Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/RLrXzbjJ_iD5vOJzclDLR_YtJjo.roa
File: RLrXzbjJ_iD5vOJzclDLR_YtJjo.roa (raw, json)
Hash identifier: kzGRWGBBy+YtT3oppwLDUX6MnOraOzMx/F8TYbYTE7o=
Subject key identifier: 44:BA:D7:CD:B8:C9:FE:20:F9:BC:E2:73:72:50:CB:47:F6:2D:26:3A
Certificate issuer: /CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Certificate serial: 018F557FE76BE2C3B3D6F5DE24B7313B2070
Authority key identifier: 0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/RLrXzbjJ_iD5vOJzclDLR_YtJjo.roa
Signing time: Tue 07 May 2024 23:59:56 +0000
ROA not before: Tue 07 May 2024 23:59:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50833
IP address blocks: 91.224.59.0/24 maxlen: 24
193.150.128.0/24 maxlen: 24
193.150.129.0/24 maxlen: 24
2a10:24c0:272::/48 maxlen: 48
2a10:24c0:6c2::/48 maxlen: 48
2a10:24c0:ada1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Oct 2024 10:52:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:55:7f:e7:6b:e2:c3:b3:d6:f5:de:24:b7:31:3b:20:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Validity
Not Before: May 7 23:59:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44bad7cdb8c9fe20f9bce2737250cb47f62d263a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6c:8f:1a:4a:64:9a:ff:a6:82:58:70:ff:b0:
bc:75:82:29:94:c4:68:86:14:61:cd:c4:d5:ac:00:
03:95:64:29:44:74:d8:42:1b:ac:b6:6c:6e:e9:e7:
31:1a:37:bc:a1:f8:ad:8b:17:6a:41:42:05:35:6c:
12:0b:75:5e:b2:3f:0c:01:fa:84:77:4c:a3:41:94:
07:00:4d:5c:6d:1b:0f:64:c5:29:c5:8d:81:9b:8b:
61:86:07:ef:9e:3e:7d:1e:3e:34:99:bd:fb:69:a1:
74:55:fc:30:5d:92:94:65:3f:4b:f1:ea:40:ba:a9:
cc:0f:72:d9:d8:b7:86:6c:48:10:d9:59:f5:34:8a:
e8:6e:68:5a:c2:cc:3c:66:8a:fb:b6:57:72:e2:ba:
ca:85:80:e2:f3:76:1b:3a:a2:7e:f0:a5:81:2e:d1:
94:83:42:21:00:85:a2:a9:43:90:28:df:dd:33:f3:
3a:ea:4b:45:b2:6d:aa:14:77:3b:6c:2d:40:1c:6c:
fd:00:eb:a4:36:6c:84:d8:ca:d8:1e:e3:41:e6:48:
a3:98:9c:d7:46:5f:45:28:4a:d2:b7:89:fa:bd:3e:
da:1d:8e:25:dd:93:65:ec:82:73:44:a1:db:be:8d:
da:9c:2e:e9:44:1e:7f:b5:94:34:c1:fc:68:5a:d3:
32:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BA:D7:CD:B8:C9:FE:20:F9:BC:E2:73:72:50:CB:47:F6:2D:26:3A
X509v3 Authority Key Identifier:
keyid:0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/RLrXzbjJ_iD5vOJzclDLR_YtJjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.59.0/24
193.150.128.0/23
IPv6:
2a10:24c0:272::/48
2a10:24c0:6c2::/48
2a10:24c0:ada1::/48
