Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/piWo43DbZX9YBWSIu4-BH8MuSEk.roa
File: piWo43DbZX9YBWSIu4-BH8MuSEk.roa (raw, json)
Hash identifier: NKjoGL/9gGnPUfB2mUuAOR7MYw6V/G7vGz18VYOYV2Q=
Subject key identifier: A6:25:A8:E3:70:DB:65:7F:58:05:64:88:BB:8F:81:1F:C3:2E:48:49
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 01857082CDBB8208C22E1B7A58BD8F450F4B
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/piWo43DbZX9YBWSIu4-BH8MuSEk.roa
Signing time: Mon 02 Jan 2023 03:24:58 +0000
ROA not before: Mon 02 Jan 2023 03:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196716
IP address blocks: 91.213.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:cd:bb:82:08:c2:2e:1b:7a:58:bd:8f:45:0f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Jan 2 03:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a625a8e370db657f58056488bb8f811fc32e4849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:17:5a:1a:d3:69:cb:94:cb:79:83:9b:22:
75:90:96:b0:80:8d:80:c9:97:99:a4:d4:fe:3f:a8:
f5:7f:45:4f:b6:a4:06:e4:9c:e0:94:cc:60:60:b3:
62:5f:9b:3d:fe:bd:9e:82:7c:1b:f0:91:f0:b4:d1:
23:8b:40:a8:80:c7:3b:ec:fa:6a:0c:33:09:9f:9a:
3e:7c:42:af:66:05:be:95:91:49:c5:91:ff:2c:5b:
cf:7b:a9:3b:5e:a9:59:7f:74:ce:40:52:52:af:50:
2c:eb:a7:88:61:8e:76:e7:0e:a6:b7:f6:9f:f8:99:
4f:d5:44:ed:11:14:df:a5:48:ca:47:01:b4:9f:8d:
d4:60:32:19:87:1b:19:d0:b4:b3:fd:c6:b5:7f:db:
e3:d6:9d:7f:83:89:0e:93:aa:ab:a1:16:c0:40:3c:
a3:35:47:ee:96:d9:8e:14:57:f4:b7:37:f7:78:ae:
08:6f:5b:f0:76:0b:60:73:39:c3:eb:80:a3:dd:8d:
b2:07:f4:d9:34:88:f7:11:42:cf:20:65:f2:61:7f:
a0:0d:40:ae:17:1b:bf:45:0f:fe:d8:f1:38:5c:2d:
a4:29:a6:99:90:ac:f0:74:b7:85:2b:9b:b8:2b:43:
4a:f0:61:c9:58:7c:fc:88:4c:74:70:66:d2:89:d5:
7d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:25:A8:E3:70:DB:65:7F:58:05:64:88:BB:8F:81:1F:C3:2E:48:49
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/piWo43DbZX9YBWSIu4-BH8MuSEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:6d:4a:7b:b1:57:ec:e0:71:e5:ea:87:d2:ee:d9:95:79:87:
68:bc:4f:cc:a4:88:6b:5a:36:c0:ad:fe:81:c0:68:5e:75:95:
c7:ef:b2:20:aa:20:ea:be:fe:5b:be:22:c4:ff:6e:c0:55:f1:
9e:59:ef:2c:5f:f4:ef:4a:a7:9b:ce:59:fa:91:eb:ff:42:bb:
5b:37:09:d0:99:d4:e2:07:84:2c:9e:af:dd:fc:22:47:6b:b8:
c3:9d:f2:62:b2:3c:52:b7:1e:d8:ff:a6:45:11:68:8f:db:20:
bb:b5:1a:24:2f:7b:e0:74:f2:30:88:2b:88:44:38:64:e0:f6:
a1:84:84:cf:8f:30:14:df:f0:f2:3c:99:37:b4:f2:75:1d:0d:
e0:2c:ca:e7:b7:05:3a:59:a2:8d:e4:f1:6e:6c:58:30:95:1f:
24:28:b6:e8:43:a4:a7:0c:52:a7:b8:86:ca:42:99:81:48:e6:
8a:bc:7b:7d:b1:05:f8:f9:9d:e2:38:49:b9:36:e8:41:18:41:
ce:2a:80:bf:42:d1:85:e8:2f:ce:b5:d6:ba:a8:29:8e:6d:5c:
77:f7:d5:30:aa:bb:91:3f:f5:2e:2f:01:36:f2:dd:5c:32:a9:
ed:b9:e9:32:7f:8f:3a:74:5b:ab:82:58:45:a4:3f:3c:a6:46:
22:69:e8:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgs27ggjCLht6WL2PRQ9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGUyMzhlMzBkY2I3NTk3NTlmYjhhMzk0ZDllMjExYTI4
YjlkODcwHhcNMjMwMTAyMDMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI1YThlMzcwZGI2NTdmNTgwNTY0ODhiYjhmODExZmMzMmU0ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx8XWhrTacuUy3mDmyJ1kJawgI2A
yZeZpNT+P6j1f0VPtqQG5JzglMxgYLNiX5s9/r2egnwb8JHwtNEji0CogMc77Ppq
DDMJn5o+fEKvZgW+lZFJxZH/LFvPe6k7XqlZf3TOQFJSr1As66eIYY525w6mt/af
+JlP1UTtERTfpUjKRwG0n43UYDIZhxsZ0LSz/ca1f9vj1p1/g4kOk6qroRbAQDyj
NUfultmOFFf0tzf3eK4Ib1vwdgtgcznD64Cj3Y2yB/TZNIj3EULPIGXyYX+gDUCu
Fxu/RQ/+2PE4XC2kKaaZkKzwdLeFK5u4K0NK8GHJWHz8iEx0cGbSidV9bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYlqONw22V/WAVkiLuPgR/DLkhJMB8GA1UdIwQY
MBaAFICOI44w3LdZdZ+4o5TZ4hGii52HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDkt
Y2Q5NzQwNDI2NDlmLzEvcGlXbzQzRGJaWDlZQldTSXU0LUJIOE11U0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDktY2Q5NzQwNDI2NDlm
LzEvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9V9MA0G
CSqGSIb3DQEBCwUAA4IBAQB8bUp7sVfs4HHl6ofS7tmVeYdovE/MpIhrWjbArf6B
wGhedZXH77IgqiDqvv5bviLE/27AVfGeWe8sX/TvSqebzln6kev/QrtbNwnQmdTi
B4Qsnq/d/CJHa7jDnfJisjxStx7Y/6ZFEWiP2yC7tRokL3vgdPIwiCuIRDhk4Pah
hITPjzAU3/DyPJk3tPJ1HQ3gLMrntwU6WaKN5PFubFgwlR8kKLboQ6SnDFKnuIbK
QpmBSOaKvHt9sQX4+Z3iOEm5NuhBGEHOKoC/QtGF6C/Otda6qCmObVx399UwqruR
P/UuLwE28t1cMqntuekyf486dFurglhFpD88pkYiaejy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:02 2024 by rpki-client on console-fra.rpki-client.org