Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/CD0VZBi5-qqM8C-6Z5F4l0a0HSQ.roa
File: CD0VZBi5-qqM8C-6Z5F4l0a0HSQ.roa (raw, json)
Hash identifier: m/EzCC5ykIUMMAg8jmdA7PnlAXBGlYKrqb0zMkhXiKM=
Subject key identifier: 08:3D:15:64:18:B9:FA:AA:8C:F0:2F:BA:67:91:78:97:46:B4:1D:24
Certificate issuer: /CN=4ce488c6401c8f5e969e15d64651fb4b2d2dcdf7
Certificate serial: 018CCA2A35D54E301094A64E16F5F0CC93FF
Authority key identifier: 4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/CD0VZBi5-qqM8C-6Z5F4l0a0HSQ.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51735
IP address blocks: 91.220.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:35:d5:4e:30:10:94:a6:4e:16:f5:f0:cc:93:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce488c6401c8f5e969e15d64651fb4b2d2dcdf7
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=083d156418b9faaa8cf02fba6791789746b41d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:56:52:1a:87:eb:70:a2:af:99:26:cd:49:be:
e5:f7:cf:ed:ed:e2:5f:58:b1:5b:d9:a7:11:4e:06:
24:9b:46:4a:29:0c:ac:b1:46:ef:56:41:64:09:ac:
4d:55:06:10:01:67:9d:12:fe:45:21:a9:91:df:74:
b4:b2:5b:ad:9e:cc:8b:6f:35:69:77:08:23:6d:aa:
31:d6:b4:b1:9a:41:8f:0c:ee:6c:89:27:98:ae:56:
a8:94:c4:45:f9:08:14:2d:49:27:80:26:a5:51:ef:
30:6c:a5:93:55:96:d2:e9:2b:ec:05:dd:17:cf:9b:
24:25:81:bb:b6:00:ec:fd:e8:1d:0d:2c:b0:25:d0:
13:b6:55:0c:16:83:31:88:e9:d8:84:7b:d5:f7:ec:
a7:b1:a5:7b:db:61:a4:62:c6:dc:b3:24:c3:6b:5b:
a4:8c:44:46:7b:c3:9a:5b:c5:61:06:84:73:73:ad:
14:4e:fb:cd:92:8d:10:c5:52:24:e4:2b:1a:34:fe:
a9:0d:77:7e:ba:aa:68:c5:57:29:2f:a5:40:86:ad:
c7:4b:b0:58:df:56:2c:fa:9a:1b:3d:dc:81:df:c1:
32:c4:5a:11:11:55:6a:4e:c4:1d:92:d9:2b:91:ea:
6d:9d:03:57:f7:f4:ba:4c:d8:b8:66:2d:0b:cd:39:
63:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3D:15:64:18:B9:FA:AA:8C:F0:2F:BA:67:91:78:97:46:B4:1D:24
X509v3 Authority Key Identifier:
keyid:4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/CD0VZBi5-qqM8C-6Z5F4l0a0HSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/TOSIxkAcj16WnhXWRlH7Sy0tzfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.78.0/24
Signature Algorithm: sha256WithRSAEncryption
13:85:37:97:ec:90:86:9a:16:84:64:6c:44:57:9c:40:f6:b5:
18:3e:ae:c0:cf:13:b9:04:29:b9:69:57:2a:de:49:91:49:11:
fc:4e:96:18:e9:1a:35:31:1c:7e:5d:d1:cc:1d:a9:ca:46:11:
5b:f0:dd:93:be:19:dd:69:0f:96:56:87:87:4f:9a:70:89:2a:
63:7b:d4:b0:54:d6:f2:04:67:be:5a:69:36:73:e2:63:69:e8:
81:c5:ea:33:b3:64:93:51:ad:65:74:f0:7f:ab:9e:6a:75:20:
29:d7:65:60:d9:84:2f:8a:e9:b5:75:b0:e2:ba:4d:1c:93:4a:
92:55:cc:58:36:90:18:e4:03:6d:f0:af:74:bf:10:74:35:af:
d9:25:d8:34:28:68:78:ed:32:20:6c:7f:80:f3:0e:b1:41:65:
98:e5:97:88:1e:ee:88:9d:b4:21:bd:84:4e:44:93:a0:61:37:
de:ee:19:30:3e:8c:33:ff:5b:fa:b4:39:75:58:32:8e:a3:aa:
74:13:ae:2f:90:a8:69:22:18:28:7c:72:0d:56:7d:8a:fe:46:
42:17:29:c2:65:0f:95:72:d7:c7:c2:dd:12:83:1e:fe:f7:12:
5f:9d:cd:87:cd:36:75:2b:21:19:5c:26:d7:df:41:11:99:a7:
31:08:60:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjXVTjAQlKZOFvXwzJP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTQ4OGM2NDAxYzhmNWU5NjllMTVkNjQ2NTFmYjRiMmQy
ZGNkZjcwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODNkMTU2NDE4YjlmYWFhOGNmMDJmYmE2NzkxNzg5NzQ2YjQxZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1ZSGofrcKKvmSbNSb7l98/t7eJf
WLFb2acRTgYkm0ZKKQyssUbvVkFkCaxNVQYQAWedEv5FIamR33S0slutnsyLbzVp
dwgjbaox1rSxmkGPDO5siSeYrlaolMRF+QgULUkngCalUe8wbKWTVZbS6SvsBd0X
z5skJYG7tgDs/egdDSywJdATtlUMFoMxiOnYhHvV9+ynsaV722GkYsbcsyTDa1uk
jERGe8OaW8VhBoRzc60UTvvNko0QxVIk5CsaNP6pDXd+uqpoxVcpL6VAhq3HS7BY
31Ys+pobPdyB38EyxFoREVVqTsQdktkrkeptnQNX9/S6TNi4Zi0LzTljXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAg9FWQYufqqjPAvumeReJdGtB0kMB8GA1UdIwQY
MBaAFEzkiMZAHI9elp4V1kZR+0stLc33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9TSXhrQWNqMTZXbmhYV1JsSDdTeTB0emZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jNWM1OTUtMjY3My00ZDVmLThhODUt
YWU4YzgxZjk2ZjQyLzEvQ0QwVlpCaTUtcXFNOEMtNlo1RjRsMGEwSFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jNWM1OTUtMjY3My00ZDVmLThhODUtYWU4YzgxZjk2ZjQy
LzEvVE9TSXhrQWNqMTZXbmhYV1JsSDdTeTB0emZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xOMA0G
CSqGSIb3DQEBCwUAA4IBAQAThTeX7JCGmhaEZGxEV5xA9rUYPq7AzxO5BCm5aVcq
3kmRSRH8TpYY6Ro1MRx+XdHMHanKRhFb8N2TvhndaQ+WVoeHT5pwiSpje9SwVNby
BGe+Wmk2c+JjaeiBxeozs2STUa1ldPB/q55qdSAp12Vg2YQvium1dbDiuk0ck0qS
VcxYNpAY5ANt8K90vxB0Na/ZJdg0KGh47TIgbH+A8w6xQWWY5ZeIHu6InbQhvYRO
RJOgYTfe7hkwPowz/1v6tDl1WDKOo6p0E64vkKhpIhgofHINVn2K/kZCFynCZQ+V
ctfHwt0Sgx7+9xJfnc2HzTZ1KyEZXCbX30ERmacxCGBA
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:17 2025 by rpki-client