Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0BBYD36k7AQRg-t9D3iFcYNnYZw.roa
File: 0BBYD36k7AQRg-t9D3iFcYNnYZw.roa (raw, json)
Hash identifier: eikcl1eLUNr3WSD0mSirDxhKIBV4wp7PKQmh90cC9JA=
Subject key identifier: D0:10:58:0F:7E:A4:EC:04:11:83:EB:7D:0F:78:85:71:83:67:61:9C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0191987188AAAB31F4BD00302DD27584398C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0BBYD36k7AQRg-t9D3iFcYNnYZw.roa
Signing time: Wed 28 Aug 2024 10:04:22 +0000
ROA not before: Wed 28 Aug 2024 10:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41691
IP address blocks: 81.22.192.0/24 maxlen: 24
87.117.128.0/21 maxlen: 21
87.117.136.0/23 maxlen: 23
87.117.138.0/24 maxlen: 24
87.117.140.0/22 maxlen: 22
87.117.146.0/23 maxlen: 23
87.117.148.0/23 maxlen: 23
89.221.192.0/21 maxlen: 21
89.221.192.0/22 maxlen: 22
89.221.197.0/24 maxlen: 24
89.221.205.0/24 maxlen: 24
109.172.48.0/22 maxlen: 22
109.172.52.0/23 maxlen: 23
109.172.102.0/23 maxlen: 23
109.172.104.0/22 maxlen: 22
109.172.118.0/23 maxlen: 23
2a02:25e0:f00::/40 maxlen: 40
2a02:25e0:7700::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 29 Aug 2024 08:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:71:88:aa:ab:31:f4:bd:00:30:2d:d2:75:84:39:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 28 10:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d010580f7ea4ec041183eb7d0f7885718367619c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:34:5b:25:a7:41:2a:b3:44:ac:b3:26:f6:
4f:06:cd:d8:6d:39:f0:97:0e:69:58:e8:5a:79:c7:
ef:2d:4d:1e:d0:64:36:31:22:48:ae:5a:1b:0a:b1:
dc:06:bf:14:8a:e0:b3:d2:10:7a:a8:cd:7f:ab:3c:
66:b5:3c:37:f5:eb:91:1c:34:09:0f:c3:3d:35:0b:
c5:c8:52:91:08:9a:e1:36:c2:80:cb:29:4c:e6:bf:
b3:1a:7e:2c:91:32:a6:87:35:94:cd:61:d7:e7:d5:
d2:f3:26:a2:ce:b8:c1:c8:13:9d:c6:fa:20:4e:73:
dc:f3:d0:c0:1e:12:6b:0a:01:cb:93:15:0b:7c:15:
22:0a:26:5a:04:6c:f4:17:77:b3:06:fd:13:d9:2c:
b9:b1:a7:af:3e:28:72:cd:b5:1f:70:31:5f:b4:77:
3c:62:66:b4:73:10:06:23:29:ee:75:9f:6d:d4:49:
39:08:5b:ee:ca:8a:15:68:ec:3d:79:bd:df:d4:13:
6c:d8:ba:75:fe:80:a6:8e:61:aa:d8:0d:53:b6:97:
ae:44:03:64:a9:ff:4b:36:c6:bc:83:25:eb:bd:d5:
ef:f5:a0:21:09:eb:c3:e2:f9:2f:3e:d0:18:81:4c:
99:17:9d:02:81:eb:fc:66:5f:e4:5a:0e:d3:bd:53:
69:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:10:58:0F:7E:A4:EC:04:11:83:EB:7D:0F:78:85:71:83:67:61:9C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0BBYD36k7AQRg-t9D3iFcYNnYZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.192.0/24
87.117.128.0-87.117.138.255
