Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/hGb-zFBMKxPtANKlmyVC0WrH_ic.roa
File: hGb-zFBMKxPtANKlmyVC0WrH_ic.roa (raw, json)
Hash identifier: /cX/aa8EcOGm/VPVvkfI95TOnDLkiaLn3vg+gZRdxUQ=
Subject key identifier: 84:66:FE:CC:50:4C:2B:13:ED:00:D2:A5:9B:25:42:D1:6A:C7:FE:27
Certificate issuer: /CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Certificate serial: 01922D6C0C71014F441410FDF3ECD3EF8512
Authority key identifier: 20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/hGb-zFBMKxPtANKlmyVC0WrH_ic.roa
Signing time: Thu 26 Sep 2024 08:21:48 +0000
ROA not before: Thu 26 Sep 2024 08:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201434
IP address blocks: 91.194.138.0/24 maxlen: 24
146.255.190.0/24 maxlen: 24
185.75.36.0/22 maxlen: 22
193.29.207.0/24 maxlen: 24
194.126.238.0/24 maxlen: 24
2a03:4620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:6c:0c:71:01:4f:44:14:10:fd:f3:ec:d3:ef:85:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Validity
Not Before: Sep 26 08:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8466fecc504c2b13ed00d2a59b2542d16ac7fe27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:5f:ce:bd:c4:be:48:c1:a4:3e:ab:bf:31:
08:ae:59:34:1d:ec:f2:97:75:10:6b:1f:de:f0:dc:
9f:33:9d:c7:e5:ce:e1:04:d2:fd:aa:a3:a9:07:29:
fe:77:eb:08:89:b6:d2:ca:43:7f:7f:0b:e9:ef:dd:
51:81:18:01:54:27:6b:8a:83:32:40:56:1b:61:dd:
c7:15:04:53:20:a6:78:17:6c:38:19:a6:c2:d2:01:
cf:32:c7:7f:9f:2c:6e:11:3a:fd:fa:ee:26:db:32:
b3:e9:7f:0a:33:ce:de:2e:4c:6a:a9:15:0e:b1:7e:
0a:02:94:4d:a1:a2:eb:73:5d:24:7a:dc:6b:d9:e4:
f8:c3:70:78:b9:bf:d1:7f:f5:25:5b:4d:e1:70:a0:
6a:21:ed:ee:00:7a:88:b5:b0:f7:18:0f:69:7a:fa:
8e:0b:37:ff:34:1c:29:77:79:e0:2e:94:a7:5f:fc:
a9:75:45:10:a9:a2:fa:78:a1:bb:4e:50:d7:80:a1:
10:30:92:88:88:94:79:3f:84:e7:68:27:ac:6d:df:
e8:79:f9:70:bb:f3:d0:85:15:8b:1d:2e:6a:05:b2:
f1:4f:08:c3:32:9f:6c:cd:35:b6:07:8d:61:59:c9:
d9:d7:63:07:d5:6b:df:3c:a9:dc:4c:e3:37:f4:b0:
36:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:66:FE:CC:50:4C:2B:13:ED:00:D2:A5:9B:25:42:D1:6A:C7:FE:27
X509v3 Authority Key Identifier:
keyid:20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/hGb-zFBMKxPtANKlmyVC0WrH_ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.138.0/24
146.255.190.0/24
185.75.36.0/22
193.29.207.0/24
194.126.238.0/24
IPv6:
2a03:4620::/32
Signature Algorithm: sha256WithRSAEncryption