Signature Algorithm: sha256WithRSAEncryption
bd:c4:18:94:c5:16:d0:73:b9:30:27:cd:8c:f5:1a:60:b4:04:
89:1f:f1:56:bc:fa:ae:1f:d2:7b:70:13:9f:ec:92:2c:e5:c0:
63:44:1d:0d:76:2c:4d:6b:c6:c8:7d:90:57:17:8e:f5:24:dd:
8f:9d:e5:24:79:09:00:06:7b:a8:24:9d:61:9b:8a:74:95:7e:
35:fc:ff:8c:e2:24:37:51:a1:f2:b5:a8:59:a2:51:d6:f5:7f:
b6:34:c9:e1:9b:bd:32:a5:38:57:bd:6e:7d:2a:d5:5c:d0:53:
c5:a3:99:a3:9e:ad:61:79:3f:13:70:75:82:50:3e:c0:ed:37:
4b:2a:fa:1d:bf:df:17:8b:1b:c8:54:82:02:42:b4:36:f7:34:
4a:ed:1f:5c:be:97:3e:93:b7:c0:c6:5e:df:13:44:81:53:88:
57:4d:8c:98:16:02:9c:56:ac:45:c1:88:77:fe:5d:24:44:16:
97:e5:1c:5e:81:97:67:f1:d2:bf:8f:19:d2:5b:f4:d4:1d:d9:
7f:d3:79:e5:e9:c2:08:9f:5e:f8:39:26:2a:6b:b9:2b:bb:2e:
63:78:11:bd:4c:33:b7:f4:d8:01:15:16:7d:37:03:7d:4b:01:
ff:a5:25:b9:4b:11:1c:43:27:c9:3b:47:8b:2e:10:ec:f0:7b:
e8:b2:c6:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY9Vf+dr4sOz1vXeJLcxOyBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJkNjgyYzFhOGZjNTAzN2FkYmY2ODE0M2FlNzdmZDAw
ZjM4YWIwHhcNMjQwNTA3MjM1OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJhZDdjZGI4YzlmZTIwZjliY2UyNzM3MjUwY2I0N2Y2MmQyNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GyPGkpkmv+mglhw/7C8dYIplMRo
hhRhzcTVrAADlWQpRHTYQhustmxu6ecxGje8ofitixdqQUIFNWwSC3Vesj8MAfqE
d0yjQZQHAE1cbRsPZMUpxY2Bm4thhgfvnj59Hj40mb37aaF0VfwwXZKUZT9L8epA
uqnMD3LZ2LeGbEgQ2Vn1NIrobmhawsw8Zor7tldy4rrKhYDi83YbOqJ+8KWBLtGU
g0IhAIWiqUOQKN/dM/M66ktFsm2qFHc7bC1AHGz9AOukNmyE2MrYHuNB5kijmJzX
Rl9FKErSt4n6vT7aHY4l3ZNl7IJzRKHbvo3anC7pRB5/tZQ0wfxoWtMy5wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFES61824yf4g+bzic3JQy0f2LSY6MB8GA1UdIwQY
MBaAFAur1oLBqPxQN62/aBQ653/QDzirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUt
ZmFjM2Q1NTQzYTJjLzEvUkxyWHpiakpfaUQ1dk9KemNsRExSX1l0SmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUtZmFjM2Q1NTQzYTJj
LzEvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQAW+A7AwQB
wZaAMCEEAgACMBsDBwAqECTAAnIDBwAqECTABsIDBwAqECTAraEwDQYJKoZIhvcN
AQELBQADggEBAL3EGJTFFtBzuTAnzYz1GmC0BIkf8Va8+q4f0ntwE5/skizlwGNE
HQ12LE1rxsh9kFcXjvUk3Y+d5SR5CQAGe6gknWGbinSVfjX8/4ziJDdRofK1qFmi
Udb1f7Y0yeGbvTKlOFe9bn0q1VzQU8WjmaOerWF5PxNwdYJQPsDtN0sq+h2/3xeL
G8hUggJCtDb3NErtH1y+lz6Tt8DGXt8TRIFTiFdNjJgWApxWrEXBiHf+XSREFpfl
HF6Bl2fx0r+PGdJb9NQd2X/TeeXpwgifXvg5JipruSu7LmN4Eb1MM7f02AEVFn03
A31LAf+lJblLERxDJ8k7R4suEOzwe+iyxrM=
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:26:42 2025 by rpki-client