Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/69e7e4-e3ea-46a5-9867-1c8132d5f4b4/1/nEnE8WsxvFV0CW-FQ2K1qsFoKj4.roa
File: nEnE8WsxvFV0CW-FQ2K1qsFoKj4.roa (raw, json)
Hash identifier: ZyNEHY6OmlNM09dS5aLqNlzwfMtjGvvRLEIo8W0Bgc8=
Subject key identifier: 9C:49:C4:F1:6B:31:BC:55:74:09:6F:85:43:62:B5:AA:C1:68:2A:3E
Certificate issuer: /CN=5ac8f68ac415059d56d1938c375a5986a6fff4b1
Certificate serial: 018CC5DC1981C5DA409726965E763076EDE6
Authority key identifier: 5A:C8:F6:8A:C4:15:05:9D:56:D1:93:8C:37:5A:59:86:A6:FF:F4:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wsj2isQVBZ1W0ZOMN1pZhqb_9LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/69e7e4-e3ea-46a5-9867-1c8132d5f4b4/1/nEnE8WsxvFV0CW-FQ2K1qsFoKj4.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196731
IP address blocks: 91.212.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 12:24:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:19:81:c5:da:40:97:26:96:5e:76:30:76:ed:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac8f68ac415059d56d1938c375a5986a6fff4b1
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c49c4f16b31bc5574096f854362b5aac1682a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3e:5f:b8:db:60:8a:56:cd:d7:97:52:b4:86:
dd:22:79:55:fa:d3:b8:5f:ad:6b:5b:7b:04:c8:80:
5b:25:1e:54:47:10:67:56:4d:96:0e:0d:93:e4:64:
2b:6e:f9:28:4e:d1:d1:5b:92:5c:27:74:d5:d9:c2:
72:a7:14:35:e7:21:42:dd:33:44:06:68:3c:e9:bb:
bb:2b:6f:e5:6e:45:49:e1:cb:e3:2c:30:45:f2:9f:
d6:6d:93:ea:4c:d3:3a:a0:ae:19:19:98:01:ed:7e:
32:1c:4d:5f:18:2d:f5:bc:60:75:3b:cc:ed:13:10:
ef:b0:dd:e3:e6:b1:80:31:ef:66:f6:cb:c0:9a:e6:
91:25:f9:29:e9:9e:64:fc:48:c2:dd:a9:8d:7e:c2:
df:5d:6e:44:09:24:0d:f2:75:da:be:6e:7f:2e:7c:
a7:32:70:da:9b:24:11:fd:48:80:bf:f4:41:c6:31:
ca:04:b1:5f:c2:0e:da:21:36:6d:e1:21:8e:b1:39:
ff:a2:8a:7b:e1:6f:ef:d4:e3:67:fa:3d:b6:fe:54:
f8:cd:8b:e4:89:41:3c:2c:ef:00:ce:1b:fa:07:5c:
51:d7:c9:7b:12:76:a2:5e:90:52:60:80:96:a4:31:
7b:46:9c:5a:4f:18:a0:1d:4c:d9:77:9f:4d:87:b2:
b3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:49:C4:F1:6B:31:BC:55:74:09:6F:85:43:62:B5:AA:C1:68:2A:3E
X509v3 Authority Key Identifier:
keyid:5A:C8:F6:8A:C4:15:05:9D:56:D1:93:8C:37:5A:59:86:A6:FF:F4:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wsj2isQVBZ1W0ZOMN1pZhqb_9LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/69e7e4-e3ea-46a5-9867-1c8132d5f4b4/1/nEnE8WsxvFV0CW-FQ2K1qsFoKj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/69e7e4-e3ea-46a5-9867-1c8132d5f4b4/1/Wsj2isQVBZ1W0ZOMN1pZhqb_9LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.87.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c0:22:9c:67:2e:6d:21:c3:44:d5:7a:97:b1:b3:3f:36:e5:
