Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/2MeDQLnONGLPdZwTfnz2Qz2Teg4.roa
File: 2MeDQLnONGLPdZwTfnz2Qz2Teg4.roa (raw, json)
Hash identifier: 1J7nQd5gXgvOJ9lNAkZ7uOeLwdxfMNivDOUxrEJx8gE=
Subject key identifier: D8:C7:83:40:B9:CE:34:62:CF:75:9C:13:7E:7C:F6:43:3D:93:7A:0E
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0194F96042076BB0D22E7256619933C97AD4
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/2MeDQLnONGLPdZwTfnz2Qz2Teg4.roa
Signing time: Wed 12 Feb 2025 08:57:02 +0000
ROA not before: Wed 12 Feb 2025 08:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.192.0/24 maxlen: 24
91.108.193.0/24 maxlen: 24
91.108.194.0/24 maxlen: 24
91.108.195.0/24 maxlen: 24
91.108.204.0/22 maxlen: 22
91.108.208.0/22 maxlen: 22
91.108.208.0/24 maxlen: 24
91.108.212.0/22 maxlen: 22
91.108.216.0/22 maxlen: 22
91.108.220.0/22 maxlen: 22
91.108.224.0/24 maxlen: 24
91.108.228.0/22 maxlen: 22
91.108.232.0/22 maxlen: 22
91.108.236.0/24 maxlen: 24
91.108.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 12:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:60:42:07:6b:b0:d2:2e:72:56:61:99:33:c9:7a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Feb 12 08:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8c78340b9ce3462cf759c137e7cf6433d937a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ce:23:fc:c4:f4:e4:7e:e8:7a:98:7b:45:a7:
9a:14:df:da:90:b8:66:3e:e8:19:14:b8:0b:aa:52:
6a:f0:07:8a:2c:31:d0:8f:e1:b7:99:84:31:d5:88:
0c:8e:62:30:84:27:b7:a4:73:51:d2:f3:ab:1f:a3:
b1:f1:25:61:4f:75:99:f2:81:3d:c4:1c:52:a8:41:
d2:7b:e2:e8:72:6e:a7:09:a6:7c:55:a2:40:dd:43:
b2:8f:6b:21:3e:23:e5:fb:0e:ed:f0:6a:e1:66:93:
3c:5e:34:d9:69:9f:85:d5:8b:75:82:b2:53:54:df:
43:b5:a2:11:a1:87:cc:06:b1:9a:97:7a:3f:08:f6:
cf:21:d1:d6:55:3b:6b:9e:d0:a1:e1:65:8f:d5:49:
cb:64:a4:be:be:08:ae:60:db:91:e9:40:b6:92:b6:
bc:05:dc:a0:a4:bb:aa:9e:28:71:d1:99:81:25:64:
c0:ee:75:ed:36:a2:43:3d:31:2e:c8:56:33:19:ad:
c4:ae:e6:a5:38:ac:e0:11:2c:5f:b1:dd:a0:92:bd:
dc:c4:f1:22:81:4e:87:d7:c6:ab:9f:d2:f2:ef:43:
6f:e0:cb:1a:50:1f:69:e4:c9:b0:4e:98:d5:17:38:
80:a1:ff:b9:d2:cf:ab:ec:08:ff:47:4f:1e:d2:08:
74:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C7:83:40:B9:CE:34:62:CF:75:9C:13:7E:7C:F6:43:3D:93:7A:0E
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/2MeDQLnONGLPdZwTfnz2Qz2Teg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0/22
91.108.204.0-91.108.224.255
91.108.228.0-91.108.236.255
91.108.238.0/24
Signature Algorithm: sha256WithRSAEncryption
62:ec:ea:38:1c:fd:7d:a7:7f:84:fc:f3:66:18:28:88:90:7e:
11:b2:5f:73:f1:85:84:08:43:b8:14:b7:9b:eb:32:1d:fa:50:
ed:84:d4:09:2f:02:0b:1e:44:34:89:66:2e:18:cd:7e:a8:88:
e0:8d:94:0e:c7:c1:c4:2f:46:25:d5:74:f4:a6:2e:4d:3a:dc:
a7:3a:50:98:8d:ed:97:f2:e9:6f:94:26:ba:d9:b3:ab:ae:63:
68:b1:37:69:3a:26:e2:de:d8:bc:aa:fc:8a:d2:13:c2:d5:6c:
7c:44:63:5d:f7:db:6b:a6:9c:ee:39:98:90:32:8c:a5:bb:b5:
79:e7:1f:6a:12:24:11:a5:d8:c4:ff:98:fb:0d:f4:5e:67:aa:
34:3d:50:3a:68:1f:ac:1d:b6:f2:24:24:f1:24:1e:14:40:e9:
2f:7d:8e:a6:92:92:c0:88:15:a8:e4:6c:86:2d:3a:a8:05:9e:
0e:6a:47:56:d2:e5:d1:32:dc:a8:d2:5c:0e:b8:60:a3:dd:fb:
f6:28:ab:ae:99:4a:55:45:b6:4e:b7:08:50:87:f6:d8:d0:ee:
f9:d6:48:20:dd:d4:6b:3a:8a:22:73:65:5a:63:d5:a3:5d:d4:
db:f2:d5:39:46:22:65:a7:ad:8c:71:8b:c0:44:14:e9:73:0d:
4b:85:8e:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZT5YEIHa7DSLnJWYZkzyXrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwMjEyMDg1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM3ODM0MGI5Y2UzNDYyY2Y3NTljMTM3ZTdjZjY0MzNkOTM3YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA084j/MT05H7oeph7RaeaFN/akLhm
PugZFLgLqlJq8AeKLDHQj+G3mYQx1YgMjmIwhCe3pHNR0vOrH6Ox8SVhT3WZ8oE9
xBxSqEHSe+Locm6nCaZ8VaJA3UOyj2shPiPl+w7t8GrhZpM8XjTZaZ+F1Yt1grJT
VN9DtaIRoYfMBrGal3o/CPbPIdHWVTtrntCh4WWP1UnLZKS+vgiuYNuR6UC2kra8
BdygpLuqnihx0ZmBJWTA7nXtNqJDPTEuyFYzGa3ErualOKzgESxfsd2gkr3cxPEi
gU6H18arn9Ly70Nv4MsaUB9p5MmwTpjVFziAof+50s+r7Aj/R08e0gh0wQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNjHg0C5zjRiz3WcE3589kM9k3oOMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvMk1lRFFMbk9OR0xQZFp3VGZuejJRejJUZWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCW2zAMAwD
BAJbbMwDBABbbOAwDAMEAlts5AMEAFts7AMEAFts7jANBgkqhkiG9w0BAQsFAAOC
AQEAYuzqOBz9fad/hPzzZhgoiJB+EbJfc/GFhAhDuBS3m+syHfpQ7YTUCS8CCx5E
NIlmLhjNfqiI4I2UDsfBxC9GJdV09KYuTTrcpzpQmI3tl/Lpb5Qmutmzq65jaLE3
aTom4t7YvKr8itITwtVsfERjXffba6ac7jmYkDKMpbu1eecfahIkEaXYxP+Y+w30
XmeqND1QOmgfrB228iQk8SQeFEDpL32OppKSwIgVqORshi06qAWeDmpHVtLl0TLc
qNJcDrhgo9379iirrplKVUW2TrcIUIf22NDu+dZIIN3UazqKInNlWmPVo13U2/LV
OUYiZaetjHGLwEQU6XMNS4WOAA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:26 2025 by rpki-client