Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UV5i9p1uaIkY6colHmIVNLMqvW8.roa
File: UV5i9p1uaIkY6colHmIVNLMqvW8.roa (raw, json)
Hash identifier: XFLglj+Tnl4xy9RMUNPZy5bwBONQe13lz2QT71uE2lg=
Subject key identifier: 51:5E:62:F6:9D:6E:68:89:18:E9:CA:25:1E:62:15:34:B3:2A:BD:6F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01928A6CB12B6A3295C2EABD2BEFFB011F1D
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UV5i9p1uaIkY6colHmIVNLMqvW8.roa
Signing time: Mon 14 Oct 2024 09:47:11 +0000
ROA not before: Mon 14 Oct 2024 09:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214062
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:6c:b1:2b:6a:32:95:c2:ea:bd:2b:ef:fb:01:1f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 14 09:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=515e62f69d6e688918e9ca251e621534b32abd6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:f9:08:14:08:39:6e:8f:3c:41:b9:45:b6:
50:1a:29:3b:b5:e4:72:53:3d:7a:38:26:ae:f0:e0:
ee:8c:97:55:48:68:a9:02:f4:6d:a3:0e:e1:b1:db:
a6:ee:55:5a:d3:27:0d:3a:27:83:5f:d7:0f:c9:9c:
a7:dd:81:28:fc:ba:9c:71:80:d2:3f:85:6c:7d:71:
9f:bf:bc:a6:17:69:7a:07:68:36:bf:18:37:08:7d:
1c:5c:8a:99:2b:d9:09:2a:2d:76:fb:a3:76:05:d5:
a9:27:ea:f8:f3:65:38:28:3f:a8:ae:55:7f:65:ce:
17:f7:67:3f:cd:e5:c3:0d:0e:1d:e8:ef:94:d8:56:
78:1c:d4:ec:d7:e6:ca:e0:d6:5d:03:d4:88:11:cb:
ec:13:72:7e:c4:8f:36:a8:f9:85:8e:ca:9c:d6:54:
e3:9c:c8:e5:d1:e2:f9:5e:fa:d3:05:39:bf:0e:4a:
98:03:b3:af:1b:91:61:a0:c7:6a:c4:ec:3e:78:17:
4d:70:e6:5b:1b:c3:c7:0b:be:47:31:72:57:37:e3:
e2:72:84:09:ac:b7:f7:19:fb:08:46:80:4f:88:00:
2f:75:26:c3:e9:75:71:04:67:9e:11:cf:a4:b9:92:
98:08:e7:2c:83:2c:14:4e:1c:0d:e5:3c:e4:75:f5:
03:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5E:62:F6:9D:6E:68:89:18:E9:CA:25:1E:62:15:34:B3:2A:BD:6F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UV5i9p1uaIkY6colHmIVNLMqvW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
72:b5:5e:12:49:e0:6a:00:37:78:30:57:a5:9b:a4:96:f8:dc:
0c:9c:59:10:84:75:4d:09:1f:72:74:28:12:14:90:d9:35:ee:
ab:f5:c9:62:e4:3f:c1:32:3c:01:bf:92:a0:6e:3a:f0:ff:57:
ea:32:5a:5b:39:6e:61:e6:d8:7c:02:7c:85:e9:59:6e:a3:ef:
f3:06:a8:32:04:43:62:b9:b0:2a:77:0f:98:b2:9d:8a:da:95:
a7:8f:2e:90:5c:82:2f:9c:5b:a3:19:f4:d5:51:e5:4c:f2:25:
7f:0b:0f:c3:ea:e0:bf:8a:12:75:5e:4d:14:49:1b:8f:bd:2a:
26:14:c2:5c:de:43:20:5c:98:79:03:23:9b:1b:c6:27:c0:ca:
ab:af:02:36:b0:2a:2f:24:ae:1e:24:28:63:eb:6e:09:b8:b0:
26:a7:6a:4d:dc:7e:ed:ad:a8:ac:75:3b:77:04:64:9a:a7:1a:
f6:44:79:9b:f1:74:1b:87:07:97:98:25:2f:b5:68:e2:39:ee:
f3:b8:53:93:64:f1:34:36:83:12:a4:fd:90:79:1b:1f:ca:b6:
6b:a2:85:b7:a4:62:23:ec:dc:8c:9d:02:4a:36:56:27:a1:1e:
61:69:5d:6a:bc:20:66:4e:4e:45:25:09:e2:08:0b:01:96:e9:
0a:bf:3d:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKKbLErajKVwuq9K+/7AR8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMDE0MDk0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTVlNjJmNjlkNmU2ODg5MThlOWNhMjUxZTYyMTUzNGIzMmFiZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzv5CBQIOW6PPEG5RbZQGik7teRy
Uz16OCau8ODujJdVSGipAvRtow7hsdum7lVa0ycNOieDX9cPyZyn3YEo/LqccYDS
P4VsfXGfv7ymF2l6B2g2vxg3CH0cXIqZK9kJKi12+6N2BdWpJ+r482U4KD+orlV/
Zc4X92c/zeXDDQ4d6O+U2FZ4HNTs1+bK4NZdA9SIEcvsE3J+xI82qPmFjsqc1lTj
nMjl0eL5XvrTBTm/DkqYA7OvG5FhoMdqxOw+eBdNcOZbG8PHC75HMXJXN+PicoQJ
rLf3GfsIRoBPiAAvdSbD6XVxBGeeEc+kuZKYCOcsgywUThwN5TzkdfUDUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFeYvadbmiJGOnKJR5iFTSzKr1vMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVVY1aTlwMXVhSWtZNmNvbEhtSVZOTE1xdlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQBytV4SSeBqADd4MFelm6SW+NwMnFkQhHVNCR9ydCgS
FJDZNe6r9cli5D/BMjwBv5Kgbjrw/1fqMlpbOW5h5th8AnyF6Vluo+/zBqgyBENi
ubAqdw+Ysp2K2pWnjy6QXIIvnFujGfTVUeVM8iV/Cw/D6uC/ihJ1Xk0USRuPvSom
FMJc3kMgXJh5AyObG8YnwMqrrwI2sCovJK4eJChj624JuLAmp2pN3H7traisdTt3
BGSapxr2RHmb8XQbhweXmCUvtWjiOe7zuFOTZPE0NoMSpP2QeRsfyrZrooW3pGIj
7NyMnQJKNlYnoR5haV1qvCBmTk5FJQniCAsBlukKvz3P
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:11 2025 by rpki-client