Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/8wyUUmZF95qVOii7bm9T5m4qcjI.roa
File: 8wyUUmZF95qVOii7bm9T5m4qcjI.roa (raw, json)
Hash identifier: AVWqhU3DZgxtWHGqpi8+6wAj/+rG2qJ2l5iRG96zIRs=
Subject key identifier: F3:0C:94:52:66:45:F7:9A:95:3A:28:BB:6E:6F:53:E6:6E:2A:72:32
Certificate issuer: /CN=b522787599f1798e245f993f8cb8182f99cfd104
Certificate serial: 0192B95D10B9446CAE92DEEF5E6FBD3EF74A
Authority key identifier: B5:22:78:75:99:F1:79:8E:24:5F:99:3F:8C:B8:18:2F:99:CF:D1:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/8wyUUmZF95qVOii7bm9T5m4qcjI.roa
Signing time: Wed 23 Oct 2024 12:32:16 +0000
ROA not before: Wed 23 Oct 2024 12:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50767
IP address blocks: 91.206.154.0/23 maxlen: 23
91.224.128.0/23 maxlen: 23
91.227.0.0/22 maxlen: 22
185.233.24.0/22 maxlen: 22
193.106.228.0/22 maxlen: 22
193.107.248.0/22 maxlen: 22
2a0c:d300::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:5d:10:b9:44:6c:ae:92:de:ef:5e:6f:bd:3e:f7:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b522787599f1798e245f993f8cb8182f99cfd104
Validity
Not Before: Oct 23 12:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f30c94526645f79a953a28bb6e6f53e66e2a7232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:90:f2:4b:1d:f2:ac:12:df:ef:20:6a:b9:f5:
85:18:91:25:4e:52:9a:c7:e8:b1:0e:0e:32:a2:92:
90:d6:75:b8:ac:0d:31:bc:7b:ec:1b:87:8b:45:10:
6c:34:78:77:63:88:99:e0:0c:7d:e0:48:0f:21:82:
14:fa:85:1a:49:07:b6:b2:b6:d6:ac:39:23:60:53:
18:91:e2:9b:55:ad:2e:0b:ed:2f:50:83:ae:c1:51:
57:cd:15:25:9e:5e:0f:a8:2e:5c:04:2b:b9:35:62:
70:53:e5:a1:43:60:b6:73:5d:4f:d7:a2:75:ec:38:
ea:fe:b6:6e:71:80:7b:af:0b:f7:3c:e6:e7:d8:d3:
0d:a8:c1:56:64:30:d2:72:19:05:8e:06:17:0c:f0:
7d:9d:01:00:a1:66:3c:07:30:cd:db:6e:16:86:77:
78:55:40:3a:89:64:3c:5b:41:3f:81:43:47:7c:2c:
d0:ed:ac:a3:2d:aa:f0:c7:ef:c0:98:72:93:58:51:
db:21:69:ea:8a:32:95:3b:68:d3:d7:4f:78:d3:93:
17:30:62:30:06:c3:28:9a:ba:1b:ab:57:63:7c:79:
26:d9:72:70:b7:9a:a7:7d:a8:a5:9d:e4:1a:6b:6d:
da:a3:79:a9:e7:f1:1a:34:01:8e:06:e4:3f:97:f3:
c0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0C:94:52:66:45:F7:9A:95:3A:28:BB:6E:6F:53:E6:6E:2A:72:32
X509v3 Authority Key Identifier:
keyid:B5:22:78:75:99:F1:79:8E:24:5F:99:3F:8C:B8:18:2F:99:CF:D1:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/8wyUUmZF95qVOii7bm9T5m4qcjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/9a4cce-fd12-4707-be95-0a246ab05946/1/tSJ4dZnxeY4kX5k_jLgYL5nP0QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.154.0/23
91.224.128.0/23
91.227.0.0/22
185.233.24.0/22
193.106.228.0/22
193.107.248.0/22
