Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/RbVJZmzhkhOYnKwg1xWSfZ3FU5U.roa
File: RbVJZmzhkhOYnKwg1xWSfZ3FU5U.roa (raw, json)
Hash identifier: 6MJpj2K6XOQh1MOVXsT2WOy0Yrxk9l4zVX/OfpkZaOw=
Subject key identifier: 45:B5:49:66:6C:E1:92:13:98:9C:AC:20:D7:15:92:7D:9D:C5:53:95
Certificate issuer: /CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Certificate serial: 018CC8DF7918842C1BF928972F83526C72CE
Authority key identifier: 62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/RbVJZmzhkhOYnKwg1xWSfZ3FU5U.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56452
IP address blocks: 91.223.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:79:18:84:2c:1b:f9:28:97:2f:83:52:6c:72:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6278a768c910badcd5c4aef7c172a9f061547e8c
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45b549666ce19213989cac20d715927d9dc55395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:65:35:cf:b3:29:41:61:6d:2e:9f:f9:a1:
05:b6:78:9e:69:e5:9e:7c:ae:29:0f:00:42:c3:2c:
f4:73:17:60:b2:7e:b3:0d:b6:66:26:de:87:5a:03:
0d:bb:64:cf:ed:dd:0b:96:af:f3:84:8f:90:71:b4:
d7:17:72:2d:ab:23:01:15:94:01:68:e5:0c:32:b6:
1d:e5:db:78:c2:c0:95:8b:26:8e:df:68:36:87:c8:
91:20:9f:f2:ca:80:ce:5f:f9:89:9a:dd:65:5c:f7:
4d:4f:0b:c4:0c:58:db:82:14:64:d5:aa:9d:4b:da:
34:ca:5d:f1:37:de:62:e4:fc:19:a3:fb:b2:a1:77:
57:0c:cb:40:00:4e:a1:e1:51:76:eb:00:1c:21:d5:
6a:81:78:7c:92:29:f0:6a:c4:11:75:1a:f0:e9:71:
af:84:32:e2:7f:6d:d3:c3:11:f3:2e:5d:7b:9d:ba:
2f:84:e0:97:a8:44:1e:0c:79:ee:55:4f:46:87:5b:
1a:a9:f2:64:39:0c:63:a3:16:79:86:2e:89:de:33:
aa:bb:4c:80:1f:3d:6c:9b:0d:81:8a:53:66:5a:73:
f5:93:2e:04:2e:f9:1c:b5:6a:ad:05:40:ec:95:71:
c2:39:ad:7f:3d:7f:19:76:94:87:a9:47:ab:9e:bf:
9d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B5:49:66:6C:E1:92:13:98:9C:AC:20:D7:15:92:7D:9D:C5:53:95
X509v3 Authority Key Identifier:
keyid:62:78:A7:68:C9:10:BA:DC:D5:C4:AE:F7:C1:72:A9:F0:61:54:7E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YninaMkQutzVxK73wXKp8GFUfow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/RbVJZmzhkhOYnKwg1xWSfZ3FU5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/42dfc0-a764-4d5d-a634-3454f490fd96/1/YninaMkQutzVxK73wXKp8GFUfow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.162.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:de:a4:0a:35:da:56:8a:29:f1:db:dd:2d:04:d8:fa:81:81:
f1:aa:0a:dd:53:4e:1c:da:52:c5:62:aa:f1:1d:11:76:25:8f:
0d:76:04:bd:2b:da:70:81:e3:0d:4d:51:30:06:fc:41:4c:f5:
f5:c2:75:41:fc:b1:7c:e1:1a:e5:c4:a1:45:6a:dd:aa:f0:e2:
03:82:c7:3a:a3:d5:5c:6c:13:8d:50:41:f9:3f:95:d6:8f:7b:
3a:da:03:a9:cb:67:9b:e2:15:b4:f1:f4:87:ea:4d:f7:d9:c7:
08:38:b7:ca:f5:91:ce:48:c2:61:ea:ca:a9:37:bd:db:9a:03:
6a:09:ad:d4:62:33:5e:19:6e:a0:6c:00:5e:f6:dc:42:11:71:
b0:d8:9f:7f:6c:20:21:8d:e7:75:83:b6:92:33:0b:14:64:f2:
03:a9:3b:25:ac:7a:3c:c0:5c:79:27:d8:73:3d:f1:f0:a0:ea:
16:7e:d1:aa:fd:9d:a8:53:b8:d4:2b:9d:9f:51:78:39:0d:a8:
09:c6:d1:39:6a:e0:d4:30:ba:f3:dd:cc:6f:db:0d:f4:a2:5b:
ad:d7:4b:db:32:82:a7:e1:53:8a:16:b2:18:46:db:37:dd:5e:
43:55:ac:7c:c1:2c:79:c0:1d:fc:b5:ba:a1:50:a1:0b:2f:60:
f2:e7:1d:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33kYhCwb+SiXL4NSbHLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzhhNzY4YzkxMGJhZGNkNWM0YWVmN2MxNzJhOWYwNjE1
NDdlOGMwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWI1NDk2NjZjZTE5MjEzOTg5Y2FjMjBkNzE1OTI3ZDlkYzU1Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDZlNc+zKUFhbS6f+aEFtnieaeWe
fK4pDwBCwyz0cxdgsn6zDbZmJt6HWgMNu2TP7d0Llq/zhI+QcbTXF3ItqyMBFZQB
aOUMMrYd5dt4wsCViyaO32g2h8iRIJ/yyoDOX/mJmt1lXPdNTwvEDFjbghRk1aqd
S9o0yl3xN95i5PwZo/uyoXdXDMtAAE6h4VF26wAcIdVqgXh8kinwasQRdRrw6XGv
hDLif23TwxHzLl17nbovhOCXqEQeDHnuVU9Gh1saqfJkOQxjoxZ5hi6J3jOqu0yA
Hz1smw2BilNmWnP1ky4ELvkctWqtBUDslXHCOa1/PX8ZdpSHqUernr+dlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEW1SWZs4ZITmJysINcVkn2dxVOVMB8GA1UdIwQY
MBaAFGJ4p2jJELrc1cSu98FyqfBhVH6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQt
MzQ1NGY0OTBmZDk2LzEvUmJWSlptemhraE9Zbkt3ZzF4V1NmWjNGVTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80MmRmYzAtYTc2NC00ZDVkLWE2MzQtMzQ1NGY0OTBmZDk2
LzEvWW5pbmFNa1F1dHpWeEs3M3dYS3A4R0ZVZm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+iMA0G
CSqGSIb3DQEBCwUAA4IBAQA63qQKNdpWiinx290tBNj6gYHxqgrdU04c2lLFYqrx
HRF2JY8NdgS9K9pwgeMNTVEwBvxBTPX1wnVB/LF84RrlxKFFat2q8OIDgsc6o9Vc
bBONUEH5P5XWj3s62gOpy2eb4hW08fSH6k332ccIOLfK9ZHOSMJh6sqpN73bmgNq
Ca3UYjNeGW6gbABe9txCEXGw2J9/bCAhjed1g7aSMwsUZPIDqTslrHo8wFx5J9hz
PfHwoOoWftGq/Z2oU7jUK52fUXg5DagJxtE5auDUMLrz3cxv2w30olut10vbMoKn
4VOKFrIYRts33V5DVax8wSx5wB38tbqhUKELL2Dy5x0I
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:11 2025 by rpki-client