Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2eedkE7PNVuxVcWhGpGB9i-BvKc.roa
File: 2eedkE7PNVuxVcWhGpGB9i-BvKc.roa (raw, json)
Hash identifier: 5+D9Babs6gY99Aa1GsWqWlcngNq58WMdc1SATTCNJu0=
Subject key identifier: D9:E7:9D:90:4E:CF:35:5B:B1:55:C5:A1:1A:91:81:F6:2F:81:BC:A7
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01915154D5B362B8D7D1379B9BE85C1CE838
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2eedkE7PNVuxVcWhGpGB9i-BvKc.roa
Signing time: Wed 14 Aug 2024 14:39:59 +0000
ROA not before: Wed 14 Aug 2024 14:39:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8473
IP address blocks: 192.71.5.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
193.181.65.0/24 maxlen: 24
194.71.215.0/24 maxlen: 24
194.132.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:51:54:d5:b3:62:b8:d7:d1:37:9b:9b:e8:5c:1c:e8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 14 14:39:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9e79d904ecf355bb155c5a11a9181f62f81bca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:86:7c:69:66:2e:91:8d:dd:9f:56:55:25:5f:
6b:51:86:42:68:10:e0:0c:a0:94:ad:f0:49:f9:7a:
cd:c5:0f:cf:bc:c6:0b:ba:fc:42:1b:5a:93:44:b4:
3a:0a:f6:8e:5f:76:14:d3:3c:6e:51:fc:a3:da:a2:
05:d6:4b:76:7b:8d:62:00:bf:ec:db:28:e0:58:81:
31:37:7d:4b:82:6f:bd:f0:66:7d:c8:7f:80:eb:e3:
b1:ad:80:bb:15:81:2e:5e:c4:39:4f:13:7e:80:f9:
7e:3f:15:12:8e:37:0a:9a:ed:14:ee:33:0d:87:33:
e0:c9:d7:86:1d:df:2b:76:37:63:7a:03:f5:5e:24:
42:74:6a:72:d4:0d:3b:68:70:8f:20:4f:04:4c:69:
9a:f5:9d:95:ca:14:b1:4d:f7:d1:97:c1:e8:49:83:
40:0a:ce:43:16:0c:0d:f8:5a:d0:c3:41:fe:1a:2c:
0f:0a:ac:8d:ef:c0:29:83:de:63:91:f2:ba:d5:44:
15:f5:ff:3f:24:0d:a7:15:f1:32:f2:79:15:c1:ab:
ca:3c:ad:83:84:50:47:43:01:46:e5:63:40:5b:d4:
e1:20:80:f6:28:ae:d1:bd:73:5c:c0:4f:5f:9a:88:
28:48:30:61:fc:e3:35:e5:14:06:db:72:67:77:e7:
ab:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E7:9D:90:4E:CF:35:5B:B1:55:C5:A1:1A:91:81:F6:2F:81:BC:A7
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2eedkE7PNVuxVcWhGpGB9i-BvKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.5.0/24
192.121.101.0/24
193.181.65.0/24
194.71.215.0/24
194.132.162.0/24
Signature Algorithm: sha256WithRSAEncryption
73:41:18:4e:e5:4d:58:2d:00:51:d0:42:6b:48:b3:4b:32:59:
e5:45:08:19:e5:b4:7a:85:4a:db:e3:ad:32:e5:d7:c7:49:a8:
cc:70:cf:47:e0:f8:b5:bc:43:02:97:66:a4:8e:76:0e:45:21:
1a:de:62:25:59:ac:92:09:2c:a2:ae:d2:84:5c:73:1f:9f:aa:
31:99:cf:b6:d9:e8:f4:87:70:f5:77:3f:60:fd:ff:a4:e1:26:
f5:a2:46:6e:7a:2f:25:cd:b8:0d:6b:d1:a3:8b:4e:1e:0a:e5:
82:05:d2:31:05:d6:34:d7:b7:5e:36:2f:fa:77:4a:78:fb:22:
11:17:43:40:41:74:c4:c8:ae:8c:70:10:12:a9:e4:5f:18:dc:
dd:56:17:6e:f6:2e:52:70:46:4b:16:7f:88:ff:d1:20:79:5f:
a0:12:39:02:27:17:8b:a0:b5:34:b1:7a:3f:60:64:bd:aa:ce:
95:e6:e1:76:04:63:59:c2:78:8e:b6:49:f6:1f:04:74:b3:73:
20:7c:0a:63:47:0e:a5:e9:46:a6:22:54:0e:4c:6c:be:ac:41:
19:95:dc:5c:0d:a8:53:1c:ae:4f:f3:12:7c:41:ba:4b:18:b1:
5f:88:d9:68:6c:05:c1:c6:bb:8c:44:f9:34:50:e5:e1:06:23:
14:f8:cb:8a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFRVNWzYrjX0Tebm+hcHOg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwODE0MTQzOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU3OWQ5MDRlY2YzNTViYjE1NWM1YTExYTkxODFmNjJmODFiY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoZ8aWYukY3dn1ZVJV9rUYZCaBDg
DKCUrfBJ+XrNxQ/PvMYLuvxCG1qTRLQ6CvaOX3YU0zxuUfyj2qIF1kt2e41iAL/s
2yjgWIExN31Lgm+98GZ9yH+A6+OxrYC7FYEuXsQ5TxN+gPl+PxUSjjcKmu0U7jMN
hzPgydeGHd8rdjdjegP1XiRCdGpy1A07aHCPIE8ETGma9Z2VyhSxTffRl8HoSYNA
Cs5DFgwN+FrQw0H+GiwPCqyN78Apg95jkfK61UQV9f8/JA2nFfEy8nkVwavKPK2D
hFBHQwFG5WNAW9ThIID2KK7RvXNcwE9fmogoSDBh/OM15RQG23Jnd+er2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNnnnZBOzzVbsVXFoRqRgfYvgbynMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMmVlZGtFN1BOVnV4VmNXaEdwR0I5aS1CdktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwEcFAwQA
wHllAwQAwbVBAwQAwkfXAwQAwoSiMA0GCSqGSIb3DQEBCwUAA4IBAQBzQRhO5U1Y
LQBR0EJrSLNLMlnlRQgZ5bR6hUrb460y5dfHSajMcM9H4Pi1vEMCl2akjnYORSEa
3mIlWaySCSyirtKEXHMfn6oxmc+22ej0h3D1dz9g/f+k4Sb1okZuei8lzbgNa9Gj
i04eCuWCBdIxBdY017deNi/6d0p4+yIRF0NAQXTEyK6McBASqeRfGNzdVhdu9i5S
cEZLFn+I/9EgeV+gEjkCJxeLoLU0sXo/YGS9qs6V5uF2BGNZwniOtkn2HwR0s3Mg
fApjRw6l6UamIlQOTGy+rEEZldxcDahTHK5P8xJ8QbpLGLFfiNlobAXBxruMRPk0
UOXhBiMU+MuK
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:23 2025 by rpki-client