Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/N9RBrLDzdW8kkElh2Nbau5abrOQ.roa
File: N9RBrLDzdW8kkElh2Nbau5abrOQ.roa (raw, json)
Hash identifier: 6h+CkUEGj3yJ3llfu5dC2jx0GPsCocDtIzleg7TrATg=
Subject key identifier: 37:D4:41:AC:B0:F3:75:6F:24:90:49:61:D8:D6:DA:BB:96:9B:AC:E4
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 018CC2DB4069D3D294CD475CB59515D9BEA5
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/N9RBrLDzdW8kkElh2Nbau5abrOQ.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57903
IP address blocks: 91.236.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:40:69:d3:d2:94:cd:47:5c:b5:95:15:d9:be:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37d441acb0f3756f24904961d8d6dabb969bace4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c0:fd:74:96:da:c0:7e:19:da:75:be:98:b4:
cb:aa:16:f6:57:71:7d:92:58:1f:3e:a3:e8:7f:e9:
41:35:b1:2d:3e:87:e5:33:50:b2:f2:0b:8e:fb:fc:
72:09:9a:8c:a2:93:57:7d:2e:2c:13:43:17:05:d1:
09:d7:b0:aa:7e:49:45:b4:f1:f0:e4:d1:dc:84:58:
3a:7b:83:fd:b0:10:ed:03:6b:af:fd:29:d7:78:2e:
e8:4b:6e:2b:7f:92:d9:d6:22:81:ef:97:92:ec:64:
48:15:2c:28:10:67:3b:bd:96:9d:60:58:8f:39:b2:
bc:58:e2:90:e7:0f:24:bc:c5:27:b5:d8:d5:37:9d:
6b:6b:3f:03:f8:67:6a:4e:92:90:3c:cf:45:cf:22:
58:7b:13:9d:cb:94:93:b9:c8:88:85:7b:f7:19:10:
d2:31:5f:36:aa:db:47:c1:cb:ae:ae:df:dc:c9:40:
b6:c1:2f:31:de:fb:98:09:45:bb:4a:56:8d:1a:0d:
c5:e1:53:bd:24:33:5d:1a:ef:2a:c8:41:0f:dc:d4:
e6:59:b4:6f:34:7c:5d:a6:4b:f6:0c:18:b9:d8:a6:
12:3c:a0:af:6d:cd:b4:43:98:88:4d:4a:81:2f:25:
8a:88:08:b4:60:8c:ee:f0:52:f8:e7:ec:9a:ac:d0:
41:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D4:41:AC:B0:F3:75:6F:24:90:49:61:D8:D6:DA:BB:96:9B:AC:E4
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/N9RBrLDzdW8kkElh2Nbau5abrOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.114.0/24
Signature Algorithm: sha256WithRSAEncryption
89:5a:88:06:f3:7c:d5:81:96:1c:05:c2:f5:63:04:ff:5d:61:
ce:64:9f:7d:03:f1:1e:78:0e:4c:75:a2:e2:3c:2d:af:83:5c:
bc:65:12:1a:91:a6:d3:93:02:e1:d5:3a:ca:c3:06:1d:6b:08:
cf:6a:b8:3a:92:f3:0b:79:37:e4:8e:ba:6d:b8:cb:db:1d:3e:
72:4b:34:6c:37:e8:82:7d:2b:18:34:4f:3c:e1:96:36:1a:2e:
32:05:a1:29:bc:0d:6c:e3:3b:ac:7d:1c:81:3c:94:5b:50:9c:
60:97:44:50:b7:11:a5:73:c7:24:59:12:c7:d5:c8:ab:29:61:
44:1c:a7:29:6e:bf:9c:cf:e2:f7:7d:ff:8b:d6:9f:5e:a4:a1:
89:99:ca:b2:61:76:c8:9c:8e:61:69:c3:4a:76:a0:cf:30:2a:
26:58:fa:c1:44:45:37:cf:0c:ea:cd:24:3b:d8:ea:a4:a7:b2:
43:d3:8a:e7:18:ce:da:57:2b:48:91:22:28:c7:0d:af:89:60:
a1:9c:91:4f:82:77:82:c2:ab:fb:75:bc:2a:83:5f:e4:7c:b7:
ca:1c:93:10:4c:8d:38:98:47:8d:e6:3b:4b:16:32:71:81:ca:
e9:65:1d:72:d7:89:bf:d6:cb:76:52:db:10:91:30:09:e6:79:
21:eb:24:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20Bp09KUzUdctZUV2b6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5
ZDNiYWUwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q0NDFhY2IwZjM3NTZmMjQ5MDQ5NjFkOGQ2ZGFiYjk2OWJhY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08D9dJbawH4Z2nW+mLTLqhb2V3F9
klgfPqPof+lBNbEtPoflM1Cy8guO+/xyCZqMopNXfS4sE0MXBdEJ17CqfklFtPHw
5NHchFg6e4P9sBDtA2uv/SnXeC7oS24rf5LZ1iKB75eS7GRIFSwoEGc7vZadYFiP
ObK8WOKQ5w8kvMUntdjVN51raz8D+GdqTpKQPM9FzyJYexOdy5STuciIhXv3GRDS
MV82qttHwcuurt/cyUC2wS8x3vuYCUW7SlaNGg3F4VO9JDNdGu8qyEEP3NTmWbRv
NHxdpkv2DBi52KYSPKCvbc20Q5iITUqBLyWKiAi0YIzu8FL45+yarNBBkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDfUQayw83VvJJBJYdjW2ruWm6zkMB8GA1UdIwQY
MBaAFDTVGSR0Arz73w7OkCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQt
ZmJkMzk5YTQ0NzVlLzEvTjlSQnJMRHpkVzhra0VsaDJOYmF1NWFick9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVl
LzEvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+xyMA0G
CSqGSIb3DQEBCwUAA4IBAQCJWogG83zVgZYcBcL1YwT/XWHOZJ99A/EeeA5MdaLi
PC2vg1y8ZRIakabTkwLh1TrKwwYdawjParg6kvMLeTfkjrptuMvbHT5ySzRsN+iC
fSsYNE884ZY2Gi4yBaEpvA1s4zusfRyBPJRbUJxgl0RQtxGlc8ckWRLH1cirKWFE
HKcpbr+cz+L3ff+L1p9epKGJmcqyYXbInI5hacNKdqDPMComWPrBREU3zwzqzSQ7
2Oqkp7JD04rnGM7aVytIkSIoxw2viWChnJFPgneCwqv7dbwqg1/kfLfKHJMQTI04
mEeN5jtLFjJxgcrpZR1y14m/1st2UtsQkTAJ5nkh6yQO
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:47:57 2025 by rpki-client