Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fzHVd8pq9NM8SjK_rPCzTHOFFVc.roa
File: fzHVd8pq9NM8SjK_rPCzTHOFFVc.roa (raw, json)
Hash identifier: iHt6o/HnDKoAOjtikBixPXjSnLUFLQhEl0ksn8rIiWU=
Subject key identifier: 7F:31:D5:77:CA:6A:F4:D3:3C:4A:32:BF:AC:F0:B3:4C:73:85:15:57
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 018CC5005575BE62470AA5B9A9E2FE0C6EC6
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fzHVd8pq9NM8SjK_rPCzTHOFFVc.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197444
IP address blocks: 91.217.52.0/23 maxlen: 23
91.221.148.0/23 maxlen: 23
2001:67c:2038::/48 maxlen: 48
2a13:50c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Jan 2024 08:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:55:75:be:62:47:0a:a5:b9:a9:e2:fe:0c:6e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f31d577ca6af4d33c4a32bfacf0b34c73851557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2b:40:bb:7f:00:83:7f:a8:94:bd:1b:68:47:
1c:25:2b:f4:ee:12:0e:8b:aa:f5:60:cd:49:e3:e5:
0f:32:39:04:4e:50:f2:b4:73:34:a9:5c:c2:3d:16:
01:f5:36:f9:a4:ad:b7:a1:b5:ae:48:69:a9:0e:b2:
d5:77:2b:69:27:da:5b:5d:96:75:5e:4b:6a:34:70:
ad:20:ed:2b:df:f4:48:5c:01:7c:6c:ff:ca:61:61:
2a:ef:54:a0:75:a8:71:39:52:43:dd:35:56:97:4b:
a5:2c:dd:d4:1f:28:dc:87:ec:37:98:a4:de:72:64:
52:f3:14:76:31:30:9b:89:87:95:e1:1d:ff:8c:8e:
03:57:fd:be:c2:cd:42:4b:8c:51:42:3f:5d:a5:02:
72:5c:62:b6:01:02:fc:d4:95:e9:24:87:64:09:39:
1b:ba:3f:d7:17:eb:b6:c0:01:f9:77:43:de:11:a8:
fd:e4:8c:01:76:84:8d:b3:c7:16:7b:5e:a2:7e:4d:
6a:d7:b5:18:a8:e1:23:f2:eb:29:cb:b8:68:a6:cd:
1e:c0:73:9f:ee:18:bf:69:2c:f8:86:0b:cf:d5:e0:
a6:0b:fa:43:8a:96:e3:61:29:8c:4d:2e:ef:9b:8d:
fd:ee:61:e7:e5:b3:07:de:f2:f4:3b:45:c1:a3:9b:
47:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:31:D5:77:CA:6A:F4:D3:3C:4A:32:BF:AC:F0:B3:4C:73:85:15:57
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/fzHVd8pq9NM8SjK_rPCzTHOFFVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.52.0/23
91.221.148.0/23
IPv6:
2001:67c:2038::/48
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:97:bf:d5:0f:ec:be:38:9d:7f:9c:f6:87:81:88:34:10:ff:
c3:c2:9f:d9:a8:66:f5:39:13:4a:0a:e6:c3:0d:35:25:de:6e:
e3:9b:37:f8:32:eb:e0:ab:82:d8:f5:06:21:85:c9:10:3b:d9:
29:75:72:48:1d:32:8f:4a:b6:23:e5:7e:0c:50:53:47:4f:5e:
cf:09:f6:b5:a6:b2:e3:a8:c3:6d:a7:18:4d:28:7e:c1:4f:19:
23:c5:44:89:6d:d5:4f:71:95:3d:3b:ce:90:ab:d0:ae:a8:9b:
d6:77:83:b6:34:66:43:28:67:d9:22:4c:97:32:22:07:f3:b2:
b6:91:48:0d:21:fa:77:1c:ce:a3:c0:9e:3d:a0:fe:fb:1e:b6:
d0:1d:8f:24:78:06:af:05:ad:28:13:b7:24:57:25:6b:74:90:
cc:a0:fc:63:3f:ee:eb:01:3c:5a:5f:c5:69:02:de:a0:93:cb:
dd:92:a9:50:ce:56:a7:12:c4:98:76:f6:e8:46:6d:b2:f9:3a:
d7:ae:71:01:69:79:3f:29:03:d6:cb:1c:f3:97:56:0f:2c:4e:
1e:0f:07:1a:2b:e8:4b:74:f1:6a:0c:fb:ed:07:8c:55:5e:e4:
ce:a9:5b:73:4f:62:d8:02:94:d3:31:11:99:3b:b7:e3:e2:46:
70:08:e2:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFAFV1vmJHCqW5qeL+DG7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjMxZDU3N2NhNmFmNGQzM2M0YTMyYmZhY2YwYjM0YzczODUxNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqytAu38Ag3+olL0baEccJSv07hIO
i6r1YM1J4+UPMjkETlDytHM0qVzCPRYB9Tb5pK23obWuSGmpDrLVdytpJ9pbXZZ1
XktqNHCtIO0r3/RIXAF8bP/KYWEq71SgdahxOVJD3TVWl0ulLN3UHyjch+w3mKTe
cmRS8xR2MTCbiYeV4R3/jI4DV/2+ws1CS4xRQj9dpQJyXGK2AQL81JXpJIdkCTkb
uj/XF+u2wAH5d0PeEaj95IwBdoSNs8cWe16ifk1q17UYqOEj8uspy7hops0ewHOf
7hi/aSz4hgvP1eCmC/pDipbjYSmMTS7vm4397mHn5bMH3vL0O0XBo5tHywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH8x1XfKavTTPEoyv6zws0xzhRVXMB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvZnpIVmQ4cHE5Tk04U2pLX3JQQ3pUSE9GRlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBW9k0AwQB
W92UMBYEAgACMBADBwAgAQZ8IDgDBQMqE1DAMA0GCSqGSIb3DQEBCwUAA4IBAQAu
l7/VD+y+OJ1/nPaHgYg0EP/Dwp/ZqGb1ORNKCubDDTUl3m7jmzf4Muvgq4LY9QYh
hckQO9kpdXJIHTKPSrYj5X4MUFNHT17PCfa1prLjqMNtpxhNKH7BTxkjxUSJbdVP
cZU9O86Qq9CuqJvWd4O2NGZDKGfZIkyXMiIH87K2kUgNIfp3HM6jwJ49oP77HrbQ
HY8keAavBa0oE7ckVyVrdJDMoPxjP+7rATxaX8VpAt6gk8vdkqlQzlanEsSYdvbo
Rm2y+TrXrnEBaXk/KQPWyxzzl1YPLE4eDwcaK+hLdPFqDPvtB4xVXuTOqVtzT2LY
ApTTMRGZO7fj4kZwCOJ5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:16 2025 by rpki-client