87.117.140.0/22
87.117.146.0-87.117.149.255
89.221.192.0/21
89.221.205.0/24
109.172.48.0-109.172.53.255
109.172.102.0-109.172.107.255
109.172.118.0/23
IPv6:
2a02:25e0:f00::/40
2a02:25e0:7700::/40
Signature Algorithm: sha256WithRSAEncryption
83:1c:a8:51:bf:25:a1:d1:9c:fa:d7:4b:8b:92:10:62:44:e4:
14:9c:c8:12:31:fd:5a:ae:84:ad:db:79:79:23:94:e4:09:29:
8a:5e:6f:38:d9:45:4e:2b:0a:f0:ce:29:c3:cf:fb:30:8c:57:
be:5f:7c:17:3e:8d:35:8d:bc:86:2f:0f:95:34:65:ae:e7:49:
80:c5:d5:f2:94:9b:b1:ce:1c:83:7b:ca:6f:bb:2c:79:92:ee:
c4:66:dc:28:70:61:e9:a7:5a:d9:cc:b7:3e:54:6b:15:7a:af:
fe:58:c3:61:10:c5:80:e0:cc:42:8a:65:ae:cc:42:d8:da:b1:
61:29:d1:ee:14:36:e7:8e:59:75:12:ee:0a:50:c2:dc:85:54:
d7:0c:1d:b3:46:09:4e:10:e0:1c:fa:37:43:e2:8e:be:3d:36:
b3:6c:95:7b:a2:24:32:9f:4c:87:6d:bb:df:be:94:6f:34:d2:
7d:fd:fd:33:7c:71:18:9e:6c:fb:ff:77:30:d5:73:68:be:02:
6d:66:32:60:68:29:bd:4b:70:bd:39:91:08:5c:b3:eb:9c:38:
a7:91:6a:90:16:f0:dc:af:a1:80:90:a5:67:c0:8c:0a:c9:65:
9d:c1:0d:b5:dc:60:9c:97:c1:6c:d1:82:ee:5c:20:be:45:19:
02:61:ad:f7
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZGYcYiqqzH0vQAwLdJ1hDmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI4MTAwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEwNTgwZjdlYTRlYzA0MTE4M2ViN2QwZjc4ODU3MTgzNjc2MTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApME0WyWnQSqzRKyzJvZPBs3YbTnw
lw5pWOhaecfvLU0e0GQ2MSJIrlobCrHcBr8UiuCz0hB6qM1/qzxmtTw39euRHDQJ
D8M9NQvFyFKRCJrhNsKAyylM5r+zGn4skTKmhzWUzWHX59XS8yaizrjByBOdxvog
TnPc89DAHhJrCgHLkxULfBUiCiZaBGz0F3ezBv0T2Sy5saevPihyzbUfcDFftHc8
Yma0cxAGIynudZ9t1Ek5CFvuyooVaOw9eb3f1BNs2Lp1/oCmjmGq2A1TtpeuRANk
qf9LNsa8gyXrvdXv9aAhCevD4vkvPtAYgUyZF50Cgev8Zl/kWg7TvVNp/wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFNAQWA9+pOwEEYPrfQ94hXGDZ2GcMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMEJCWUQzNms3QVFSZy10OUQzaUZjWU5uWVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXAQCAAEwVgMEAFEWwDAM
AwQHV3WAAwQAV3WKAwQCV3WMMAwDBAFXdZIDBAFXdZQDBANZ3cADBABZ3c0wDAME
BG2sMAMEAW2sNDAMAwQBbaxmAwQCbaxoAwQBbax2MBYEAgACMBADBgAqAiXgDwMG
ACoCJeB3MA0GCSqGSIb3DQEBCwUAA4IBAQCDHKhRvyWh0Zz610uLkhBiROQUnMgS
Mf1aroSt23l5I5TkCSmKXm842UVOKwrwzinDz/swjFe+X3wXPo01jbyGLw+VNGWu
50mAxdXylJuxzhyDe8pvuyx5ku7EZtwocGHpp1rZzLc+VGsVeq/+WMNhEMWA4MxC
imWuzELY2rFhKdHuFDbnjll1Eu4KUMLchVTXDB2zRglOEOAc+jdD4o6+PTazbJV7
oiQyn0yHbbvfvpRvNNJ9/f0zfHEYnmz7/3cw1XNovgJtZjJgaCm9S3C9OZEIXLPr
nDinkWqQFvDcr6GAkKVnwIwKyWWdwQ213GCcl8Fs0YLuXCC+RRkCYa33
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:57:32 2025 by rpki-client