Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/E2GWU4vMecDyL9eddkASlaHJSPA.roa
File: E2GWU4vMecDyL9eddkASlaHJSPA.roa (raw, json)
Hash identifier: DEwZVcU7aaSAI9nOV+Fs96QD3Vn7TnJqyHLYtl3Hf5U=
Subject key identifier: 13:61:96:53:8B:CC:79:C0:F2:2F:D7:9D:76:40:12:95:A1:C9:48:F0
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 01929534B38B2475363C5FD3D3F579FB243B
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/E2GWU4vMecDyL9eddkASlaHJSPA.roa
Signing time: Wed 16 Oct 2024 12:01:51 +0000
ROA not before: Wed 16 Oct 2024 12:01:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 91.239.43.0/24 maxlen: 24
213.109.76.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 17 Oct 2024 11:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:34:b3:8b:24:75:36:3c:5f:d3:d3:f5:79:fb:24:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Oct 16 12:01:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=136196538bcc79c0f22fd79d76401295a1c948f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6b:8f:7b:d4:06:61:e4:b5:21:6c:87:9b:86:
9c:98:6b:13:e3:a4:d0:df:c1:df:0e:ef:e1:64:2b:
ba:9e:2c:48:64:9c:81:31:a9:19:05:db:d0:59:b9:
14:63:74:a0:09:99:24:f5:ba:f2:1d:5d:73:20:d7:
cb:cc:e7:88:40:ab:99:d0:00:a9:33:1b:de:82:a6:
0b:c4:a2:aa:a2:cc:8d:09:9d:7f:9e:85:e3:30:32:
b4:00:be:8e:39:81:6f:4b:81:e3:60:cb:17:ed:8d:
f8:59:c8:e2:bc:72:42:4f:e7:d6:e0:0c:3e:a6:d5:
8b:36:59:98:6d:01:9c:4d:ff:5e:1a:c3:cd:29:59:
da:27:1c:63:32:c6:09:eb:89:c9:51:7a:8b:e6:f8:
29:2c:22:a1:bd:24:3e:a2:f0:16:cc:40:e2:5d:88:
df:d0:6a:ae:b5:9b:1f:ca:84:6a:8f:d6:2d:45:03:
7d:f1:9b:df:57:6c:0f:10:0f:a2:57:02:a7:76:85:
ad:e9:16:2f:e1:5d:2c:86:33:3b:af:64:37:77:31:
3d:85:7c:59:a1:95:fa:e6:28:13:45:46:26:bf:69:
4f:00:90:ff:ab:8e:42:2b:9c:7f:96:d2:30:d5:47:
71:e8:2a:d9:5c:ce:fb:a6:f8:7f:59:72:bd:7b:0e:
18:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:61:96:53:8B:CC:79:C0:F2:2F:D7:9D:76:40:12:95:A1:C9:48:F0
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/E2GWU4vMecDyL9eddkASlaHJSPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.43.0/24
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:da:14:26:73:44:12:7f:e4:7d:1b:35:cb:24:82:55:57:50:
0f:74:0e:1a:c7:87:11:d8:1f:3b:5c:e9:4c:70:65:15:13:99:
60:ed:e1:f8:0f:42:d1:48:5d:75:96:a0:ce:f2:fd:db:a5:be:
b1:8e:cb:46:bd:c6:c0:a4:0a:23:10:49:74:42:1d:6a:53:68:
aa:55:4e:c9:c4:77:4c:cb:36:d8:2a:6f:5d:08:ad:d2:c9:32:
3d:4e:4c:e6:da:a0:fd:7f:74:b1:89:e3:be:03:20:28:62:87:
76:7a:ec:d7:68:be:c9:77:bb:94:84:99:c1:6c:15:1a:b4:4f:
91:17:df:e3:f2:46:a4:eb:61:8c:05:da:2a:7d:ce:d6:db:a6:
95:93:6b:eb:f9:a1:d5:f0:72:43:c3:ab:90:c4:d3:c2:3e:61:
bb:de:4f:de:4d:7f:2b:da:e5:e2:e1:51:01:28:ff:01:8f:85:
5d:52:24:f4:ca:ff:c4:d1:3a:09:8a:72:01:be:fc:8e:19:a1:
2f:3c:42:91:c1:fc:2e:cd:05:ce:d6:be:fb:cf:67:72:07:81:
90:ed:77:99:7e:63:f4:c5:0e:28:5c:ca:61:c2:e6:a8:e5:0e:
9d:15:7d:d4:19:3e:78:32:19:a2:b2:71:2f:33:89:84:95:c1:
22:03:3d:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKVNLOLJHU2PF/T0/V5+yQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQxMDE2MTIwMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzYxOTY1MzhiY2M3OWMwZjIyZmQ3OWQ3NjQwMTI5NWExYzk0OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2uPe9QGYeS1IWyHm4acmGsT46TQ
38HfDu/hZCu6nixIZJyBMakZBdvQWbkUY3SgCZkk9bryHV1zINfLzOeIQKuZ0ACp
MxvegqYLxKKqosyNCZ1/noXjMDK0AL6OOYFvS4HjYMsX7Y34WcjivHJCT+fW4Aw+
ptWLNlmYbQGcTf9eGsPNKVnaJxxjMsYJ64nJUXqL5vgpLCKhvSQ+ovAWzEDiXYjf
0GqutZsfyoRqj9YtRQN98ZvfV2wPEA+iVwKndoWt6RYv4V0shjM7r2Q3dzE9hXxZ
oZX65igTRUYmv2lPAJD/q45CK5x/ltIw1Udx6CrZXM77pvh/WXK9ew4YmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBNhllOLzHnA8i/XnXZAEpWhyUjwMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvRTJHV1U0dk1lY0R5TDllZGRrQVNsYUhKU1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+8rAwQB
1W1MMA0GCSqGSIb3DQEBCwUAA4IBAQA72hQmc0QSf+R9GzXLJIJVV1APdA4ax4cR
2B87XOlMcGUVE5lg7eH4D0LRSF11lqDO8v3bpb6xjstGvcbApAojEEl0Qh1qU2iq
VU7JxHdMyzbYKm9dCK3SyTI9Tkzm2qD9f3SxieO+AyAoYod2euzXaL7Jd7uUhJnB
bBUatE+RF9/j8kak62GMBdoqfc7W26aVk2vr+aHV8HJDw6uQxNPCPmG73k/eTX8r
2uXi4VEBKP8Bj4VdUiT0yv/E0ToJinIBvvyOGaEvPEKRwfwuzQXO1r77z2dyB4GQ
7XeZfmP0xQ4oXMphwuao5Q6dFX3UGT54MhmisnEvM4mElcEiAz17
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:21 2025 by rpki-client