Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/gtHdVq6VB2HEXQhe0DLi4X2ECXA.roa
File: gtHdVq6VB2HEXQhe0DLi4X2ECXA.roa (raw, json)
Hash identifier: 0OYgffyEv1Pn6Q6bjvZqAcP2WrfMDjEjgqBHmuVL1xc=
Subject key identifier: 82:D1:DD:56:AE:95:07:61:C4:5D:08:5E:D0:32:E2:E1:7D:84:09:70
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 01928F6FF48A567A0460D2119525C1F21037
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/gtHdVq6VB2HEXQhe0DLi4X2ECXA.roa
Signing time: Tue 15 Oct 2024 09:08:51 +0000
ROA not before: Tue 15 Oct 2024 09:08:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 91.239.43.0/24 maxlen: 24
213.109.76.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:6f:f4:8a:56:7a:04:60:d2:11:95:25:c1:f2:10:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Oct 15 09:08:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82d1dd56ae950761c45d085ed032e2e17d840970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4b:c6:1e:5c:f6:d9:13:17:ab:bd:22:f4:af:
8a:ce:5a:c3:06:95:00:79:b8:01:58:a6:7c:52:cc:
23:e9:40:ca:82:38:6a:0d:f9:00:d1:14:08:bd:c7:
2a:8a:72:cc:6e:b4:a8:c8:27:c2:59:eb:06:09:dc:
8d:91:fe:93:06:14:94:14:68:65:c5:4d:d8:b4:07:
98:d3:22:ce:cc:95:6b:31:44:86:2e:cf:bb:3b:7e:
67:76:ef:18:c0:15:73:95:52:b7:fd:e5:fc:e8:02:
00:d8:af:a1:c1:47:70:19:a6:7e:31:5c:fd:db:5d:
0c:9a:2a:a7:a4:1a:65:af:e9:66:f6:b0:23:70:40:
88:c8:df:8b:9d:a9:73:26:ee:c5:42:17:eb:88:19:
41:6f:2c:8b:6f:9a:b3:1d:20:c8:2d:12:41:73:a6:
b6:32:dc:b9:09:b8:b3:8a:be:16:73:b5:78:b2:a9:
4e:c5:85:ec:0e:8c:8c:c9:a5:e7:d6:54:d7:28:3e:
7a:fd:01:8f:26:e9:f9:cf:3c:33:fb:3f:c1:b5:6b:
44:be:eb:8e:6d:52:58:ee:67:20:b9:50:0b:07:8b:
51:81:f5:c8:06:45:a7:39:2c:7d:ee:0c:71:44:8f:
03:91:e6:57:ce:92:73:b7:52:75:bf:e5:8b:aa:30:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D1:DD:56:AE:95:07:61:C4:5D:08:5E:D0:32:E2:E1:7D:84:09:70
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/gtHdVq6VB2HEXQhe0DLi4X2ECXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.43.0/24
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
55:06:6b:94:e5:0d:8e:dd:55:0b:69:a1:69:f7:89:2e:46:0f:
5a:52:82:3b:43:41:dc:3f:a9:c0:b6:92:2b:2d:db:7a:ed:58:
3f:19:dc:57:2a:90:26:79:19:90:af:00:7a:17:0b:da:c9:66:
14:c0:62:61:7d:4a:a6:d9:d7:e4:c8:e2:6e:14:f1:b5:87:9a:
25:f2:da:9f:9c:d9:a8:91:33:0d:ce:84:76:70:2b:7c:98:1a:
5a:25:37:d5:da:25:79:4d:e0:50:f5:e2:20:b4:3f:67:1b:58:
ef:4c:a9:49:ef:53:6f:f7:81:32:4d:82:10:ce:74:1f:c7:38:
98:ae:db:df:9e:bd:3b:23:f3:c3:30:6e:8e:18:49:a2:ae:c8:
5e:c3:95:19:3e:e3:dc:9e:7f:ab:4f:77:cc:c5:e3:89:38:87:
2b:bb:1a:5c:85:7a:1f:be:1c:b9:01:8f:03:ff:bd:b7:85:c5:
49:04:67:f1:e1:6c:c9:ae:9a:21:8f:fb:03:65:dd:dd:a3:6e:
fd:34:05:40:d8:1c:61:c5:73:d6:18:41:e7:ce:90:bb:f5:13:
a4:9e:ef:79:fa:a9:db:f1:67:a1:f9:8a:55:f3:d9:86:6d:f5:
65:3e:39:53:2d:10:2b:72:69:ae:95:07:30:4c:27:05:bb:7f:
bc:b9:ba:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKPb/SKVnoEYNIRlSXB8hA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQxMDE1MDkwODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQxZGQ1NmFlOTUwNzYxYzQ1ZDA4NWVkMDMyZTJlMTdkODQwOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EvGHlz22RMXq70i9K+KzlrDBpUA
ebgBWKZ8Uswj6UDKgjhqDfkA0RQIvccqinLMbrSoyCfCWesGCdyNkf6TBhSUFGhl
xU3YtAeY0yLOzJVrMUSGLs+7O35ndu8YwBVzlVK3/eX86AIA2K+hwUdwGaZ+MVz9
210MmiqnpBplr+lm9rAjcECIyN+LnalzJu7FQhfriBlBbyyLb5qzHSDILRJBc6a2
Mty5Cbizir4Wc7V4sqlOxYXsDoyMyaXn1lTXKD56/QGPJun5zzwz+z/BtWtEvuuO
bVJY7mcguVALB4tRgfXIBkWnOSx97gxxRI8DkeZXzpJzt1J1v+WLqjDFOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFILR3VaulQdhxF0IXtAy4uF9hAlwMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvZ3RIZFZxNlZCMkhFWFFoZTBETGk0WDJFQ1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+8rAwQB
1W1MMA0GCSqGSIb3DQEBCwUAA4IBAQBVBmuU5Q2O3VULaaFp94kuRg9aUoI7Q0Hc
P6nAtpIrLdt67Vg/GdxXKpAmeRmQrwB6FwvayWYUwGJhfUqm2dfkyOJuFPG1h5ol
8tqfnNmokTMNzoR2cCt8mBpaJTfV2iV5TeBQ9eIgtD9nG1jvTKlJ71Nv94EyTYIQ
znQfxziYrtvfnr07I/PDMG6OGEmirshew5UZPuPcnn+rT3fMxeOJOIcruxpchXof
vhy5AY8D/723hcVJBGfx4WzJrpohj/sDZd3do279NAVA2BxhxXPWGEHnzpC79ROk
nu95+qnb8Weh+YpV89mGbfVlPjlTLRArcmmulQcwTCcFu3+8ubrx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:15 2025 by rpki-client