Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/S3B8RrSC0HYnkm2IyEh3Lt2ZswY.roa
File: S3B8RrSC0HYnkm2IyEh3Lt2ZswY.roa (raw, json)
Hash identifier: RXwGuapzLjBPJXXQiPzQMlD8UULOJvQu8+ntcp3StYo=
Subject key identifier: 4B:70:7C:46:B4:82:D0:76:27:92:6D:88:C8:48:77:2E:DD:99:B3:06
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0191FF644CC4903C3F43172B28A56B4B92AA
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/S3B8RrSC0HYnkm2IyEh3Lt2ZswY.roa
Signing time: Tue 17 Sep 2024 09:50:48 +0000
ROA not before: Tue 17 Sep 2024 09:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210512
IP address blocks: 81.161.63.0/24 maxlen: 24
91.195.125.0/24 maxlen: 24
91.229.112.0/23 maxlen: 23
193.9.17.0/24 maxlen: 24
213.108.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:64:4c:c4:90:3c:3f:43:17:2b:28:a5:6b:4b:92:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Sep 17 09:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b707c46b482d07627926d88c848772edd99b306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6a:1c:5a:cd:38:4c:c6:0a:29:91:d8:2e:d0:
9d:1e:13:aa:58:43:67:8b:bb:4c:29:4f:d0:4c:3c:
48:f9:55:96:9a:a6:6d:13:37:65:7b:65:8c:60:b8:
32:46:10:6a:d1:49:ac:27:57:0a:04:f9:b8:2f:b2:
7a:44:60:8a:a6:3d:af:e7:09:ea:fb:98:b8:07:bb:
c6:d8:e0:37:97:ab:af:d3:19:ef:d1:43:d0:56:82:
6a:c0:e5:f7:b3:3b:58:b0:d8:ed:40:12:73:20:8c:
75:8a:45:ec:1c:97:58:8c:70:9d:16:9c:da:4f:87:
57:f0:6a:6f:a3:8d:c7:db:d7:29:67:77:b5:3c:88:
bf:af:37:f2:15:a0:93:ec:95:f1:73:06:ac:82:ad:
cf:14:f4:e2:ca:c9:40:8e:de:d8:36:0b:8c:42:32:
6e:d4:78:02:94:22:a8:df:8c:1a:ec:77:a2:95:ee:
34:b9:87:1e:da:b8:65:1f:0d:76:ff:92:b1:29:74:
dd:81:4c:9e:fa:ff:26:3e:4c:e5:03:31:b4:a3:df:
97:3c:e7:df:78:c8:78:29:4b:e0:c0:c8:53:b2:51:
2a:7b:df:6b:2f:a5:f9:27:d2:42:f7:30:40:3e:18:
ef:c2:02:3f:b5:85:1f:5b:e4:3d:b3:6f:3c:bd:e4:
34:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:70:7C:46:B4:82:D0:76:27:92:6D:88:C8:48:77:2E:DD:99:B3:06
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/S3B8RrSC0HYnkm2IyEh3Lt2ZswY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.63.0/24
91.195.125.0/24
91.229.112.0/23
193.9.17.0/24
213.108.133.0/24
Signature Algorithm: sha256WithRSAEncryption
96:71:81:ac:53:dc:47:33:1e:ad:5b:19:cc:f3:68:29:4d:f3:
37:e9:3d:f2:33:7d:ea:66:3c:f0:9e:41:ef:9f:b9:be:48:59:
a9:92:b0:ef:e3:f7:7b:e0:81:5b:12:17:00:bd:f8:4c:20:18:
0a:ec:9f:7d:e6:bb:44:a7:53:ab:3c:e7:15:41:15:69:d2:7c:
e9:a5:8a:08:84:ec:3d:de:ed:73:fe:97:d2:ae:d8:b4:5e:97:
37:34:0f:ff:d0:d7:0f:d6:31:e9:39:65:31:94:1a:9c:d6:11:
4e:24:5c:66:0d:0b:df:3f:fa:96:6e:4f:71:fd:2a:13:e7:93:
e9:fc:1c:2e:34:28:58:c3:16:82:34:02:71:e7:6a:c3:d8:04:
cf:b5:7c:ae:cf:dc:c3:e9:02:50:3c:8a:77:0a:d1:be:12:a2:
3d:3c:21:b1:2c:b4:69:be:52:51:1b:46:aa:bb:03:17:de:41:
a1:cb:51:7a:c4:ae:10:5f:36:d9:24:1c:3c:26:67:4f:a8:6e:
9d:b3:ad:96:81:e3:d8:f3:05:16:81:11:b0:93:95:b3:6b:92:
f6:41:8b:1e:8a:5e:48:85:a9:0e:9a:1f:9c:44:87:de:ac:31:
ba:ae:47:30:a3:68:36:b8:fa:19:06:df:d6:e8:a7:64:94:5e:
e3:c0:9b:63
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZH/ZEzEkDw/QxcrKKVrS5KqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwOTE3MDk1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcwN2M0NmI0ODJkMDc2Mjc5MjZkODhjODQ4NzcyZWRkOTliMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mocWs04TMYKKZHYLtCdHhOqWENn
i7tMKU/QTDxI+VWWmqZtEzdle2WMYLgyRhBq0UmsJ1cKBPm4L7J6RGCKpj2v5wnq
+5i4B7vG2OA3l6uv0xnv0UPQVoJqwOX3sztYsNjtQBJzIIx1ikXsHJdYjHCdFpza
T4dX8Gpvo43H29cpZ3e1PIi/rzfyFaCT7JXxcwasgq3PFPTiyslAjt7YNguMQjJu
1HgClCKo34wa7Heile40uYce2rhlHw12/5KxKXTdgUye+v8mPkzlAzG0o9+XPOff
eMh4KUvgwMhTslEqe99rL6X5J9JC9zBAPhjvwgI/tYUfW+Q9s288veQ0eQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEtwfEa0gtB2J5JtiMhIdy7dmbMGMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvUzNCOFJyU0MwSFlua20ySXlFaDNMdDJac3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUaE/AwQA
W8N9AwQBW+VwAwQAwQkRAwQA1WyFMA0GCSqGSIb3DQEBCwUAA4IBAQCWcYGsU9xH
Mx6tWxnM82gpTfM36T3yM33qZjzwnkHvn7m+SFmpkrDv4/d74IFbEhcAvfhMIBgK
7J995rtEp1OrPOcVQRVp0nzppYoIhOw93u1z/pfSrti0Xpc3NA//0NcP1jHpOWUx
lBqc1hFOJFxmDQvfP/qWbk9x/SoT55Pp/BwuNChYwxaCNAJx52rD2ATPtXyuz9zD
6QJQPIp3CtG+EqI9PCGxLLRpvlJRG0aquwMX3kGhy1F6xK4QXzbZJBw8JmdPqG6d
s62WgePY8wUWgRGwk5Wza5L2QYseil5IhakOmh+cRIferDG6rkcwo2g2uPoZBt/W
6KdklF7jwJtj
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:34 2025 by rpki-client