Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/0NfbojjlWLRmy1yZ2la2IU0vi9c.roa
File: 0NfbojjlWLRmy1yZ2la2IU0vi9c.roa (raw, json)
Hash identifier: oLy1NrqsDW4HH7x5wXrNs5wao3j1ISMTMGdk/nso8Pk=
Subject key identifier: D0:D7:DB:A2:38:E5:58:B4:66:CB:5C:99:DA:56:B6:21:4D:2F:8B:D7
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 019194FE0B27D690CBE43F44608737BF1C9A
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/0NfbojjlWLRmy1yZ2la2IU0vi9c.roa
Signing time: Tue 27 Aug 2024 17:59:22 +0000
ROA not before: Tue 27 Aug 2024 17:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51859
IP address blocks: 87.237.200.0/21 maxlen: 24
87.237.201.0/24 maxlen: 24
87.237.202.0/23 maxlen: 24
87.237.203.0/24 maxlen: 24
87.237.204.0/22 maxlen: 24
87.237.204.0/24 maxlen: 24
91.214.200.0/22 maxlen: 24
91.222.4.0/22 maxlen: 24
92.249.52.0/22 maxlen: 22
92.249.52.0/24 maxlen: 24
185.29.100.0/22 maxlen: 24
188.93.120.0/22 maxlen: 24
2a04:2e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Aug 2024 23:26:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:fe:0b:27:d6:90:cb:e4:3f:44:60:87:37:bf:1c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Aug 27 17:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0d7dba238e558b466cb5c99da56b6214d2f8bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:82:dc:38:77:55:57:94:be:18:25:e5:19:23:
7a:3c:40:75:6a:1c:a8:ad:5d:d9:2b:64:99:3d:12:
91:f4:78:fb:8c:0e:db:18:e3:4e:6c:90:0e:f6:ef:
f3:28:ad:ef:63:b5:cd:de:21:a6:f0:21:d0:e4:e0:
37:83:e6:69:4d:16:38:8f:d1:3b:ca:2a:e5:47:e6:
6c:5b:52:ab:40:cc:a1:c4:19:ad:2e:57:af:78:37:
4f:13:df:b1:16:a7:37:e9:b0:f7:98:dc:f3:c7:93:
39:55:ad:51:cd:f8:3b:83:53:14:7f:fd:99:1c:d4:
38:b6:c7:cf:e3:f6:b1:aa:e2:1d:a3:fc:6d:37:c7:
a4:c7:12:90:96:1e:ec:7b:69:64:58:2d:4b:31:7e:
31:46:cf:cc:03:b0:08:d5:50:0a:06:32:22:8c:84:
d4:53:26:69:37:6a:be:10:ed:16:6f:b7:79:b1:56:
90:33:54:60:bf:9d:2a:34:52:72:93:16:a7:8a:df:
3a:7f:27:76:99:96:e0:46:16:02:80:f0:df:1e:2e:
35:65:f1:60:52:0a:da:7b:5d:b2:8c:af:d4:3b:58:
2f:53:9f:fa:fa:d8:1d:54:dd:9d:ff:04:dc:78:f1:
7e:b6:b2:e1:41:db:55:37:87:4d:73:50:22:93:d5:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D7:DB:A2:38:E5:58:B4:66:CB:5C:99:DA:56:B6:21:4D:2F:8B:D7
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/0NfbojjlWLRmy1yZ2la2IU0vi9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/21
91.214.200.0/22
91.222.4.0/22
92.249.52.0/22
185.29.100.0/22
188.93.120.0/22
IPv6:
2a04:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
39:81:c7:b9:17:5b:df:15:89:b9:f9:ba:37:ff:77:ce:b3:e0:
da:ba:59:46:f5:c9:d9:3b:15:d3:d1:13:0f:79:28:ed:6d:2e:
87:98:f7:62:0d:74:40:87:c6:89:b9:6b:ef:57:6d:31:47:57:
b2:19:b6:cc:38:66:2c:fb:b5:a6:c9:a3:ff:23:87:80:c0:88:
de:29:64:b5:d4:79:0e:7a:f7:ab:38:5d:76:75:e9:b2:6e:56:
a5:44:71:8c:06:c1:48:ad:99:07:3d:f6:93:86:b0:81:d5:2f:
d2:d0:3a:9d:c7:f1:2d:f9:20:fd:f8:b9:0b:05:4d:62:f1:10:
7d:b7:02:98:56:a8:09:41:b1:e4:77:d1:51:59:6b:76:7b:6f:
6d:f0:08:e6:49:7b:cf:cc:89:c8:fa:d2:be:d5:5d:3b:49:bb:
71:8d:90:04:bb:b9:bc:4b:2a:6f:53:65:6d:c7:8c:14:64:d6:
55:d9:5b:89:b9:61:b1:4f:4d:a6:3f:4f:40:38:de:a3:59:b2:
a4:16:aa:52:12:bc:e5:dd:19:d8:3e:91:03:65:78:75:1a:28:
2f:16:cb:55:a6:fc:1b:c5:1c:8d:9f:c2:c4:15:2b:9c:f2:80:
80:64:71:e4:c4:10:dc:50:2b:ef:c5:dc:3b:2a:63:58:04:00:
4c:7a:1c:5c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZGU/gsn1pDL5D9EYIc3vxyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjQwODI3MTc1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ3ZGJhMjM4ZTU1OGI0NjZjYjVjOTlkYTU2YjYyMTRkMmY4YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmILcOHdVV5S+GCXlGSN6PEB1ahyo
rV3ZK2SZPRKR9Hj7jA7bGONObJAO9u/zKK3vY7XN3iGm8CHQ5OA3g+ZpTRY4j9E7
yirlR+ZsW1KrQMyhxBmtLleveDdPE9+xFqc36bD3mNzzx5M5Va1Rzfg7g1MUf/2Z
HNQ4tsfP4/axquIdo/xtN8ekxxKQlh7se2lkWC1LMX4xRs/MA7AI1VAKBjIijITU
UyZpN2q+EO0Wb7d5sVaQM1Rgv50qNFJykxanit86fyd2mZbgRhYCgPDfHi41ZfFg
Ugrae12yjK/UO1gvU5/6+tgdVN2d/wTcePF+trLhQdtVN4dNc1Aik9XocwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNDX26I45Vi0ZstcmdpWtiFNL4vXMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEvME5mYm9qamxXTFJteTF5WjJsYTJJVTB2aTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV+3IAwQC
W9bIAwQCW94EAwQCXPk0AwQCuR1kAwQCvF14MA0EAgACMAcDBQMqBC5AMA0GCSqG
SIb3DQEBCwUAA4IBAQA5gce5F1vfFYm5+bo3/3fOs+DaullG9cnZOxXT0RMPeSjt
bS6HmPdiDXRAh8aJuWvvV20xR1eyGbbMOGYs+7WmyaP/I4eAwIjeKWS11HkOever
OF12demyblalRHGMBsFIrZkHPfaThrCB1S/S0Dqdx/Et+SD9+LkLBU1i8RB9twKY
VqgJQbHkd9FRWWt2e29t8AjmSXvPzInI+tK+1V07SbtxjZAEu7m8SypvU2Vtx4wU
ZNZV2VuJuWGxT02mP09AON6jWbKkFqpSErzl3RnYPpEDZXh1GigvFstVpvwbxRyN
n8LEFSuc8oCAZHHkxBDcUCvvxdw7KmNYBABMehxc
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:41:15 2025 by rpki-client