoRw.roa (raw, json)
Hash identifier: 5KV2XjNhXDoHWzp/cBmG/gcbyFWYrnZxlCeVbPhWF1A=
Subject key identifier: E2:1F:8C:E8:89:4D:87:9C:7B:B0:7B:D2:D1:75:8B:1C:CC:88:A1:1C
Certificate issuer: /CN=6765a21b561ba8665cf79fbf44c31959de28f216
Certificate serial: 0191D64878379FBC4F5BAF8E3528127999A2
Authority key identifier: 67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/4h-M6IlNh5x7sHvS0XWLHMyIoRw.roa
Signing time: Mon 09 Sep 2024 10:15:59 +0000
ROA not before: Mon 09 Sep 2024 10:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199476
IP address blocks: 194.39.244.0/24 maxlen: 24
2a13:9d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:48:78:37:9f:bc:4f:5b:af:8e:35:28:12:79:99:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6765a21b561ba8665cf79fbf44c31959de28f216
Validity
Not Before: Sep 9 10:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e21f8ce8894d879c7bb07bd2d1758b1ccc88a11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:d6:88:5b:d0:20:ac:31:f2:a6:be:bb:f4:
e1:b6:f3:ed:db:cf:4f:b1:d7:40:37:6a:86:a8:65:
68:ef:88:4b:e7:da:5d:fd:21:f9:9a:cd:7d:9e:e0:
84:6c:74:ed:dc:eb:20:93:7c:9b:44:9f:48:d1:0b:
4b:29:78:1d:ff:02:a6:56:0d:79:7e:72:36:39:e2:
6d:d8:8b:fb:09:d8:98:f1:d1:f9:89:fb:c8:bc:b6:
c8:da:a1:3a:dc:cb:b3:96:a0:0e:f9:ad:d7:98:85:
bf:94:18:38:6c:7f:9f:ef:95:84:a1:42:28:1d:de:
46:c8:83:fe:82:fc:1c:8b:69:bd:16:b2:9d:64:4b:
9e:92:c5:1d:28:7c:94:73:89:73:f3:a9:bb:b3:f2:
e8:98:d1:f0:5d:e1:3b:41:bd:14:6c:20:71:cc:43:
11:02:e5:76:35:e8:30:a5:9b:41:ad:36:03:e6:f9:
2a:01:ea:3e:15:b4:ea:4d:50:16:c7:4e:38:e4:61:
47:bc:7b:59:e4:7d:58:e5:76:61:70:c6:b7:db:7e:
da:ec:2d:0c:f3:13:3d:26:f8:aa:dd:b3:74:e2:56:
dc:29:f8:99:4e:f1:81:47:95:49:d2:da:5b:10:03:
47:7f:21:c8:e8:a9:fa:f4:e3:7e:b0:fb:89:9a:57:
04:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1F:8C:E8:89:4D:87:9C:7B:B0:7B:D2:D1:75:8B:1C:CC:88:A1:1C
X509v3 Authority Key Identifier:
keyid:67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/4h-M6IlNh5x7sHvS0XWLHMyIoRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.244.0/24
IPv6:
2a13:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
67:af:83:a8:15:70:82:6d:bf:67:a6:4e:67:bc:8b:48:02:14:
e0:80:dc:a7:6d:8d:90:c9:20:23:0a:26:e9:74:65:02:09:54:
88:c6:b4:0f:94:a3:7f:96:75:4f:f2:28:ce:49:90:ed:bd:2d:
d1:06:37:67:23:ef:ae:ce:16:5d:e3:82:6e:03:d5:28:7e:ea:
75:f8:eb:0a:f1:ac:b7:17:f3:cc:ef:55:d2:43:6d:97:a4:d5:
92:45:73:b7:90:2a:5c:af:13:aa:b8:f7:a9:e7:b2:6d:d0:d1:
c8:11:06:ce:90:03:d7:ce:5f:02:da:51:b1:00:8a:94:a6:3f:
6a:b0:59:8c:91:55:ca:31:7f:c4:08:e6:11:5f:4e:50:0c:e8:
53:c0:45:60:50:3a:e8:0f:57:a0:f7:6e:21:a1:41:bb:9e:cb:
61:b9:96:12:61:0c:52:70:fc:a4:f7:fa:5e:ec:b2:90:14:87:
2b:33:3b:a4:a5:6f:45:af:b5:ed:ef:b0:95:40:99:29:cb:8f:
ea:23:93:86:ce:01:cb:53:c7:07:19:2d:c2:16:36:42:58:3e:
5d:02:04:7a:ba:dd:b2:ff:76:b3:ec:c6:e7:4a:92:ac:a0:ca:
0c:b2:c6:19:ad:1f:91:4b:96:c8:ee:3b:01:04:13:3f:9d:6d:
a2:d3:e5:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZHWSHg3n7xPW6+ONSgSeZmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NjVhMjFiNTYxYmE4NjY1Y2Y3OWZiZjQ0YzMxOTU5ZGUy
OGYyMTYwHhcNMjQwOTA5MTAxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFmOGNlODg5NGQ4NzljN2JiMDdiZDJkMTc1OGIxY2NjODhhMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeTWiFvQIKwx8qa+u/ThtvPt289P
sddAN2qGqGVo74hL59pd/SH5ms19nuCEbHTt3Osgk3ybRJ9I0QtLKXgd/wKmVg15
fnI2OeJt2Iv7CdiY8dH5ifvIvLbI2qE63MuzlqAO+a3XmIW/lBg4bH+f75WEoUIo
Hd5GyIP+gvwci2m9FrKdZEueksUdKHyUc4lz86m7s/LomNHwXeE7Qb0UbCBxzEMR
AuV2NegwpZtBrTYD5vkqAeo+FbTqTVAWx0445GFHvHtZ5H1Y5XZhcMa3237a7C0M
8xM9Jviq3bN04lbcKfiZTvGBR5VJ0tpbEANHfyHI6Kn69ON+sPuJmlcEcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOIfjOiJTYece7B70tF1ixzMiKEcMB8GA1UdIwQY
MBaAFGdlohtWG6hmXPefv0TDGVneKPIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYt
ZWFkMDQxNzc0ZTA3LzEvNGgtTTZJbE5oNXg3c0h2UzBYV0xITXlJb1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYtZWFkMDQxNzc0ZTA3
LzEvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwif0MA0E
AgACMAcDBQAqE52AMA0GCSqGSIb3DQEBCwUAA4IBAQBnr4OoFXCCbb9npk5nvItI
AhTggNynbY2QySAjCibpdGUCCVSIxrQPlKN/lnVP8ijOSZDtvS3RBjdnI++uzhZd
44JuA9Uofup1+OsK8ay3F/PM71XSQ22XpNWSRXO3kCpcrxOquPep57Jt0NHIEQbO
kAPXzl8C2lGxAIqUpj9qsFmMkVXKMX/ECOYRX05QDOhTwEVgUDroD1eg924hoUG7
nsthuZYSYQxScPyk9/pe7LKQFIcrMzukpW9Fr7Xt77CVQJkpy4/qI5OGzgHLU8cH
GS3CFjZCWD5dAgR6ut2y/3az7MbnSpKsoMoMssYZrR+RS5bI7jsBBBM/nW2i0+Xh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:51 2025 by rpki-client