Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/Yfj7fP3mieePbqCNfjwfB3Pxdx4.roa
File: Yfj7fP3mieePbqCNfjwfB3Pxdx4.roa (raw, json)
Hash identifier: hsNyITXouwFOODQt4BOubf8e+UqZKlp0k714bUcwfEU=
Subject key identifier: 61:F8:FB:7C:FD:E6:89:E7:8F:6E:A0:8D:7E:3C:1F:07:73:F1:77:1E
Certificate issuer: /CN=6689c3995e2461d5a52fd4f1000782f99a4d4822
Certificate serial: 018CC56E52E11C3365C5BD7157D9EFB278D0
Authority key identifier: 66:89:C3:99:5E:24:61:D5:A5:2F:D4:F1:00:07:82:F9:9A:4D:48:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/Yfj7fP3mieePbqCNfjwfB3Pxdx4.roa
Signing time: Mon 01 Jan 2024 14:29:50 +0000
ROA not before: Mon 01 Jan 2024 14:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200410
IP address blocks: 91.187.224.0/24 maxlen: 24
91.187.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:52:e1:1c:33:65:c5:bd:71:57:d9:ef:b2:78:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6689c3995e2461d5a52fd4f1000782f99a4d4822
Validity
Not Before: Jan 1 14:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f8fb7cfde689e78f6ea08d7e3c1f0773f1771e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a6:b2:cc:da:01:8e:97:b5:69:ef:56:ef:88:
4d:23:cf:9c:92:f1:d0:bc:09:b6:78:d3:7a:4f:0d:
b5:10:b2:88:b9:1c:2e:9d:6d:78:c0:5d:fb:06:d4:
bb:2a:cb:74:03:cc:a2:7c:9c:a5:01:37:c9:7c:b6:
68:d8:5f:0a:a7:26:85:ae:8d:2c:cc:f4:ac:62:71:
40:69:aa:e1:4d:f3:d3:51:8a:e4:ae:ff:2f:82:48:
03:10:f7:53:e5:7b:7a:24:3f:23:f8:b9:7d:a4:8c:
ee:c3:b9:c0:28:13:fd:5b:43:f2:9a:b0:9b:0c:33:
01:f0:1b:91:0b:6c:ae:fe:3d:f6:ea:e5:5d:c7:d0:
6e:e5:b9:32:50:5f:84:bc:50:46:cc:2f:d4:fa:8e:
9c:6d:ff:ef:46:18:f8:8f:54:67:d4:39:c6:96:cb:
c6:d6:87:00:22:ed:ce:37:1c:5d:c2:16:52:f1:78:
04:43:fd:46:92:48:24:51:0d:14:59:e6:cc:29:d9:
b1:27:09:73:3b:d4:80:d1:af:14:6a:81:ca:0f:09:
a1:ac:ef:fb:f5:f9:a1:12:8b:6a:f6:69:04:44:59:
d8:d1:8a:80:ab:d2:e8:97:df:59:fe:e6:f3:d2:07:
57:b6:9b:b2:d3:24:1c:91:4d:e0:91:73:d5:c4:8c:
49:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F8:FB:7C:FD:E6:89:E7:8F:6E:A0:8D:7E:3C:1F:07:73:F1:77:1E
X509v3 Authority Key Identifier:
keyid:66:89:C3:99:5E:24:61:D5:A5:2F:D4:F1:00:07:82:F9:9A:4D:48:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/Yfj7fP3mieePbqCNfjwfB3Pxdx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/346966-069a-40b0-b143-41eaa1fde11b/1/ZonDmV4kYdWlL9TxAAeC-ZpNSCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.187.224.0/23
Signature Algorithm: sha256WithRSAEncryption
