Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/I-_f9Z16GywnsL9aucRTRAYLqyY.roa
File: I-_f9Z16GywnsL9aucRTRAYLqyY.roa (raw, json)
Hash identifier: ud8FcFJNEizlHMATFe2wkK8JETBzkUAZ7YPYpx08XM4=
Subject key identifier: 23:EF:DF:F5:9D:7A:1B:2C:27:B0:BF:5A:B9:C4:53:44:06:0B:AB:26
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0193ACE5D0DFEF67E673ECA01EE9B94DAA3F
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/I-_f9Z16GywnsL9aucRTRAYLqyY.roa
Signing time: Mon 09 Dec 2024 19:29:22 +0000
ROA not before: Mon 09 Dec 2024 19:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57013
IP address blocks: 91.231.187.0/24 maxlen: 24
92.63.181.0/24 maxlen: 24
93.92.115.0/24 maxlen: 24
109.196.105.0/24 maxlen: 24
109.196.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:e5:d0:df:ef:67:e6:73:ec:a0:1e:e9:b9:4d:aa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Dec 9 19:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23efdff59d7a1b2c27b0bf5ab9c45344060bab26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ae:a2:0f:3c:43:33:39:a7:3f:cf:dd:6b:98:
8c:43:cc:9b:16:cf:86:f5:aa:66:4b:e7:1a:34:c2:
62:3b:e0:8a:15:4a:40:a3:12:56:5c:a2:fc:b2:bf:
17:ff:14:92:d4:37:aa:50:24:47:de:1f:a1:8f:4f:
0e:da:4d:c8:af:9b:1c:1b:a7:ab:ff:cf:0b:17:8d:
84:cf:ea:fa:33:8b:e5:3a:6d:0a:8f:c5:e2:5c:bd:
92:da:ef:e8:27:c3:7e:95:47:28:6e:65:7b:82:fe:
7f:89:fb:a6:f3:ef:2a:34:e7:53:1d:68:42:23:8f:
76:56:00:45:b9:81:35:3d:4f:5b:fe:c7:e5:53:53:
43:9a:f6:a8:1b:f1:29:aa:20:32:4b:dd:42:69:0c:
02:0c:a1:23:3d:bc:8c:ac:fc:42:85:d4:08:0f:a6:
0e:a4:33:d2:d5:29:65:6e:08:94:7a:d4:f9:25:6e:
16:e4:bc:fb:ee:fc:69:6a:cb:fe:31:30:f7:4f:74:
97:7a:ca:01:56:f4:ed:f4:81:53:7e:e2:e2:fd:33:
04:1d:92:80:e0:2e:e7:05:73:cd:ed:d0:b5:fa:d0:
b4:ce:83:d3:d1:d7:0f:fd:91:9b:ad:90:53:57:5a:
c7:be:a7:f5:51:51:be:28:10:81:62:e7:7c:32:b1:
4a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EF:DF:F5:9D:7A:1B:2C:27:B0:BF:5A:B9:C4:53:44:06:0B:AB:26
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/I-_f9Z16GywnsL9aucRTRAYLqyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.187.0/24
92.63.181.0/24
93.92.115.0/24
109.196.105.0/24
109.196.110.0/24
Signature Algorithm: sha256WithRSAEncryption
14:fc:c5:11:f6:8a:3a:77:4e:ad:b0:3c:58:37:0e:8c:27:5b:
f7:b8:01:81:f2:17:da:d6:3d:db:81:51:64:c8:c9:7e:a0:2f:
b5:fb:6d:06:f9:a5:8b:d3:80:12:53:fd:cf:2d:60:d1:69:89:
ea:6c:ca:50:0d:7b:02:78:6c:8e:67:29:f3:51:40:af:16:6b:
b6:99:1e:4e:f9:f9:20:0a:82:2e:1e:c9:a4:a4:b3:f4:55:37:
bd:2c:2d:1b:2a:0e:ee:af:44:3a:e8:00:6f:02:16:68:4c:cb:
f7:43:9b:58:9d:fa:e2:cd:9f:86:a2:d4:7d:86:e3:24:0d:24:
b7:bc:22:d0:23:f4:94:ad:e8:b4:a6:1e:6f:89:f9:89:b4:a4:
57:a0:e3:57:fa:e4:4a:64:23:84:bb:e1:d1:e9:99:63:27:d3:
cf:25:ce:46:b6:e9:af:55:12:6f:0e:07:f2:19:fd:68:6b:77:
10:33:55:63:3f:4b:8d:61:a9:39:ed:ab:ef:9f:b8:64:b4:11:
3b:18:60:1a:7c:64:f1:14:ef:05:6b:f4:67:d8:82:c9:c9:cb:
7f:32:80:88:ba:a5:99:4b:4c:83:b0:d3:89:51:38:41:4f:b2:
42:75:02:ce:01:27:62:2b:0c:90:07:79:62:b0:7a:ba:f5:9a:
d9:ba:e2:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOs5dDf72fmc+ygHum5Tao/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQxMjA5MTkyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2VmZGZmNTlkN2ExYjJjMjdiMGJmNWFiOWM0NTM0NDA2MGJhYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta6iDzxDMzmnP8/da5iMQ8ybFs+G
9apmS+caNMJiO+CKFUpAoxJWXKL8sr8X/xSS1DeqUCRH3h+hj08O2k3Ir5scG6er
/88LF42Ez+r6M4vlOm0Kj8XiXL2S2u/oJ8N+lUcobmV7gv5/ifum8+8qNOdTHWhC
I492VgBFuYE1PU9b/sflU1NDmvaoG/EpqiAyS91CaQwCDKEjPbyMrPxChdQID6YO
pDPS1SllbgiUetT5JW4W5Lz77vxpasv+MTD3T3SXesoBVvTt9IFTfuLi/TMEHZKA
4C7nBXPN7dC1+tC0zoPT0dcP/ZGbrZBTV1rHvqf1UVG+KBCBYud8MrFKJwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCPv3/WdehssJ7C/WrnEU0QGC6smMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvSS1fZjlaMTZHeXduc0w5YXVjUlRSQVlMcXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+e7AwQA
XD+1AwQAXVxzAwQAbcRpAwQAbcRuMA0GCSqGSIb3DQEBCwUAA4IBAQAU/MUR9oo6
d06tsDxYNw6MJ1v3uAGB8hfa1j3bgVFkyMl+oC+1+20G+aWL04ASU/3PLWDRaYnq
bMpQDXsCeGyOZynzUUCvFmu2mR5O+fkgCoIuHsmkpLP0VTe9LC0bKg7ur0Q66ABv
AhZoTMv3Q5tYnfrizZ+GotR9huMkDSS3vCLQI/SUrei0ph5vifmJtKRXoONX+uRK
ZCOEu+HR6ZljJ9PPJc5GtumvVRJvDgfyGf1oa3cQM1VjP0uNYak57avvn7hktBE7
GGAafGTxFO8Fa/Rn2ILJyct/MoCIuqWZS0yDsNOJUThBT7JCdQLOASdiKwyQB3li
sHq69ZrZuuJ8
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:15:02 2025 by rpki-client