Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kGeZq8YXbEyNcAvN9UxCFTVtAmI.roa
File: kGeZq8YXbEyNcAvN9UxCFTVtAmI.roa (raw, json)
Hash identifier: 1vTicocvLZpJqubp6FdGANNiyql7dq3VLQyqiF7K6QY=
Subject key identifier: 90:67:99:AB:C6:17:6C:4C:8D:70:0B:CD:F5:4C:42:15:35:6D:02:62
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019371A44094A482D81968782A4555CB248F
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kGeZq8YXbEyNcAvN9UxCFTVtAmI.roa
Signing time: Thu 28 Nov 2024 07:20:09 +0000
ROA not before: Thu 28 Nov 2024 07:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 194.143.203.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.3.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 08:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:a4:40:94:a4:82:d8:19:68:78:2a:45:55:cb:24:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Nov 28 07:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=906799abc6176c4c8d700bcdf54c4215356d0262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:44:07:37:69:3d:43:f9:07:41:2c:c9:c8:
02:eb:08:c3:3c:6d:45:86:8d:90:9c:f9:99:6f:4c:
ef:a0:0a:20:69:40:20:4f:84:94:a9:d8:c5:d3:25:
b1:69:f9:21:65:30:c9:6b:08:32:00:df:a9:0e:c2:
0c:3d:ba:bb:74:3d:c7:8a:c3:ad:55:22:f7:e6:ff:
92:e9:f6:d9:fa:66:f5:f8:fd:40:53:f1:4f:57:68:
27:7e:61:50:96:5d:0f:1d:c4:e0:47:ca:c8:44:14:
f3:cd:97:f4:d0:0d:e9:a1:d0:bd:76:23:97:6b:ca:
fd:f5:02:02:20:94:75:f1:4b:fd:69:6f:29:2f:70:
de:54:b6:57:4c:c7:46:e4:9b:8e:0c:d8:eb:31:ad:
0b:38:7e:64:8a:c7:7a:6c:ea:01:47:75:61:59:1a:
79:50:22:dc:79:b9:ce:a5:69:4f:7c:a9:8a:9a:4b:
4d:49:e7:2a:b4:5b:14:cb:5a:a8:06:8f:91:c6:74:
e7:8c:a0:d2:ae:06:08:f1:14:88:a4:94:dc:f5:68:
54:88:55:67:02:d0:6c:f4:33:bb:01:51:2f:e7:cb:
d1:f8:11:eb:af:7e:a4:c1:71:ba:15:ce:50:0b:a7:
98:3a:e7:dc:de:28:b5:a4:c5:d3:a4:c9:d6:f9:3f:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:67:99:AB:C6:17:6C:4C:8D:70:0B:CD:F5:4C:42:15:35:6D:02:62
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/kGeZq8YXbEyNcAvN9UxCFTVtAmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.203.0/24
194.143.221.0/24
195.114.198.0/24
213.220.3.0/24
213.220.19.0/24
213.220.60.0/24
Signature Algorithm: sha256WithRSAEncryption
56:a1:7f:26:29:21:6e:93:9b:20:d0:3a:c9:4d:ac:e1:c0:d7:
b5:7b:6c:49:bf:f5:a7:d7:49:08:2a:0d:ad:b7:a6:ea:e5:2c:
b6:ae:87:68:db:9a:fd:3e:86:a3:e2:fa:fa:12:0c:c2:f8:fa:
18:19:09:6a:54:4f:e1:0c:c8:98:af:51:b5:1d:99:15:8b:e4:
6c:33:e7:08:01:ad:ed:c9:8d:af:2e:98:fa:b6:ee:8f:c2:47:
6f:25:2c:a9:1e:71:35:ca:ad:71:d6:56:ff:30:07:04:1a:44:
b4:81:bc:8e:49:d2:97:07:dc:ab:98:f2:50:21:62:43:43:36:
45:2f:01:41:ba:76:ff:ab:8d:2d:29:29:6c:c5:d5:13:8a:18:
ff:92:d8:1e:fa:91:58:84:0c:e7:a2:63:5c:9c:e4:ec:7f:42:
59:52:38:27:f1:3f:81:f2:45:f7:f3:fd:21:d2:e2:34:6a:85:
99:81:77:93:35:c3:ef:12:89:97:7b:5a:3a:f2:13:e0:d3:a0:
a0:7c:8c:15:35:0d:22:ce:c4:f5:bf:a4:38:89:43:c2:a5:8d:
d9:23:60:3f:a8:31:19:49:30:22:95:7c:f8:82:cc:91:7b:46:
92:0e:aa:7e:9e:73:70:fe:55:97:7d:e8:f4:5a:45:78:2e:3f:
79:6e:25:32
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNxpECUpILYGWh4KkVVyySPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMTI4MDcyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY3OTlhYmM2MTc2YzRjOGQ3MDBiY2RmNTRjNDIxNTM1NmQwMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRtEBzdpPUP5B0EsycgC6wjDPG1F
ho2QnPmZb0zvoAogaUAgT4SUqdjF0yWxafkhZTDJawgyAN+pDsIMPbq7dD3HisOt
VSL35v+S6fbZ+mb1+P1AU/FPV2gnfmFQll0PHcTgR8rIRBTzzZf00A3podC9diOX
a8r99QICIJR18Uv9aW8pL3DeVLZXTMdG5JuODNjrMa0LOH5kisd6bOoBR3VhWRp5
UCLcebnOpWlPfKmKmktNSecqtFsUy1qoBo+RxnTnjKDSrgYI8RSIpJTc9WhUiFVn
AtBs9DO7AVEv58vR+BHrr36kwXG6Fc5QC6eYOufc3ii1pMXTpMnW+T/TIQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJBnmavGF2xMjXALzfVMQhU1bQJiMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEva0dlWnE4WVhiRXlOY0F2TjlVeENGVFZ0QW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwo/LAwQA
wo/dAwQAw3LGAwQA1dwDAwQA1dwTAwQA1dw8MA0GCSqGSIb3DQEBCwUAA4IBAQBW
oX8mKSFuk5sg0DrJTazhwNe1e2xJv/Wn10kIKg2tt6bq5Sy2rodo25r9Poaj4vr6
EgzC+PoYGQlqVE/hDMiYr1G1HZkVi+RsM+cIAa3tyY2vLpj6tu6PwkdvJSypHnE1
yq1x1lb/MAcEGkS0gbyOSdKXB9yrmPJQIWJDQzZFLwFBunb/q40tKSlsxdUTihj/
ktge+pFYhAznomNcnOTsf0JZUjgn8T+B8kX38/0h0uI0aoWZgXeTNcPvEomXe1o6
8hPg06CgfIwVNQ0izsT1v6Q4iUPCpY3ZI2A/qDEZSTAilXz4gsyRe0aSDqp+nnNw
/lWXfej0WkV4Lj95biUy
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:23 2025 by rpki-client