89:39:7e:47:1d:fa:8a:d5:c2:dd:ec:4c:d9:27:14:63:0e:31:
5b:e2:2c:ee:b6:b1:fd:9d:3f:35:52:6d:15:07:ea:30:8a:78:
49:5f:fa:cf:b7:97:80:66:c4:99:b8:ea:21:a4:7e:cc:52:b7:
9a:eb:fe:fe:bd:af:72:e3:99:11:17:30:95:e7:d4:b5:62:85:
3c:a5:c4:b7:89:20:d4:d7:ec:fd:2e:7a:e5:8d:17:bb:5b:41:
82:e5:50:af:83:01:a8:7a:40:dc:f1:42:d0:3d:9b:25:5b:a1:
7b:db:88:d2:25:c3:b7:d8:57:49:3d:41:f8:1a:69:b1:01:66:
28:c6:93:d7:44:af:96:a4:30:82:a0:c7:a2:ab:64:37:b1:c0:
88:9b:82:89:6e:f2:98:55:0b:02:10:bb:8d:d6:3b:db:f6:27:
6b:94:73:ad:69:e7:47:fb:f5:df:79:ab:5d:31:f6:02:0f:77:
0e:78:75:f7:dd:1a:dc:3f:e9:1f:94:15:b9:73:e4:8a:c6:c8:
48:1d:b2:46:cb:88:55:0d:1f:e0:81:62:84:59:6f:77:a7:b6:
9d:35:ee:72:12:c2:f4:da:aa:7b:ff:00:0e:e0:7b:88:5b:27:
c4:23:32:d7:ff:6e:6f:22:cc:8d:f3:c6:bd:4a:cc:1a:7d:e4:
8c:f3:5e:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFblLhHDNlxb1xV9nvsnjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODljMzk5NWUyNDYxZDVhNTJmZDRmMTAwMDc4MmY5OWE0
ZDQ4MjIwHhcNMjQwMTAxMTQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY4ZmI3Y2ZkZTY4OWU3OGY2ZWEwOGQ3ZTNjMWYwNzczZjE3NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6ayzNoBjpe1ae9W74hNI8+ckvHQ
vAm2eNN6Tw21ELKIuRwunW14wF37BtS7Kst0A8yifJylATfJfLZo2F8KpyaFro0s
zPSsYnFAaarhTfPTUYrkrv8vgkgDEPdT5Xt6JD8j+Ll9pIzuw7nAKBP9W0PymrCb
DDMB8BuRC2yu/j326uVdx9Bu5bkyUF+EvFBGzC/U+o6cbf/vRhj4j1Rn1DnGlsvG
1ocAIu3ONxxdwhZS8XgEQ/1GkkgkUQ0UWebMKdmxJwlzO9SA0a8UaoHKDwmhrO/7
9fmhEotq9mkERFnY0YqAq9Lol99Z/ubz0gdXtpuy0yQckU3gkXPVxIxJ1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGH4+3z95onnj26gjX48Hwdz8XceMB8GA1UdIwQY
MBaAFGaJw5leJGHVpS/U8QAHgvmaTUgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9uRG1WNGtZZFdsTDlUeEFBZUMtWnBOU0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDY5NjYtMDY5YS00MGIwLWIxNDMt
NDFlYWExZmRlMTFiLzEvWWZqN2ZQM21pZWVQYnFDTmZqd2ZCM1B4ZHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDY5NjYtMDY5YS00MGIwLWIxNDMtNDFlYWExZmRlMTFi
LzEvWm9uRG1WNGtZZFdsTDlUeEFBZUMtWnBOU0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW7vgMA0G
CSqGSIb3DQEBCwUAA4IBAQCJOX5HHfqK1cLd7EzZJxRjDjFb4izutrH9nT81Um0V
B+owinhJX/rPt5eAZsSZuOohpH7MUrea6/7+va9y45kRFzCV59S1YoU8pcS3iSDU
1+z9LnrljRe7W0GC5VCvgwGoekDc8ULQPZslW6F724jSJcO32FdJPUH4GmmxAWYo
xpPXRK+WpDCCoMeiq2Q3scCIm4KJbvKYVQsCELuN1jvb9idrlHOtaedH+/Xfeatd
MfYCD3cOeHX33RrcP+kflBW5c+SKxshIHbJGy4hVDR/ggWKEWW93p7adNe5yEsL0
2qp7/wAO4HuIWyfEIzLX/25vIsyN88a9SswafeSM817Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:48 2025 by rpki-client