Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/2pEEdAq4vetLyQTe9g6z_lKISmE.roa
File: 2pEEdAq4vetLyQTe9g6z_lKISmE.roa (raw, json)
Hash identifier: Bj6ZDH4NHe/vsZqA1ArUMtBTG6LyY/P9diCbKvmxE9g=
Subject key identifier: DA:91:04:74:0A:B8:BD:EB:4B:C9:04:DE:F6:0E:B3:FE:52:88:4A:61
Certificate issuer: /CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Certificate serial: 018DA1F89F5D8F1EDE5A8EEAF5707B31FA82
Authority key identifier: 70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/2pEEdAq4vetLyQTe9g6z_lKISmE.roa
Signing time: Tue 13 Feb 2024 10:17:21 +0000
ROA not before: Tue 13 Feb 2024 10:17:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 91.151.88.0/24 maxlen: 24
91.151.89.0/24 maxlen: 24
213.142.148.0/24 maxlen: 24
213.142.159.0/24 maxlen: 24
2a0f:bf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jul 2024 13:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:f8:9f:5d:8f:1e:de:5a:8e:ea:f5:70:7b:31:fa:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7021d7528be713a4ba2cb4db5e58d64d882eb555
Validity
Not Before: Feb 13 10:17:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da9104740ab8bdeb4bc904def60eb3fe52884a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:99:c0:92:f5:05:4b:b3:a4:2a:60:dd:91:bb:
5d:ce:d6:26:8b:87:1f:34:91:cf:42:0b:d3:c1:ba:
df:a7:6e:f1:2c:79:62:e3:6f:00:6a:ba:12:0f:e4:
36:74:15:ac:7d:5b:ab:e2:57:35:4a:1c:53:8d:ec:
f8:94:53:d7:74:1d:db:0b:bb:3f:76:95:3c:e5:1f:
ac:39:09:32:74:3d:c2:cd:e3:97:f3:99:f8:48:c5:
f6:46:bc:78:d1:f4:ae:62:a2:e0:16:0a:0a:d2:0d:
92:38:e8:f3:26:d0:e7:b2:36:0e:2a:d0:51:1c:89:
69:ca:7a:1e:bc:19:1e:7f:cd:99:84:61:b0:96:f5:
77:78:0c:73:90:94:e6:6d:8d:b0:06:eb:9a:a7:9e:
72:09:67:84:dc:22:0f:97:2e:52:5b:ef:a4:c7:30:
4c:53:e1:47:c8:c1:63:6c:27:de:96:cb:22:85:08:
f0:d9:53:97:9b:8c:bc:75:86:59:db:ea:8f:5a:de:
f1:67:60:10:cc:ed:e3:d4:ae:d1:b3:95:0e:c6:76:
f5:ed:c1:b2:fa:50:2d:4f:64:11:4f:35:d5:d2:70:
da:7f:43:88:69:9c:f9:64:f5:57:aa:16:37:c3:c4:
dd:26:d4:cd:56:a5:dc:3e:0e:cb:df:92:41:37:96:
be:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:91:04:74:0A:B8:BD:EB:4B:C9:04:DE:F6:0E:B3:FE:52:88:4A:61
X509v3 Authority Key Identifier:
keyid:70:21:D7:52:8B:E7:13:A4:BA:2C:B4:DB:5E:58:D6:4D:88:2E:B5:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCHXUovnE6S6LLTbXljWTYgutVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/2pEEdAq4vetLyQTe9g6z_lKISmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/01b0c0-1b87-4d6f-9e90-9281f0d23dbf/1/cCHXUovnE6S6LLTbXljWTYgutVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.88.0/23
