Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/yPUYnW8DEKEwI6w8yYv0lgnHhVY.roa
File: yPUYnW8DEKEwI6w8yYv0lgnHhVY.roa (raw, json)
Hash identifier: VF5SNvhHluvMPkB/HbdGXqoNbTV3zTqkS4SszjJrNBs=
Subject key identifier: C8:F5:18:9D:6F:03:10:A1:30:23:AC:3C:C9:8B:F4:96:09:C7:85:56
Certificate issuer: /CN=35dfb4a5bc5b75bd94aa447ba33f55571971ccf6
Certificate serial: 01900151F9235EDE050C26D028ABC43B3569
Authority key identifier: 35:DF:B4:A5:BC:5B:75:BD:94:AA:44:7B:A3:3F:55:57:19:71:CC:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/yPUYnW8DEKEwI6w8yYv0lgnHhVY.roa
Signing time: Mon 10 Jun 2024 08:44:27 +0000
ROA not before: Mon 10 Jun 2024 08:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57255
IP address blocks: 91.230.156.0/24 maxlen: 24
2a0e:f300::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Jun 2024 09:41:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:51:f9:23:5e:de:05:0c:26:d0:28:ab:c4:3b:35:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35dfb4a5bc5b75bd94aa447ba33f55571971ccf6
Validity
Not Before: Jun 10 08:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f5189d6f0310a13023ac3cc98bf49609c78556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:8a:58:1e:50:87:1d:1f:c2:6c:b3:d6:8f:
b6:1d:c3:74:80:94:79:58:f7:9b:9f:f7:60:8f:1d:
3f:5f:10:9d:d3:d3:a6:79:fe:dc:1c:ef:e5:5c:47:
20:55:f1:cf:6f:2e:65:0c:4f:56:f6:6d:52:19:7f:
0a:a8:21:85:d8:52:de:47:7a:b7:7a:01:b2:67:22:
a5:cf:f1:2f:e1:9d:8c:84:c0:b2:0b:18:67:51:92:
84:5d:7c:21:8e:5a:12:86:62:0c:da:e8:21:6e:16:
9d:78:34:1f:61:27:57:c2:43:8d:62:45:9a:a0:b6:
a6:95:31:ae:5e:5b:3f:46:48:46:f0:99:31:c8:33:
c8:3e:ad:eb:ce:1b:c4:c7:a1:af:03:14:c0:27:9a:
24:25:0f:08:94:af:07:f7:46:9b:02:8e:4e:f5:69:
c3:2e:16:a3:c4:b1:a4:13:17:54:00:82:6e:6c:34:
80:6e:da:83:6e:a2:a8:68:57:6c:1f:04:d6:46:4a:
81:55:8c:f3:64:fd:87:00:6b:e3:af:0f:2a:91:66:
68:6b:45:a3:4b:7e:cf:c1:65:c8:ff:e6:fa:08:bf:
f7:c6:ea:b8:3d:bd:31:b5:83:45:6f:93:4f:73:b3:
1e:d8:fd:a4:ba:b0:7d:4d:02:55:6c:ce:01:f0:5c:
85:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F5:18:9D:6F:03:10:A1:30:23:AC:3C:C9:8B:F4:96:09:C7:85:56
X509v3 Authority Key Identifier:
keyid:35:DF:B4:A5:BC:5B:75:BD:94:AA:44:7B:A3:3F:55:57:19:71:CC:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/yPUYnW8DEKEwI6w8yYv0lgnHhVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/01c31f-ee3c-435a-bfed-ef88b2cfe872/1/Nd-0pbxbdb2UqkR7oz9VVxlxzPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.156.0/24
IPv6:
2a0e:f300::/29
Signature Algorithm: sha256WithRSAEncryption