IPv6:
2a0c:d300::/29
Signature Algorithm: sha256WithRSAEncryption
36:d8:6c:5a:f6:8a:91:1a:56:e4:ee:e0:90:0f:d2:88:8b:4d:
66:c5:3d:51:8f:f0:f7:d6:f3:cd:49:0d:eb:63:cf:d8:4d:7c:
02:0a:5d:05:e1:a2:8d:07:ea:20:ba:14:1c:a9:36:e5:f0:54:
db:ca:47:0c:9e:90:f3:25:87:59:6d:f7:ec:f7:5c:0d:77:ec:
ba:ed:a2:86:21:be:2c:ee:21:ce:5f:42:87:a1:05:b4:32:3a:
21:f2:e8:50:5d:52:2c:68:ab:1b:b9:67:1b:22:d5:8e:fd:41:
05:2c:6a:81:72:f6:34:88:90:48:30:a7:9e:78:ed:2a:0e:39:
a7:27:11:b0:ff:14:41:ca:17:db:e0:83:cf:6b:c3:d4:50:a4:
2f:ec:68:96:b5:98:8e:77:c2:ad:87:a9:55:f7:91:e1:f8:9e:
33:a4:f2:65:ba:b2:6c:c7:7a:50:71:97:21:ba:8e:22:bc:0d:
6a:87:91:0e:d4:93:46:fe:3c:ff:92:f3:7b:b9:4b:18:96:bc:
98:54:7c:b6:b9:33:01:20:b1:69:b6:da:d5:41:10:f0:45:7e:
19:1d:73:a3:be:50:ee:01:3b:41:09:23:fc:22:1b:1d:9c:40:
e3:ca:9b:02:15:6c:9d:96:3b:0b:01:48:8e:bf:14:b8:59:e4:
d9:8d:0e:6e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZK5XRC5RGyukt7vXm+9PvdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjI3ODc1OTlmMTc5OGUyNDVmOTkzZjhjYjgxODJmOTlj
ZmQxMDQwHhcNMjQxMDIzMTIzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBjOTQ1MjY2NDVmNzlhOTUzYTI4YmI2ZTZmNTNlNjZlMmE3MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpDySx3yrBLf7yBqufWFGJElTlKa
x+ixDg4yopKQ1nW4rA0xvHvsG4eLRRBsNHh3Y4iZ4Ax94EgPIYIU+oUaSQe2srbW
rDkjYFMYkeKbVa0uC+0vUIOuwVFXzRUlnl4PqC5cBCu5NWJwU+WhQ2C2c11P16J1
7Djq/rZucYB7rwv3PObn2NMNqMFWZDDSchkFjgYXDPB9nQEAoWY8BzDN224Whnd4
VUA6iWQ8W0E/gUNHfCzQ7ayjLarwx+/AmHKTWFHbIWnqijKVO2jT109405MXMGIw
BsMomrobq1djfHkm2XJwt5qnfailneQaa23ao3mp5/EaNAGOBuQ/l/PA3QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPMMlFJmRfealToou25vU+ZuKnIyMB8GA1UdIwQY
MBaAFLUieHWZ8XmOJF+ZP4y4GC+Zz9EEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNKNGRabnhlWTRrWDVrX2pMZ1lMNW5QMFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85YTRjY2UtZmQxMi00NzA3LWJlOTUt
MGEyNDZhYjA1OTQ2LzEvOHd5VVVtWkY5NXFWT2lpN2JtOVQ1bTRxY2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85YTRjY2UtZmQxMi00NzA3LWJlOTUtMGEyNDZhYjA1OTQ2
LzEvdFNKNGRabnhlWTRrWDVrX2pMZ1lMNW5QMFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBW86aAwQB
W+CAAwQCW+MAAwQCuekYAwQCwWrkAwQCwWv4MA0EAgACMAcDBQMqDNMAMA0GCSqG
SIb3DQEBCwUAA4IBAQA22Gxa9oqRGlbk7uCQD9KIi01mxT1Rj/D31vPNSQ3rY8/Y
TXwCCl0F4aKNB+oguhQcqTbl8FTbykcMnpDzJYdZbffs91wNd+y67aKGIb4s7iHO
X0KHoQW0Mjoh8uhQXVIsaKsbuWcbItWO/UEFLGqBcvY0iJBIMKeeeO0qDjmnJxGw
/xRByhfb4IPPa8PUUKQv7GiWtZiOd8Kth6lV95Hh+J4zpPJlurJsx3pQcZchuo4i
vA1qh5EO1JNG/jz/kvN7uUsYlryYVHy2uTMBILFpttrVQRDwRX4ZHXOjvlDuATtB
CSP8IhsdnEDjypsCFWydljsLAUiOvxS4WeTZjQ5u
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:48:27 2025 by rpki-client