71:34:4d:17:f2:f0:ff:24:f5:61:88:fc:c3:fd:46:58:8b:ba:
09:36:2b:61:52:6f:dd:b3:c5:e3:6b:c7:eb:79:b5:a0:bb:f2:
16:a3:37:bb:32:b5:d5:b8:f8:21:7f:bd:72:51:9b:b1:ef:33:
21:32:83:18:d2:b9:ef:34:d0:19:b9:fa:4f:c2:2e:dc:17:0a:
f2:bb:64:3d:92:cc:06:b7:56:c0:6f:2f:c6:de:ec:6c:8a:04:
60:c6:bf:da:ec:da:83:a3:ce:7c:71:1c:8f:de:41:4e:f0:00:
19:4a:e1:68:b9:fc:13:5e:35:3b:e5:6b:70:a5:f5:4c:d6:13:
e2:72:e3:7c:c6:60:69:f4:a6:15:90:41:d3:d9:b6:cf:71:8c:
12:0e:bc:7e:fd:cd:bf:57:82:86:7f:e1:2f:c6:d6:5f:09:34:
f0:36:b1:d0:0b:bd:66:e9:b2:ba:f3:44:73:e6:07:3b:9d:d3:
d1:7e:bc:0a:26:51:e3:f7:55:80:3f:bc:02:b0:c5:7e:e2:60:
49:9a:ba:b1:e0:e7:d4:b8:2e:bd:1a:3e:5b:13:46:3c:e5:d1:
80:b4:4d:82:51:45:ba:c9:60:ee:6e:8b:6b:af:93:b2:6f:59:
10:c7:91:2b:21:54:01:e5:df:4b:21:1f:2c:33:97:ce:78:6b:
50:9d:03:af
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZItbAxxAU9EFBD98+zT74USMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOTFhNzdmN2M0MjRlOTEyNzM5ODQ3M2JmYTNhMmI5NzI3
ZWJiNDUwHhcNMjQwOTI2MDgyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY2ZmVjYzUwNGMyYjEzZWQwMGQyYTU5YjI1NDJkMTZhYzdmZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8Vfzr3EvkjBpD6rvzEIrlk0Hezy
l3UQax/e8NyfM53H5c7hBNL9qqOpByn+d+sIibbSykN/fwvp791RgRgBVCdrioMy
QFYbYd3HFQRTIKZ4F2w4GabC0gHPMsd/nyxuETr9+u4m2zKz6X8KM87eLkxqqRUO
sX4KApRNoaLrc10ketxr2eT4w3B4ub/Rf/UlW03hcKBqIe3uAHqItbD3GA9pevqO
Czf/NBwpd3ngLpSnX/ypdUUQqaL6eKG7TlDXgKEQMJKIiJR5P4TnaCesbd/oeflw
u/PQhRWLHS5qBbLxTwjDMp9szTW2B41hWcnZ12MH1WvfPKncTOM39LA2awIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIRm/sxQTCsT7QDSpZslQtFqx/4nMB8GA1UdIwQY
MBaAFCCRp398Qk6RJzmEc7+jorlyfrtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMt
OWEyMjk3ODBlMGJlLzEvaEdiLXpGQk1LeFB0QU5LbG15VkMwV3JIX2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMtOWEyMjk3ODBlMGJl
LzEvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8KKAwQA
kv++AwQCuUskAwQAwR3PAwQAwn7uMA0EAgACMAcDBQAqA0YgMA0GCSqGSIb3DQEB
CwUAA4IBAQBxNE0X8vD/JPVhiPzD/UZYi7oJNithUm/ds8Xja8frebWgu/IWoze7
MrXVuPghf71yUZux7zMhMoMY0rnvNNAZufpPwi7cFwryu2Q9kswGt1bAby/G3uxs
igRgxr/a7NqDo858cRyP3kFO8AAZSuFoufwTXjU75WtwpfVM1hPicuN8xmBp9KYV
kEHT2bbPcYwSDrx+/c2/V4KGf+EvxtZfCTTwNrHQC71m6bK680Rz5gc7ndPRfrwK
JlHj91WAP7wCsMV+4mBJmrqx4OfUuC69Gj5bE0Y85dGAtE2CUUW6yWDubotrr5Oy
b1kQx5ErIVQB5d9LIR8sM5fOeGtQnQOv
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:19 2025 by rpki-client