Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/842b5b-985c-44d7-9598-039dea50694e/1/i4mdWUt5B0nO7gdapswmaEMVL6E.roa
File: i4mdWUt5B0nO7gdapswmaEMVL6E.roa (raw, json)
Hash identifier: xvh7XJd0vkHycVx/UodUkpmEI2HT89oU16JSmltqSx0=
Subject key identifier: 8B:89:9D:59:4B:79:07:49:CE:EE:07:5A:A6:CC:26:68:43:15:2F:A1
Certificate issuer: /CN=dc82d2c7eb5fa543e32f1eee19cd35a5673cfae6
Certificate serial: 018F0AE1D386D34EB4F309FD5CC881F5AAF1
Authority key identifier: DC:82:D2:C7:EB:5F:A5:43:E3:2F:1E:EE:19:CD:35:A5:67:3C:FA:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ILSx-tfpUPjLx7uGc01pWc8-uY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/842b5b-985c-44d7-9598-039dea50694e/1/i4mdWUt5B0nO7gdapswmaEMVL6E.roa
Signing time: Tue 23 Apr 2024 12:15:22 +0000
ROA not before: Tue 23 Apr 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199006
IP address blocks: 91.198.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:e1:d3:86:d3:4e:b4:f3:09:fd:5c:c8:81:f5:aa:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc82d2c7eb5fa543e32f1eee19cd35a5673cfae6
Validity
Not Before: Apr 23 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b899d594b790749ceee075aa6cc266843152fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b0:52:c5:98:c0:f5:0f:4b:24:66:b4:d6:d7:
b8:6f:c6:e7:cc:2f:63:0a:84:f1:09:b1:e4:bb:c5:
32:e3:d7:4b:70:ad:de:0e:31:84:5f:42:11:85:5d:
a5:c1:c1:f5:51:ce:8a:a8:f5:d6:36:ac:f1:57:b1:
a5:3c:42:e6:d5:6a:0c:98:d5:72:8f:89:14:54:4b:
6f:3d:4b:e5:b7:a1:d7:4a:a8:e1:50:61:c3:b4:77:
df:8b:b5:27:e3:24:54:14:86:a8:b9:a7:62:56:fe:
f8:96:c5:c2:fe:61:f9:78:a9:52:33:a1:cc:e5:e6:
c4:31:1d:b1:eb:8b:e3:31:b0:7d:8a:13:50:90:1e:
51:93:c6:47:ed:7f:c3:f5:8e:a7:93:89:03:11:02:
d7:48:4c:8d:57:60:e0:11:ed:af:c7:de:8c:ac:f4:
ed:c4:a0:a8:d6:8a:58:eb:dd:c7:23:6a:ef:b8:f7:
58:5d:fa:98:dc:87:4b:f7:b4:5c:64:18:50:23:8f:
0d:a1:87:93:4b:94:89:b8:0a:c4:de:c7:7c:9e:79:
96:30:3d:cf:6d:64:68:18:b6:ad:f7:8c:28:b0:29:
fe:c0:98:2a:62:ce:b8:44:61:46:a1:e2:fc:68:11:
11:a5:f3:b4:49:e5:d9:9e:64:50:f8:b2:5b:65:c6:
85:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:89:9D:59:4B:79:07:49:CE:EE:07:5A:A6:CC:26:68:43:15:2F:A1
X509v3 Authority Key Identifier:
keyid:DC:82:D2:C7:EB:5F:A5:43:E3:2F:1E:EE:19:CD:35:A5:67:3C:FA:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ILSx-tfpUPjLx7uGc01pWc8-uY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/842b5b-985c-44d7-9598-039dea50694e/1/i4mdWUt5B0nO7gdapswmaEMVL6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/842b5b-985c-44d7-9598-039dea50694e/1/3ILSx-tfpUPjLx7uGc01pWc8-uY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.125.0/24
