Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/_azbUa_spbOSlCL7odY9gCUMMww.roa
File: _azbUa_spbOSlCL7odY9gCUMMww.roa (raw, json)
Hash identifier: zMl3Tf1DpfxmQgEPOSptd5lTaGmbBkgvJ2Ut508MPmI=
Subject key identifier: FD:AC:DB:51:AF:EC:A5:B3:92:94:22:FB:A1:D6:3D:80:25:0C:33:0C
Certificate issuer: /CN=122a2ba3cc18c998501309ecde042706af5b845a
Certificate serial: 018CC56DEF13BF814F92B92E705D35D451FB
Authority key identifier: 12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/_azbUa_spbOSlCL7odY9gCUMMww.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56690
IP address blocks: 91.226.172.0/22 maxlen: 22
185.250.60.0/22 maxlen: 22
2a09:8880::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 15 Nov 2024 08:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ef:13:bf:81:4f:92:b9:2e:70:5d:35:d4:51:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=122a2ba3cc18c998501309ecde042706af5b845a
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdacdb51afeca5b3929422fba1d63d80250c330c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:91:a3:94:5b:c8:9f:f8:ae:ac:f1:14:db:
a0:52:b2:8f:96:3b:c9:6d:a3:1c:ce:bb:74:db:f7:
e4:2a:f5:29:15:97:c8:ca:40:95:64:07:71:3c:b1:
de:1f:03:4c:8c:24:28:1e:d4:3b:fa:a8:c9:52:b5:
00:89:a0:55:cd:ce:4b:b7:d0:36:aa:39:76:1c:7e:
e2:55:b8:d0:ab:3f:3a:d4:26:c1:53:6e:36:e0:81:
91:4c:8f:b1:86:fb:75:b6:80:db:a3:16:a8:dc:de:
3e:b9:05:ec:01:3e:6d:0a:a9:72:31:67:74:a8:51:
a4:a9:72:a1:c4:99:8e:7e:ba:65:aa:a3:70:d3:37:
87:a1:ed:db:4b:d3:02:e7:0a:9e:93:a2:50:0f:11:
09:14:f5:f9:a1:e4:d0:bc:cb:82:f6:b1:01:a9:8a:
e5:49:cd:90:67:6a:f3:43:06:a3:34:c6:1d:58:e6:
d3:88:91:c0:d3:3d:3d:77:f1:09:b6:c6:fa:4e:e2:
aa:6b:4d:1a:11:cf:b6:0f:1f:f8:09:f6:d1:44:e9:
2e:13:60:d0:11:26:01:32:0b:6e:69:84:9d:a4:8c:
22:31:4a:7a:a3:ad:85:4b:4e:df:22:3d:2a:29:b9:
0b:3c:cd:2b:67:e2:a3:04:a2:e3:40:d3:4f:c2:e1:
7e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AC:DB:51:AF:EC:A5:B3:92:94:22:FB:A1:D6:3D:80:25:0C:33:0C
X509v3 Authority Key Identifier:
keyid:12:2A:2B:A3:CC:18:C9:98:50:13:09:EC:DE:04:27:06:AF:5B:84:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eioro8wYyZhQEwns3gQnBq9bhFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/_azbUa_spbOSlCL7odY9gCUMMww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f96430-62d4-4310-8493-ae1aa1654cde/1/Eioro8wYyZhQEwns3gQnBq9bhFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.172.0/22
185.250.60.0/22
IPv6:
2a09:8880::/36
