Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/G5MwbkXyCcFubwN2pGYMnLK51qM.roa
File: G5MwbkXyCcFubwN2pGYMnLK51qM.roa (raw, json)
Hash identifier: YfJhglHgkfOGLqW+r98g0GfGLORdSeSVs9NdaWV5TEc=
Subject key identifier: 1B:93:30:6E:45:F2:09:C1:6E:6F:03:76:A4:66:0C:9C:B2:B9:D6:A3
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01939693D1BC3F08C196F92531C79D63B6F0
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/G5MwbkXyCcFubwN2pGYMnLK51qM.roa
Signing time: Thu 05 Dec 2024 11:28:10 +0000
ROA not before: Thu 05 Dec 2024 11:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201334
IP address blocks: 85.91.116.0/24 maxlen: 24
85.91.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:93:d1:bc:3f:08:c1:96:f9:25:31:c7:9d:63:b6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Dec 5 11:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b93306e45f209c16e6f0376a4660c9cb2b9d6a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:31:eb:8c:4f:d4:b5:bc:e1:eb:c3:58:12:1d:
38:a2:fc:35:e2:f0:98:ea:e9:f1:5f:37:03:45:80:
97:95:cf:02:07:2b:f7:5d:ed:50:b8:6e:1e:84:5f:
90:b0:b0:55:a0:bc:7b:31:a7:11:38:c0:47:5b:e5:
03:a9:f2:c5:f8:20:f2:53:60:47:29:a6:6e:c3:9e:
e5:47:95:c0:78:a1:99:23:64:34:fb:aa:bc:1c:bc:
5b:b5:0e:4e:b4:85:87:e9:0a:1d:2e:0f:0b:db:f7:
6e:a5:77:c0:b0:68:a7:ff:49:b9:5c:7f:da:5e:8c:
ac:12:75:3d:3a:57:bd:50:72:68:46:e2:c9:05:e4:
7f:67:46:68:23:70:61:2b:6e:e1:38:9b:f4:d0:94:
24:41:65:6a:88:9a:3b:df:da:76:e0:57:4f:7f:af:
6c:89:9e:57:8e:ba:53:2d:da:60:82:8e:d3:4c:cc:
3b:f3:ee:53:dd:1b:b7:37:17:da:89:64:61:cc:3b:
a8:50:93:20:48:5f:f2:e5:2a:4d:30:ce:16:a8:26:
45:29:17:5b:ab:6f:f9:1b:c7:2b:70:b8:b5:f6:56:
9d:1c:19:ff:98:26:0a:ad:f1:f5:8f:f5:4e:5e:50:
44:58:98:0b:c9:a6:7b:12:85:ba:f5:ee:5f:43:48:
60:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:93:30:6E:45:F2:09:C1:6E:6F:03:76:A4:66:0C:9C:B2:B9:D6:A3
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/G5MwbkXyCcFubwN2pGYMnLK51qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.116.0/23
Signature Algorithm: sha256WithRSAEncryption
91:c6:92:4f:5e:39:86:4a:44:46:ee:de:1b:7f:c9:a6:3b:fc:
96:95:7f:ba:1e:47:83:e0:9c:d5:5c:bf:f9:46:38:b4:19:23:
2a:57:a0:21:1f:7e:c1:b3:a2:34:b2:45:6c:31:9a:f8:6d:85:
24:e1:d8:0f:e2:49:a3:08:39:6d:45:07:5c:45:55:cb:3f:9e:
66:bf:8e:75:0a:30:a9:8c:7c:01:6d:68:88:81:31:0c:c3:8c:
4f:ef:38:05:d5:07:38:4c:17:83:d4:b6:5e:ac:21:da:85:0a:
78:a5:0e:36:45:3c:3c:3c:a0:b9:85:45:30:c5:0e:39:2a:3f:
c6:c1:a4:9d:b6:47:30:46:eb:1d:3c:e0:42:17:42:df:39:5f:
6a:ad:9e:96:71:da:6c:13:b4:1d:c7:c5:95:93:75:8d:56:f9:
3a:4d:1d:8f:62:1e:fd:cb:2b:20:16:0d:e7:ae:ed:f3:54:d1:
67:88:28:10:9e:97:54:4b:30:7e:87:46:10:bb:21:6e:4f:78:
40:6b:dd:48:fb:e9:ce:be:2d:f7:21:42:2f:92:bb:ea:31:89:
11:62:c0:06:02:69:09:b1:89:19:0e:59:8c:70:b5:49:3d:8e:
7c:69:bd:10:6e:8f:31:25:6a:0e:14:00:05:fc:5d:c5:60:ba:
a4:d2:44:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOWk9G8PwjBlvklMcedY7bwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjQxMjA1MTEyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkzMzA2ZTQ1ZjIwOWMxNmU2ZjAzNzZhNDY2MGM5Y2IyYjlkNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTHrjE/Utbzh68NYEh04ovw14vCY
6unxXzcDRYCXlc8CByv3Xe1QuG4ehF+QsLBVoLx7MacROMBHW+UDqfLF+CDyU2BH
KaZuw57lR5XAeKGZI2Q0+6q8HLxbtQ5OtIWH6QodLg8L2/dupXfAsGin/0m5XH/a
XoysEnU9Ole9UHJoRuLJBeR/Z0ZoI3BhK27hOJv00JQkQWVqiJo739p24FdPf69s
iZ5XjrpTLdpggo7TTMw78+5T3Ru3NxfaiWRhzDuoUJMgSF/y5SpNMM4WqCZFKRdb
q2/5G8crcLi19ladHBn/mCYKrfH1j/VOXlBEWJgLyaZ7EoW69e5fQ0hgTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuTMG5F8gnBbm8DdqRmDJyyudajMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvRzVNd2JrWHlDY0Z1YndOMnBHWU1uTEs1MXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVVt0MA0G
CSqGSIb3DQEBCwUAA4IBAQCRxpJPXjmGSkRG7t4bf8mmO/yWlX+6HkeD4JzVXL/5
Rji0GSMqV6AhH37Bs6I0skVsMZr4bYUk4dgP4kmjCDltRQdcRVXLP55mv451CjCp
jHwBbWiIgTEMw4xP7zgF1Qc4TBeD1LZerCHahQp4pQ42RTw8PKC5hUUwxQ45Kj/G
waSdtkcwRusdPOBCF0LfOV9qrZ6WcdpsE7Qdx8WVk3WNVvk6TR2PYh79yysgFg3n
ru3zVNFniCgQnpdUSzB+h0YQuyFuT3hAa91I++nOvi33IUIvkrvqMYkRYsAGAmkJ
sYkZDlmMcLVJPY58ab0Qbo8xJWoOFAAF/F3FYLqk0kQ6
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:45:59 2025 by rpki-client