Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/rNzswGVH605InWvxvZC3k95RTL0.roa
File: rNzswGVH605InWvxvZC3k95RTL0.roa (raw, json)
Hash identifier: +nkYndlk3+/XQd6WsZYqbJK5/wbtk95T1W4K6qyKW4k=
Subject key identifier: AC:DC:EC:C0:65:47:EB:4E:48:9D:6B:F1:BD:90:B7:93:DE:51:4C:BD
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0194D6B447726A0032E30BBE708EA9C2C3CB
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/rNzswGVH605InWvxvZC3k95RTL0.roa
Signing time: Wed 05 Feb 2025 15:22:06 +0000
ROA not before: Wed 05 Feb 2025 15:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50461
IP address blocks: 91.108.225.0/24 maxlen: 24
91.108.237.0/24 maxlen: 24
91.108.239.0/24 maxlen: 24
91.108.248.0/24 maxlen: 24
91.108.249.0/24 maxlen: 24
91.108.250.0/24 maxlen: 24
91.108.251.0/24 maxlen: 24
91.108.252.0/24 maxlen: 24
91.108.253.0/24 maxlen: 24
91.108.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 07:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:b4:47:72:6a:00:32:e3:0b:be:70:8e:a9:c2:c3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Feb 5 15:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acdcecc06547eb4e489d6bf1bd90b793de514cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:cc:7a:21:04:0c:6c:5f:a1:f3:f2:d1:f4:
c1:c1:3b:3b:44:e1:78:c2:24:a5:fb:57:c9:83:17:
0b:fb:a6:98:91:ee:40:d5:46:95:59:63:87:9b:2e:
c8:0f:51:cc:bb:9d:fd:be:0b:2d:29:05:cc:1d:ef:
af:13:0e:67:a5:cf:1e:78:cd:bd:48:a4:f0:ad:01:
92:2f:c8:9e:b0:a4:01:79:4e:64:b4:fa:d9:30:53:
b1:a1:ef:a2:2b:c8:af:1f:e6:51:42:e2:30:81:32:
81:6d:9c:93:9f:98:f0:85:e8:db:c7:97:1f:c9:65:
fb:9f:7c:ff:f7:83:3b:fd:5f:93:5c:79:e5:fd:06:
49:6d:51:5b:e3:dd:e0:58:a2:b8:f8:52:46:72:5c:
0a:da:aa:2a:28:c2:ab:52:85:c6:2a:7a:58:33:0a:
cb:6a:65:50:00:b3:b6:c2:43:c4:ad:38:3f:98:47:
fa:de:15:51:f8:e4:f6:80:60:07:b1:e3:b2:0d:e0:
4a:e3:ba:60:87:2e:da:29:d9:a7:cb:21:5b:24:a9:
96:b8:a9:02:b0:51:6a:3d:07:10:88:7e:2a:db:1e:
2b:29:69:8c:74:5a:64:e4:c6:01:c1:59:a8:6b:47:
21:7e:18:ae:bf:bd:6a:d2:5a:19:69:f9:89:cf:cd:
12:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DC:EC:C0:65:47:EB:4E:48:9D:6B:F1:BD:90:B7:93:DE:51:4C:BD
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/rNzswGVH605InWvxvZC3k95RTL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.225.0/24
91.108.237.0/24
91.108.239.0/24
91.108.248.0-91.108.254.255
Signature Algorithm: sha256WithRSAEncryption
af:51:4a:58:74:56:e9:00:04:b6:d6:4c:4b:e3:e5:6b:79:d6:
ff:bd:56:b7:98:f8:03:cb:ee:c6:c6:d2:72:fc:66:dc:64:19:
ea:e7:2a:1e:f8:2a:04:24:3f:bc:e1:95:31:1a:7b:aa:0e:79:
9e:b8:a5:21:51:10:8a:1f:b9:53:33:68:26:9f:66:cc:92:a5:
c6:35:37:df:24:10:69:12:08:2a:b6:ec:b1:09:20:11:28:3f:
5f:1b:1c:42:58:0e:01:aa:20:da:0c:00:d7:73:0b:5a:3b:ac:
89:c2:c6:4a:e6:91:8f:8e:73:b2:3c:c8:ae:bf:b5:4f:e1:ba:
f8:62:22:00:40:db:5c:e2:62:d5:b5:85:e5:36:3d:2e:17:5a:
ad:fc:f6:51:12:a6:01:bc:00:8a:9f:ae:a2:66:4e:b6:22:98:
68:75:b4:3c:8d:d0:c3:e7:71:af:1a:26:00:a3:4f:27:95:58:
0c:03:f6:b0:53:8d:0b:10:e8:51:af:8c:c9:12:f2:3c:1b:6c:
e0:d6:c8:fa:87:5c:76:2c:2f:79:c7:63:b3:7e:68:20:61:39:
32:84:b4:b3:d1:72:d7:84:a2:a3:03:58:e3:0d:29:28:ae:e5:
ec:90:39:d3:11:9c:a6:89:f0:49:99:9e:a6:d8:75:c2:c0:8b:
f7:b2:d8:eb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTWtEdyagAy4wu+cI6pwsPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwMjA1MTUyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2RjZWNjMDY1NDdlYjRlNDg5ZDZiZjFiZDkwYjc5M2RlNTE0Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmXMeiEEDGxfofPy0fTBwTs7ROF4
wiSl+1fJgxcL+6aYke5A1UaVWWOHmy7ID1HMu539vgstKQXMHe+vEw5npc8eeM29
SKTwrQGSL8iesKQBeU5ktPrZMFOxoe+iK8ivH+ZRQuIwgTKBbZyTn5jwhejbx5cf
yWX7n3z/94M7/V+TXHnl/QZJbVFb493gWKK4+FJGclwK2qoqKMKrUoXGKnpYMwrL
amVQALO2wkPErTg/mEf63hVR+OT2gGAHseOyDeBK47pghy7aKdmnyyFbJKmWuKkC
sFFqPQcQiH4q2x4rKWmMdFpk5MYBwVmoa0chfhiuv71q0loZafmJz80SzwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKzc7MBlR+tOSJ1r8b2Qt5PeUUy9MB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvck56c3dHVkg2MDVJbld2eHZaQzNrOTVSVEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW2zhAwQA
W2ztAwQAW2zvMAwDBANbbPgDBABbbP4wDQYJKoZIhvcNAQELBQADggEBAK9RSlh0
VukABLbWTEvj5Wt51v+9VreY+APL7sbG0nL8ZtxkGernKh74KgQkP7zhlTEae6oO
eZ64pSFREIofuVMzaCafZsySpcY1N98kEGkSCCq27LEJIBEoP18bHEJYDgGqINoM
ANdzC1o7rInCxkrmkY+Oc7I8yK6/tU/huvhiIgBA21ziYtW1heU2PS4XWq389lES
pgG8AIqfrqJmTrYimGh1tDyN0MPnca8aJgCjTyeVWAwD9rBTjQsQ6FGvjMkS8jwb
bODWyPqHXHYsL3nHY7N+aCBhOTKEtLPRcteEoqMDWOMNKSiu5eyQOdMRnKaJ8EmZ
nqbYdcLAi/ey2Os=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:57 2025 by rpki-client