Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kw7MtBSUkofIxQeePz2KeEzMRiQ.roa
File: Kw7MtBSUkofIxQeePz2KeEzMRiQ.roa (raw, json)
Hash identifier: IN+Hmf+nrO0zsD0w3xD/0irbwGuhUzOqVh1UfQMkzSs=
Subject key identifier: 2B:0E:CC:B4:14:94:92:87:C8:C5:07:9E:3F:3D:8A:78:4C:CC:46:24
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AF0DA0AE6E994907843CAC1FBF6D09
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kw7MtBSUkofIxQeePz2KeEzMRiQ.roa
Signing time: Tue 26 Nov 2024 13:35:22 +0000
ROA not before: Tue 26 Nov 2024 13:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396617
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:af:0d:a0:ae:6e:99:49:07:84:3c:ac:1f:bf:6d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b0eccb414949287c8c5079e3f3d8a784ccc4624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b3:39:59:4d:20:77:66:8d:52:4d:16:c7:f1:
44:61:ff:c0:24:61:27:57:d0:bc:b4:16:0e:73:aa:
f2:a5:f0:a6:90:86:cd:25:e2:04:18:77:50:09:d6:
9d:a6:c4:da:85:10:0e:73:6c:8a:d8:d6:7b:6f:22:
27:52:f2:37:ee:13:b6:a4:4b:93:5c:7b:88:8b:4c:
99:30:64:c5:7c:0b:28:73:4b:03:b7:97:0e:26:c3:
98:7f:c4:f6:93:23:a9:ff:e7:bb:87:cc:63:50:7c:
2b:9d:37:7b:ed:79:99:71:4f:9c:1e:0f:56:b7:e3:
b0:00:be:c8:28:ca:45:cd:5e:06:d6:e5:d7:91:d3:
2a:20:5e:9d:77:f2:30:6c:05:d6:a7:c9:52:cf:65:
60:92:96:53:d6:23:57:c0:32:e1:07:59:be:03:52:
c8:23:e4:62:d1:cf:c1:5c:27:c0:a5:75:3a:fe:13:
21:cc:53:98:7c:9d:8d:31:7f:16:c3:75:ce:bd:ab:
da:1f:2e:bc:8f:69:90:df:0f:f8:e1:e7:56:5d:91:
8a:b2:f9:7e:9e:10:d6:ce:16:d3:8c:51:96:d2:fc:
d6:8a:d9:10:e3:cf:5d:58:33:64:5a:46:da:0b:b5:
14:7f:1a:65:b0:30:c3:43:f9:f0:08:0b:ef:2e:e2:
4c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0E:CC:B4:14:94:92:87:C8:C5:07:9E:3F:3D:8A:78:4C:CC:46:24
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Kw7MtBSUkofIxQeePz2KeEzMRiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
28:d8:70:9e:58:1b:8b:33:2a:9e:10:ea:90:a3:b0:53:86:3b:
f9:b0:c1:0d:ed:87:6f:6f:ba:f0:64:82:5e:09:ec:98:19:9a:
81:8a:88:0a:0b:5d:17:cb:97:14:53:ef:fa:61:85:f3:e1:ac:
7b:e8:af:c2:c5:34:8b:61:c4:8a:2b:c7:ae:f9:2b:28:e1:ec:
39:2a:99:ac:9f:e6:6a:c5:c0:05:9e:d5:60:40:77:45:86:ec:
2d:5a:cb:c5:1a:cc:43:d0:9b:8d:af:1d:18:40:92:8e:55:b8:
cf:2d:48:78:4e:36:13:5c:a5:52:97:fb:82:4a:fc:d1:71:2f:
8f:a3:b3:b7:8b:8e:e8:11:38:bd:f3:f3:79:97:51:5c:dc:32:
ff:7a:76:05:8a:66:3d:47:d3:36:5e:9b:47:da:01:fa:f1:10:
3f:1c:0b:68:9d:f7:90:e1:dc:20:71:9b:49:98:3e:77:04:a6:
e5:11:cd:a9:a7:85:7d:ba:65:e6:f6:95:4e:cb:d3:38:74:09:
31:0d:50:14:05:ed:94:04:3d:35:c2:73:ce:91:16:23:32:e7:
6f:23:35:1a:0b:3d:3b:aa:59:bf:43:71:46:eb:39:93:c9:35:
11:4f:78:a4:da:23:5b:05:e0:41:a8:ad:2a:21:a4:38:df:bf:
2c:5c:ef:23
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorw2grm6ZSQeEPKwfv20JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBlY2NiNDE0OTQ5Mjg3YzhjNTA3OWUzZjNkOGE3ODRjY2M0NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7M5WU0gd2aNUk0Wx/FEYf/AJGEn
V9C8tBYOc6rypfCmkIbNJeIEGHdQCdadpsTahRAOc2yK2NZ7byInUvI37hO2pEuT
XHuIi0yZMGTFfAsoc0sDt5cOJsOYf8T2kyOp/+e7h8xjUHwrnTd77XmZcU+cHg9W
t+OwAL7IKMpFzV4G1uXXkdMqIF6dd/IwbAXWp8lSz2VgkpZT1iNXwDLhB1m+A1LI
I+Ri0c/BXCfApXU6/hMhzFOYfJ2NMX8Ww3XOvavaHy68j2mQ3w/44edWXZGKsvl+
nhDWzhbTjFGW0vzWitkQ489dWDNkWkbaC7UUfxplsDDDQ/nwCAvvLuJMyQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCsOzLQUlJKHyMUHnj89inhMzEYkMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvS3c3TXRCU1Vrb2ZJeFFlZVB6MktlRXpNUmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBACjYcJ5YG4szKp4Q6pCjsFOGO/mwwQ3t
h29vuvBkgl4J7JgZmoGKiAoLXRfLlxRT7/phhfPhrHvor8LFNIthxIorx675Kyjh
7Dkqmayf5mrFwAWe1WBAd0WG7C1ay8UazEPQm42vHRhAko5VuM8tSHhONhNcpVKX
+4JK/NFxL4+js7eLjugROL3z83mXUVzcMv96dgWKZj1H0zZem0faAfrxED8cC2id
95Dh3CBxm0mYPncEpuURzamnhX26Zeb2lU7L0zh0CTENUBQF7ZQEPTXCc86RFiMy
528jNRoLPTuqWb9DcUbrOZPJNRFPeKTaI1sF4EGorSohpDjfvyxc7yM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:41 2025 by rpki-client