Signature Algorithm: sha256WithRSAEncryption
32:8d:54:f1:8a:6d:02:7d:e6:ae:82:d7:ce:bf:6b:4f:37:2c:
99:ac:49:eb:50:fb:62:89:95:04:68:15:ee:49:f6:51:76:b2:
80:b0:31:04:61:2f:e5:9b:87:fc:10:71:38:46:d5:c9:42:42:
5d:23:be:ec:10:cf:97:10:33:de:9f:47:ba:e9:93:8d:27:40:
bb:89:6d:af:77:5b:e6:37:5b:70:ca:f9:68:f5:0c:e1:1a:74:
4a:07:ac:eb:bc:35:1b:28:87:20:31:f7:ec:33:34:2e:f7:40:
dd:d7:0f:cf:1c:15:13:ca:c1:aa:c9:02:76:c2:ce:99:f5:e7:
bf:ec:a7:1f:80:d0:e1:a5:62:ed:d9:9e:95:0a:95:bf:24:ac:
51:df:63:b6:21:88:58:2d:85:59:8d:b1:55:9f:b0:01:9a:db:
d5:60:24:b8:07:72:3f:7e:0f:97:c3:62:e8:32:c2:09:27:e0:
8e:c6:0f:47:06:80:04:82:49:43:81:d4:f3:20:f2:88:07:26:
d1:3b:d6:10:8a:a8:9e:ab:0c:1f:df:80:46:fa:3c:8a:2a:e8:
eb:63:67:7d:5a:62:7c:9d:f8:c7:76:c0:74:e4:7b:09:c4:cc:
01:5c:73:2c:6b:18:76:00:97:80:89:f0:0a:e7:47:3a:68:1b:
1f:af:d4:bf
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbe8Tv4FPkrkucF011FH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMmEyYmEzY2MxOGM5OTg1MDEzMDllY2RlMDQyNzA2YWY1
Yjg0NWEwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFjZGI1MWFmZWNhNWIzOTI5NDIyZmJhMWQ2M2Q4MDI1MGMzMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw02Ro5RbyJ/4rqzxFNugUrKPljvJ
baMczrt02/fkKvUpFZfIykCVZAdxPLHeHwNMjCQoHtQ7+qjJUrUAiaBVzc5Lt9A2
qjl2HH7iVbjQqz861CbBU2424IGRTI+xhvt1toDboxao3N4+uQXsAT5tCqlyMWd0
qFGkqXKhxJmOfrplqqNw0zeHoe3bS9MC5wqek6JQDxEJFPX5oeTQvMuC9rEBqYrl
Sc2QZ2rzQwajNMYdWObTiJHA0z09d/EJtsb6TuKqa00aEc+2Dx/4CfbRROkuE2DQ
ESYBMgtuaYSdpIwiMUp6o62FS07fIj0qKbkLPM0rZ+KjBKLjQNNPwuF+ywIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP2s21Gv7KWzkpQi+6HWPYAlDDMMMB8GA1UdIwQY
MBaAFBIqK6PMGMmYUBMJ7N4EJwavW4RaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMt
YWUxYWExNjU0Y2RlLzEvX2F6YlVhX3NwYk9TbENMN29kWTlnQ1VNTXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mOTY0MzAtNjJkNC00MzEwLTg0OTMtYWUxYWExNjU0Y2Rl
LzEvRWlvcm84d1l5WmhRRXduczNnUW5CcTliaEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCW+KsAwQC
ufo8MA4EAgACMAgDBgQqCYiAADANBgkqhkiG9w0BAQsFAAOCAQEAMo1U8YptAn3m
roLXzr9rTzcsmaxJ61D7YomVBGgV7kn2UXaygLAxBGEv5ZuH/BBxOEbVyUJCXSO+
7BDPlxAz3p9HuumTjSdAu4ltr3db5jdbcMr5aPUM4Rp0Sges67w1GyiHIDH37DM0
LvdA3dcPzxwVE8rBqskCdsLOmfXnv+ynH4DQ4aVi7dmelQqVvySsUd9jtiGIWC2F
WY2xVZ+wAZrb1WAkuAdyP34Pl8Ni6DLCCSfgjsYPRwaABIJJQ4HU8yDyiAcm0TvW
EIqonqsMH9+ARvo8iiro62NnfVpifJ34x3bAdOR7CcTMAVxzLGsYdgCXgInwCudH
OmgbH6/Uvw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:42 2025 by rpki-client