Signature Algorithm: sha256WithRSAEncryption
81:52:ba:d3:64:fa:94:e2:58:b7:77:1d:6f:14:82:b8:76:9b:
24:9e:ad:80:bf:98:a3:29:de:d8:8b:71:3e:af:01:85:44:45:
a4:54:85:f1:26:b9:09:ce:4f:9d:94:69:00:49:5c:17:d2:7f:
e1:3a:4a:3a:78:e4:96:75:64:7f:23:28:f1:2e:08:c0:c5:69:
bf:58:38:dc:37:5a:32:7f:9d:1e:01:12:50:bd:9a:e9:2e:d6:
72:41:56:2b:48:9a:d7:d8:4d:5a:7f:3a:53:46:26:32:98:40:
80:0c:86:d2:c3:71:94:dc:6f:f8:3a:7f:f6:2d:b3:fb:24:a2:
ae:f4:14:c2:58:f2:a5:75:44:42:ea:f9:89:f1:b8:cd:53:6c:
c8:40:e9:49:83:89:7b:a2:c2:4e:6b:ba:60:5b:e3:8b:a1:35:
1e:7e:ae:e3:ae:2d:52:2a:9e:2f:0d:a3:81:8e:3f:29:d3:02:
20:bd:8e:5a:f4:c0:51:a7:ae:dc:93:0a:96:97:3f:b4:85:b4:
e8:ca:fd:d7:36:5c:bc:3b:b6:f4:48:34:6a:6b:f5:4a:18:35:
b3:7c:db:a1:56:c7:8b:53:55:34:fe:b8:40:15:f1:e1:65:1e:
ce:b0:a4:d4:e2:28:1b:89:d5:3c:aa:d5:7a:3b:40:01:c3:44:
56:a9:ea:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8K4dOG00608wn9XMiB9arxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODJkMmM3ZWI1ZmE1NDNlMzJmMWVlZTE5Y2QzNWE1Njcz
Y2ZhZTYwHhcNMjQwNDIzMTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjg5OWQ1OTRiNzkwNzQ5Y2VlZTA3NWFhNmNjMjY2ODQzMTUyZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7BSxZjA9Q9LJGa01te4b8bnzC9j
CoTxCbHku8Uy49dLcK3eDjGEX0IRhV2lwcH1Uc6KqPXWNqzxV7GlPELm1WoMmNVy
j4kUVEtvPUvlt6HXSqjhUGHDtHffi7Un4yRUFIaouadiVv74lsXC/mH5eKlSM6HM
5ebEMR2x64vjMbB9ihNQkB5Rk8ZH7X/D9Y6nk4kDEQLXSEyNV2DgEe2vx96MrPTt
xKCo1opY693HI2rvuPdYXfqY3IdL97RcZBhQI48NoYeTS5SJuArE3sd8nnmWMD3P
bWRoGLat94wosCn+wJgqYs64RGFGoeL8aBERpfO0SeXZnmRQ+LJbZcaFbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuJnVlLeQdJzu4HWqbMJmhDFS+hMB8GA1UdIwQY
MBaAFNyC0sfrX6VD4y8e7hnNNaVnPPrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lMU3gtdGZwVVBqTHg3dUdjMDFwV2M4LXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84NDJiNWItOTg1Yy00NGQ3LTk1OTgt
MDM5ZGVhNTA2OTRlLzEvaTRtZFdVdDVCMG5PN2dkYXBzd21hRU1WTDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84NDJiNWItOTg1Yy00NGQ3LTk1OTgtMDM5ZGVhNTA2OTRl
LzEvM0lMU3gtdGZwVVBqTHg3dUdjMDFwV2M4LXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8Z9MA0G
CSqGSIb3DQEBCwUAA4IBAQCBUrrTZPqU4li3dx1vFIK4dpsknq2Av5ijKd7Yi3E+
rwGFREWkVIXxJrkJzk+dlGkASVwX0n/hOko6eOSWdWR/IyjxLgjAxWm/WDjcN1oy
f50eARJQvZrpLtZyQVYrSJrX2E1afzpTRiYymECADIbSw3GU3G/4On/2LbP7JKKu
9BTCWPKldURC6vmJ8bjNU2zIQOlJg4l7osJOa7pgW+OLoTUefq7jri1SKp4vDaOB
jj8p0wIgvY5a9MBRp67ckwqWlz+0hbToyv3XNly8O7b0SDRqa/VKGDWzfNuhVseL
U1U0/rhAFfHhZR7OsKTU4igbidU8qtV6O0ABw0RWqepj
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:03 2025 by rpki-client