Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/ll5h6xL-mgc4ydTCRKUP-Ieqci0.roa
File: ll5h6xL-mgc4ydTCRKUP-Ieqci0.roa (raw, json)
Hash identifier: OH1AFwOkGXLdh29JbIaTjeMuVR7Vjx+669DVy7gQFo8=
Subject key identifier: 96:5E:61:EB:12:FE:9A:07:38:C9:D4:C2:44:A5:0F:F8:87:AA:72:2D
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 01932B1A63F929848593B2CA9A547AD231FC
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/ll5h6xL-mgc4ydTCRKUP-Ieqci0.roa
Signing time: Thu 14 Nov 2024 14:36:09 +0000
ROA not before: Thu 14 Nov 2024 14:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1740
IP address blocks: 91.108.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 15:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2b:1a:63:f9:29:84:85:93:b2:ca:9a:54:7a:d2:31:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Nov 14 14:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=965e61eb12fe9a0738c9d4c244a50ff887aa722d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:36:73:46:2c:f3:ed:2e:e0:f6:dd:5b:59:
76:9b:cb:2e:25:74:63:d9:0f:33:0d:50:b1:31:5f:
e4:36:1e:23:47:7f:34:74:f1:ec:b3:eb:15:48:65:
12:71:6b:d0:c7:39:a9:41:ea:6a:36:65:93:82:30:
52:15:c8:90:2e:65:6b:99:c2:88:43:d8:52:9c:85:
cf:45:35:14:dc:58:77:84:d8:d7:c2:68:e9:f2:a8:
45:3a:ac:79:6c:93:58:4f:11:57:62:4f:bd:19:46:
06:60:50:b9:5d:94:7c:1a:75:27:91:51:d0:10:5c:
f9:6d:cd:7a:04:44:8d:0a:52:00:66:2b:98:6b:48:
ba:9d:a5:a4:db:0e:cc:d0:2c:48:9a:2c:94:1d:81:
aa:56:26:aa:46:2b:ca:75:9c:c1:c5:e9:9a:fa:03:
df:e8:04:6e:38:c4:30:4e:87:be:e0:44:42:af:a2:
80:71:b3:0b:f1:e1:0f:8d:62:d3:14:54:6b:e3:af:
6a:e9:ce:b3:6b:36:d1:f6:c6:6a:5f:a3:1f:fb:56:
cd:ca:68:dc:7f:6a:f8:51:8d:cb:25:60:d5:b4:4c:
68:91:e1:5c:34:68:38:a9:83:88:2c:8e:af:8c:bd:
d1:50:0f:6a:e7:41:53:72:ac:fb:97:4d:20:a0:7d:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5E:61:EB:12:FE:9A:07:38:C9:D4:C2:44:A5:0F:F8:87:AA:72:2D
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/ll5h6xL-mgc4ydTCRKUP-Ieqci0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.242.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a2:88:62:3d:bf:65:51:aa:dd:4b:99:a6:30:eb:ce:ed:1e:
5e:8d:ca:6a:15:97:f9:a2:ef:54:bd:a2:f5:ae:a7:f5:f0:7a:
52:67:37:eb:ea:80:b5:ca:c7:ef:77:a7:47:79:ac:e2:41:e9:
b7:6d:16:da:4a:e8:ab:5f:af:62:27:dc:d4:d0:1b:98:a5:f7:
e3:14:d6:b0:f6:5e:4e:f2:b7:18:07:53:f7:f3:14:7c:d6:c9:
0b:b2:25:6d:72:a3:77:47:45:e3:10:d5:00:05:0c:40:42:3d:
94:65:77:00:9d:71:74:51:36:78:3f:f3:2a:ae:ec:cf:82:8e:
89:10:98:35:4b:53:ce:e9:44:74:9d:f0:75:26:1c:11:bd:d2:
ac:b8:7f:47:6d:87:8b:05:13:ed:80:ce:db:24:bd:b5:d5:37:
df:c1:ea:53:86:ea:c5:9b:58:55:91:7f:5d:c6:80:d8:9c:3c:
32:aa:14:61:de:fd:70:b8:c9:67:d0:05:2b:c0:f9:11:f5:b6:
68:7a:0b:66:84:2a:49:fc:89:4d:e7:38:0b:d7:07:e7:c5:62:
15:87:eb:e1:64:7c:8d:2b:b9:82:ef:1e:18:d2:5b:37:2c:5c:
b5:75:63:e4:f9:c8:27:17:4f:6b:2f:8a:20:c4:12:f4:f1:ff:
e4:02:3e:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMrGmP5KYSFk7LKmlR60jH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQxMTE0MTQzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVlNjFlYjEyZmU5YTA3MzhjOWQ0YzI0NGE1MGZmODg3YWE3MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pc2c0Ys8+0u4PbdW1l2m8suJXRj
2Q8zDVCxMV/kNh4jR380dPHss+sVSGUScWvQxzmpQepqNmWTgjBSFciQLmVrmcKI
Q9hSnIXPRTUU3Fh3hNjXwmjp8qhFOqx5bJNYTxFXYk+9GUYGYFC5XZR8GnUnkVHQ
EFz5bc16BESNClIAZiuYa0i6naWk2w7M0CxImiyUHYGqViaqRivKdZzBxema+gPf
6ARuOMQwToe+4ERCr6KAcbML8eEPjWLTFFRr469q6c6zazbR9sZqX6Mf+1bNymjc
f2r4UY3LJWDVtExokeFcNGg4qYOILI6vjL3RUA9q50FTcqz7l00goH0BfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZeYesS/poHOMnUwkSlD/iHqnItMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvbGw1aDZ4TC1tZ2M0eWRUQ1JLVVAtSWVxY2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2zyMA0G
CSqGSIb3DQEBCwUAA4IBAQB0oohiPb9lUardS5mmMOvO7R5ejcpqFZf5ou9UvaL1
rqf18HpSZzfr6oC1ysfvd6dHeaziQem3bRbaSuirX69iJ9zU0BuYpffjFNaw9l5O
8rcYB1P38xR81skLsiVtcqN3R0XjENUABQxAQj2UZXcAnXF0UTZ4P/MqruzPgo6J
EJg1S1PO6UR0nfB1JhwRvdKsuH9HbYeLBRPtgM7bJL211TffwepThurFm1hVkX9d
xoDYnDwyqhRh3v1wuMln0AUrwPkR9bZoegtmhCpJ/IlN5zgL1wfnxWIVh+vhZHyN
K7mC7x4Y0ls3LFy1dWPk+cgnF09rL4ogxBL08f/kAj5J
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:33 2025 by rpki-client