Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9bVDQSY6nD_uSt11rwelyMO3OHs.roa
File: 9bVDQSY6nD_uSt11rwelyMO3OHs.roa (raw, json)
Hash identifier: 9/35PUwgkXw0EeBc6XzE+mQQSmZxTzFJM/de2itWSjY=
Subject key identifier: F5:B5:43:41:26:3A:9C:3F:EE:4A:DD:75:AF:07:A5:C8:C3:B7:38:7B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0191B1C54BB984E564B78A29D5914B577665
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9bVDQSY6nD_uSt11rwelyMO3OHs.roa
Signing time: Mon 02 Sep 2024 08:06:22 +0000
ROA not before: Mon 02 Sep 2024 08:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.233.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:c5:4b:b9:84:e5:64:b7:8a:29:d5:91:4b:57:76:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 2 08:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b54341263a9c3fee4add75af07a5c8c3b7387b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:da:5f:2d:55:54:b6:5f:9f:4e:ae:80:fd:29:
47:73:ab:79:cd:ec:0f:29:b5:2c:c9:b4:8d:ec:8d:
8b:8f:10:55:51:19:8f:07:53:4b:da:ab:fd:63:bf:
61:77:18:05:58:96:69:a6:fe:c7:e2:89:13:94:e2:
4e:2b:4a:71:2d:2a:65:50:8f:8a:5a:3e:7b:66:10:
92:92:8c:20:7b:e6:6c:a9:25:81:09:ce:2c:f3:d1:
e0:7a:3f:65:68:0a:d8:2b:63:a0:53:38:8a:9c:0a:
9a:7d:00:b7:54:71:55:04:01:90:95:46:b5:8a:f4:
52:d0:ed:8c:89:3c:69:a8:91:9a:e9:c3:a6:b1:1c:
6b:1f:b9:d6:22:5a:7f:aa:80:ea:ef:e8:6c:42:2d:
03:69:00:0b:26:25:13:b9:36:07:39:56:fa:14:23:
53:88:3c:7f:58:e6:d8:e4:fe:8a:2d:00:61:ce:5a:
c5:d6:25:39:8d:c6:4b:9f:cf:d9:39:fc:e4:87:4a:
27:8e:49:27:9f:05:d9:cb:96:95:f6:5a:91:5d:1b:
1f:cb:c5:c4:9c:27:45:db:c5:d8:35:0b:e3:4d:08:
0f:90:ee:9c:96:78:49:a6:30:eb:e6:fc:f4:ae:94:
c0:d0:69:72:bb:d2:bc:c2:cc:7e:0a:2a:95:d1:ce:
4c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B5:43:41:26:3A:9C:3F:EE:4A:DD:75:AF:07:A5:C8:C3:B7:38:7B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9bVDQSY6nD_uSt11rwelyMO3OHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.121.16.0/23
192.121.163.0/24
192.121.171.0/24
193.235.147.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
53:70:0c:ad:83:9f:9c:e7:f4:39:f7:72:7d:ae:3a:11:59:59:
96:07:29:f5:d3:d0:45:81:a6:b9:ce:a8:17:98:47:84:39:e0:
fb:b5:da:1e:be:cc:be:50:fb:08:c1:f2:30:eb:45:44:66:1b:
9d:d5:78:c5:fc:f7:b1:87:82:14:70:7d:fe:d2:23:9a:74:ee:
cf:dc:d2:17:d2:2f:66:72:c4:0f:ed:90:40:d9:cd:a0:9f:c9:
64:c6:fe:5b:55:d1:22:14:b6:1b:44:58:eb:46:7c:8e:10:7e:
47:45:d6:e4:20:c3:2b:d6:6b:b5:d4:e9:c1:77:7a:f7:ef:b3:
74:b1:b9:1a:88:3a:81:34:cd:55:d3:99:1b:e9:fc:ae:a2:6b:
09:9a:ba:7f:a3:92:97:c7:94:2c:75:da:30:f0:dc:82:f7:7b:
4d:52:0e:f2:59:72:69:77:77:c6:86:77:7a:e3:90:e7:bc:d5:
00:a1:ee:6f:e7:4f:14:9d:0d:4f:42:ac:a5:61:7e:0c:16:7f:
06:4e:07:80:d5:e8:e4:c0:d6:3b:ed:63:6e:8c:2c:f7:27:70:
29:0c:61:58:c8:7c:79:14:a7:04:33:2f:31:70:1a:7f:4f:c2:
b4:c9:7f:26:81:4f:ed:bf:8d:15:10:e3:44:c5:9e:9f:06:47:
c9:29:11:d2
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZGxxUu5hOVkt4op1ZFLV3ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwOTAyMDgwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI1NDM0MTI2M2E5YzNmZWU0YWRkNzVhZjA3YTVjOGMzYjczODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NpfLVVUtl+fTq6A/SlHc6t5zewP
KbUsybSN7I2LjxBVURmPB1NL2qv9Y79hdxgFWJZppv7H4okTlOJOK0pxLSplUI+K
Wj57ZhCSkowge+ZsqSWBCc4s89Hgej9laArYK2OgUziKnAqafQC3VHFVBAGQlUa1
ivRS0O2MiTxpqJGa6cOmsRxrH7nWIlp/qoDq7+hsQi0DaQALJiUTuTYHOVb6FCNT
iDx/WObY5P6KLQBhzlrF1iU5jcZLn8/ZOfzkh0onjkknnwXZy5aV9lqRXRsfy8XE
nCdF28XYNQvjTQgPkO6clnhJpjDr5vz0rpTA0Glyu9K8wsx+CiqV0c5MFwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPW1Q0EmOpw/7krdda8HpcjDtzh7MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvOWJWRFFTWTZuRF91U3QxMXJ3ZWx5TU8zT0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQBwHkQAwQAwHmjAwQA
wHmrAwQAweuTAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUAA4IBAQBTcAytg5+c
5/Q593J9rjoRWVmWByn109BFgaa5zqgXmEeEOeD7tdoevsy+UPsIwfIw60VEZhud
1XjF/Pexh4IUcH3+0iOadO7P3NIX0i9mcsQP7ZBA2c2gn8lkxv5bVdEiFLYbRFjr
RnyOEH5HRdbkIMMr1mu11OnBd3r377N0sbkaiDqBNM1V05kb6fyuomsJmrp/o5KX
x5Qsddow8NyC93tNUg7yWXJpd3fGhnd645DnvNUAoe5v508UnQ1PQqylYX4MFn8G
TgeA1ejkwNY77WNujCz3J3ApDGFYyHx5FKcEMy8xcBp/T8K0yX8mgU/tv40VEONE
xZ6fBkfJKRHS
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:51 2025 by rpki-client