b8:d8:e4:31:2e:49:d1:25:9c:23:18:14:96:b4:22:fc:c7:e4:
31:74:c0:37:95:52:c5:61:25:46:5a:e2:bf:6c:ff:c8:3e:20:
d8:c9:3f:2d:1e:ee:a4:22:eb:89:6a:d6:8e:a4:54:3f:df:e5:
ad:42:e0:27:4c:57:55:56:e7:d1:5f:fb:60:f5:31:9d:58:df:
55:11:52:03:ad:13:9f:f4:94:19:62:83:8c:01:2f:76:31:6c:
32:8d:89:7d:5d:16:76:3e:d2:cf:99:b1:c1:bc:d3:fc:2b:45:
eb:7d:55:19:4c:24:53:9e:cc:6a:a2:64:13:db:d9:c5:54:85:
de:52:5b:bb:55:bd:61:ea:bc:13:5d:5f:70:b9:7f:96:27:c8:
05:37:82:77:b3:18:f1:d3:c0:0e:96:d8:8b:53:dd:48:b7:90:
2c:09:c2:7e:56:30:58:fc:85:0f:2a:bf:8d:dd:87:0c:f3:28:
ec:0c:2d:ca:e8:a7:43:7d:4b:56:cb:6f:0b:54:b5:cc:b1:61:
de:5b:19:fe:3d:77:41:cf:2d:bd:66:1f:c8:1f:53:dd:69:05:
e9:29:7e:e8:9d:e0:40:e8:aa:71:03:fb:ed:85:5b:dd:b0:9d:
d9:c3:d5:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BmBxdpAlyaWXnYwdu3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzhmNjhhYzQxNTA1OWQ1NmQxOTM4YzM3NWE1OTg2YTZm
ZmY0YjEwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ5YzRmMTZiMzFiYzU1NzQwOTZmODU0MzYyYjVhYWMxNjgyYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD5fuNtgilbN15dStIbdInlV+tO4
X61rW3sEyIBbJR5URxBnVk2WDg2T5GQrbvkoTtHRW5JcJ3TV2cJypxQ15yFC3TNE
Bmg86bu7K2/lbkVJ4cvjLDBF8p/WbZPqTNM6oK4ZGZgB7X4yHE1fGC31vGB1O8zt
ExDvsN3j5rGAMe9m9svAmuaRJfkp6Z5k/EjC3amNfsLfXW5ECSQN8nXavm5/Lnyn
MnDamyQR/UiAv/RBxjHKBLFfwg7aITZt4SGOsTn/oop74W/v1ONn+j22/lT4zYvk
iUE8LO8Azhv6B1xR18l7EnaiXpBSYICWpDF7RpxaTxigHUzZd59Nh7KzqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxJxPFrMbxVdAlvhUNitarBaCo+MB8GA1UdIwQY
MBaAFFrI9orEFQWdVtGTjDdaWYam//SxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NqMmlzUVZCWjFXMFpPTU4xcFpocWJfOUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82OWU3ZTQtZTNlYS00NmE1LTk4Njct
MWM4MTMyZDVmNGI0LzEvbkVuRThXc3h2RlYwQ1ctRlEySzFxc0ZvS2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82OWU3ZTQtZTNlYS00NmE1LTk4NjctMWM4MTMyZDVmNGI0
LzEvV3NqMmlzUVZCWjFXMFpPTU4xcFpocWJfOUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RXMA0G
CSqGSIb3DQEBCwUAA4IBAQBfwCKcZy5tIcNE1XqXsbM/NuW42OQxLknRJZwjGBSW
tCL8x+QxdMA3lVLFYSVGWuK/bP/IPiDYyT8tHu6kIuuJataOpFQ/3+WtQuAnTFdV
VufRX/tg9TGdWN9VEVIDrROf9JQZYoOMAS92MWwyjYl9XRZ2PtLPmbHBvNP8K0Xr
fVUZTCRTnsxqomQT29nFVIXeUlu7Vb1h6rwTXV9wuX+WJ8gFN4J3sxjx08AOltiL
U91It5AsCcJ+VjBY/IUPKr+N3YcM8yjsDC3K6KdDfUtWy28LVLXMsWHeWxn+PXdB
zy29Zh/IH1PdaQXpKX7oneBA6KpxA/vthVvdsJ3Zw9X3
-----END CERTIFICATE-----
Generated at Tue Jan 30 16:41:42 2024 by rpki-client on console-fra.rpki-client.org