5b:ff:d5:d3:04:1c:6f:31:af:89:2f:6b:05:53:5a:d1:4a:f1:
59:3a:38:07:6d:62:7d:0e:7b:54:54:cf:70:75:47:65:59:13:
aa:7e:2d:73:c3:bf:a2:92:48:51:f8:71:8c:96:19:85:b5:fa:
f4:34:dc:27:08:6e:de:5c:4e:33:75:8d:25:07:5b:65:c2:e0:
d8:18:c9:eb:a0:57:bd:fc:6c:08:42:a7:af:30:7d:d5:a2:fd:
2e:9d:c8:68:0d:7a:4b:2a:fd:e1:e4:dc:a9:48:0e:11:ed:39:
63:d5:57:7b:9f:b4:93:ba:ea:61:e3:58:a1:aa:26:d8:1c:b2:
2c:72:2b:fb:cf:d2:81:bb:df:6c:2c:b9:67:61:30:c9:22:62:
48:60:7c:c6:01:e6:f4:27:0b:aa:64:66:d8:c1:7e:ad:79:25:
3e:04:3e:23:a1:bc:f2:02:c7:24:50:b7:b1:27:1a:f4:b0:ea:
d4:8c:3a:a0:14:a1:18:45:0a:31:4c:cc:6b:79:35:1f:c2:9a:
88:10:6a:f1:75:7d:87:1e:2d:f3:84:04:50:4a:d7:39:f2:14:
66:4b:f5:da:9b:bf:76:c6:4b:70:41:67:2f:2a:f5:2c:e3:0f:
e1:01:22:8d:c0:82:15:27:d5:24:f5:81:53:ca:11:b2:df:78:
46:5c:76:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZABUfkjXt4FDCbQKKvEOzVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZGZiNGE1YmM1Yjc1YmQ5NGFhNDQ3YmEzM2Y1NTU3MTk3
MWNjZjYwHhcNMjQwNjEwMDg0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY1MTg5ZDZmMDMxMGExMzAyM2FjM2NjOThiZjQ5NjA5Yzc4NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykOKWB5Qhx0fwmyz1o+2HcN0gJR5
WPebn/dgjx0/XxCd09Omef7cHO/lXEcgVfHPby5lDE9W9m1SGX8KqCGF2FLeR3q3
egGyZyKlz/Ev4Z2MhMCyCxhnUZKEXXwhjloShmIM2ughbhadeDQfYSdXwkONYkWa
oLamlTGuXls/RkhG8JkxyDPIPq3rzhvEx6GvAxTAJ5okJQ8IlK8H90abAo5O9WnD
LhajxLGkExdUAIJubDSAbtqDbqKoaFdsHwTWRkqBVYzzZP2HAGvjrw8qkWZoa0Wj
S37PwWXI/+b6CL/3xuq4Pb0xtYNFb5NPc7Me2P2kurB9TQJVbM4B8FyF+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMj1GJ1vAxChMCOsPMmL9JYJx4VWMB8GA1UdIwQY
MBaAFDXftKW8W3W9lKpEe6M/VVcZccz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmQtMHBieGJkYjJVcWtSN296OVZWeGx4elBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wMWMzMWYtZWUzYy00MzVhLWJmZWQt
ZWY4OGIyY2ZlODcyLzEveVBVWW5XOERFS0V3STZ3OHlZdjBsZ25IaFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wMWMzMWYtZWUzYy00MzVhLWJmZWQtZWY4OGIyY2ZlODcy
LzEvTmQtMHBieGJkYjJVcWtSN296OVZWeGx4elBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+acMA0E
AgACMAcDBQMqDvMAMA0GCSqGSIb3DQEBCwUAA4IBAQBb/9XTBBxvMa+JL2sFU1rR
SvFZOjgHbWJ9DntUVM9wdUdlWROqfi1zw7+ikkhR+HGMlhmFtfr0NNwnCG7eXE4z
dY0lB1tlwuDYGMnroFe9/GwIQqevMH3Vov0unchoDXpLKv3h5NypSA4R7Tlj1Vd7
n7STuuph41ihqibYHLIsciv7z9KBu99sLLlnYTDJImJIYHzGAeb0JwuqZGbYwX6t
eSU+BD4jobzyAsckULexJxr0sOrUjDqgFKEYRQoxTMxreTUfwpqIEGrxdX2HHi3z
hARQStc58hRmS/Xam792xktwQWcvKvUs4w/hASKNwIIVJ9Uk9YFTyhGy33hGXHZw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:03 2025 by rpki-client