213.142.148.0/24
213.142.159.0/24
IPv6:
2a0f:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
4a:80:99:7f:3f:48:b4:8e:74:eb:52:56:3c:2d:1a:66:68:6b:
ab:5f:f4:cf:54:aa:9a:66:9e:83:50:af:e1:af:13:68:5e:6d:
8a:10:34:ae:55:1e:74:f0:25:70:11:08:59:2b:78:0f:88:a1:
b8:cf:45:25:30:2a:b6:23:45:eb:96:3e:69:1e:00:66:81:69:
b9:a7:f6:0b:22:83:39:88:82:fb:dd:b4:f7:84:1f:a8:7c:c5:
92:ce:9b:30:9b:39:48:50:a5:a5:c9:ef:af:18:bd:dc:70:e5:
4a:0e:b8:4a:d6:de:4d:3e:ca:2f:ba:1d:00:bf:08:49:5f:e2:
ab:8e:64:22:4d:56:9b:c7:0a:b3:10:e9:fb:6d:e6:14:98:f5:
ca:60:44:c8:d1:41:0e:50:eb:71:7a:aa:12:4a:ac:eb:ef:77:
48:75:f8:2a:a0:bc:73:48:9c:5a:a2:a7:d9:89:06:06:d6:60:
61:a5:50:49:d8:d9:af:e5:a5:b7:db:0b:c1:70:50:c7:e3:85:
2b:35:e8:08:d1:5e:65:99:be:ab:72:61:a5:4a:f7:e7:4f:f3:
a7:f1:a5:90:a2:8d:7b:5d:e3:87:a6:ec:bc:a4:09:3b:cd:22:
e5:b5:fa:f0:0f:78:e2:5a:3c:ad:16:86:b2:a6:87:2d:fb:94:
6d:b3:b9:22
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY2h+J9djx7eWo7q9XB7MfqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjFkNzUyOGJlNzEzYTRiYTJjYjRkYjVlNThkNjRkODgy
ZWI1NTUwHhcNMjQwMjEzMTAxNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkxMDQ3NDBhYjhiZGViNGJjOTA0ZGVmNjBlYjNmZTUyODg0YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZnAkvUFS7OkKmDdkbtdztYmi4cf
NJHPQgvTwbrfp27xLHli428AaroSD+Q2dBWsfVur4lc1ShxTjez4lFPXdB3bC7s/
dpU85R+sOQkydD3CzeOX85n4SMX2Rrx40fSuYqLgFgoK0g2SOOjzJtDnsjYOKtBR
HIlpynoevBkef82ZhGGwlvV3eAxzkJTmbY2wBuuap55yCWeE3CIPly5SW++kxzBM
U+FHyMFjbCfelssihQjw2VOXm4y8dYZZ2+qPWt7xZ2AQzO3j1K7Rs5UOxnb17cGy
+lAtT2QRTzXV0nDaf0OIaZz5ZPVXqhY3w8TdJtTNVqXcPg7L35JBN5a+YwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNqRBHQKuL3rS8kE3vYOs/5SiEphMB8GA1UdIwQY
MBaAFHAh11KL5xOkuiy0215Y1k2ILrVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAt
OTI4MWYwZDIzZGJmLzEvMnBFRWRBcTR2ZXRMeVFUZTlnNnpfbEtJU21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wMWIwYzAtMWI4Ny00ZDZmLTllOTAtOTI4MWYwZDIzZGJm
LzEvY0NIWFVvdm5FNlM2TExUYlhsaldUWWd1dFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW5dYAwQA
1Y6UAwQA1Y6fMA0EAgACMAcDBQMqD78AMA0GCSqGSIb3DQEBCwUAA4IBAQBKgJl/
P0i0jnTrUlY8LRpmaGurX/TPVKqaZp6DUK/hrxNoXm2KEDSuVR508CVwEQhZK3gP
iKG4z0UlMCq2I0Xrlj5pHgBmgWm5p/YLIoM5iIL73bT3hB+ofMWSzpswmzlIUKWl
ye+vGL3ccOVKDrhK1t5NPsovuh0AvwhJX+KrjmQiTVabxwqzEOn7beYUmPXKYETI
0UEOUOtxeqoSSqzr73dIdfgqoLxzSJxaoqfZiQYG1mBhpVBJ2Nmv5aW32wvBcFDH
44UrNegI0V5lmb6rcmGlSvfnT/On8aWQoo17XeOHpuy8pAk7zSLltfrwD3jiWjyt
Foaypoct+5Rts7ki
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:05 2025 by rpki-client