Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/8CFW4DTg1wl2AS4ax3KkcrVbxQo.roa
File: 8CFW4DTg1wl2AS4ax3KkcrVbxQo.roa (raw, json)
Hash identifier: wbe8SgnlumhmmuQ/PbTLB0arg8wnNlD/YpwOap9/xyA=
Subject key identifier: F0:21:56:E0:34:E0:D7:09:76:01:2E:1A:C7:72:A4:72:B5:5B:C5:0A
Certificate issuer: /CN=47684a7ebf9de294831a2c03e1b5a012420acd97
Certificate serial: 018CC4248A6AF7A9C3F7875B116A6DD3CEFD
Authority key identifier: 47:68:4A:7E:BF:9D:E2:94:83:1A:2C:03:E1:B5:A0:12:42:0A:CD:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2hKfr-d4pSDGiwD4bWgEkIKzZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/8CFW4DTg1wl2AS4ax3KkcrVbxQo.roa
Signing time: Mon 01 Jan 2024 08:29:38 +0000
ROA not before: Mon 01 Jan 2024 08:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199532
IP address blocks: 91.217.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:8a:6a:f7:a9:c3:f7:87:5b:11:6a:6d:d3:ce:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47684a7ebf9de294831a2c03e1b5a012420acd97
Validity
Not Before: Jan 1 08:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f02156e034e0d70976012e1ac772a472b55bc50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:34:3f:d9:24:00:0e:d2:21:35:58:cd:56:1f:
6c:1c:a5:67:88:72:aa:57:0c:c1:13:9b:2c:5c:50:
d2:8f:64:fe:d6:69:37:7e:e6:a2:6e:e5:a7:77:e2:
e2:fa:1e:b6:a2:bb:5c:e3:e2:51:28:89:b2:b5:3a:
f9:29:30:3d:3c:2a:c7:75:47:71:88:52:ff:a5:8b:
7a:7c:1d:a8:91:25:cb:3d:ef:6e:84:c9:b4:32:06:
a2:91:87:c1:72:de:f7:cb:e9:40:ce:51:9f:8f:01:
72:f0:10:93:67:9a:86:5a:45:e4:da:bf:52:49:19:
cd:84:de:66:80:c9:10:38:04:da:6c:43:90:25:55:
7c:7c:97:e0:9c:c4:36:54:71:1e:ce:34:4a:48:4c:
04:44:6b:3e:35:97:ed:40:1c:c7:f1:35:b7:80:9f:
29:1f:d3:a1:48:44:7c:b3:d3:ac:da:fd:ef:84:31:
c8:7a:7d:d9:76:55:8a:5a:9a:41:0f:f5:ad:d7:30:
5e:57:12:4e:ac:60:1f:ac:53:2b:a1:e3:1c:3a:c8:
63:ad:35:3f:27:fa:7b:4c:56:d2:e7:98:f9:c8:63:
ca:3a:06:49:08:0e:87:35:c4:4d:de:f2:f1:d5:fe:
ba:a5:fc:d1:36:57:13:50:b8:e0:0d:b9:94:99:6f:
27:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:21:56:E0:34:E0:D7:09:76:01:2E:1A:C7:72:A4:72:B5:5B:C5:0A
X509v3 Authority Key Identifier:
keyid:47:68:4A:7E:BF:9D:E2:94:83:1A:2C:03:E1:B5:A0:12:42:0A:CD:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2hKfr-d4pSDGiwD4bWgEkIKzZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/8CFW4DTg1wl2AS4ax3KkcrVbxQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/098772-dbb6-4dbb-b595-b26f70e03d76/1/R2hKfr-d4pSDGiwD4bWgEkIKzZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.195.0/24
Signature Algorithm: sha256WithRSAEncryption
63:26:0e:29:14:50:3f:a7:ba:e5:01:2e:41:08:05:91:51:fb:
53:ba:eb:7c:48:b2:88:8e:26:d4:c4:5a:7c:9a:e3:56:b2:be:
4f:cf:7d:db:d0:21:13:7a:91:95:dd:51:20:b5:75:ae:0a:f4:
7b:4b:a8:1a:cb:7c:ee:5b:24:83:1c:d7:94:ae:91:d1:d9:1b:
d1:b4:4a:2e:09:40:34:fa:8b:43:28:5c:8c:05:46:ae:0b:9e:
1f:15:74:64:cd:3e:cf:26:21:6c:83:08:e8:66:89:0b:e5:59:
30:39:53:2c:16:b5:4e:67:80:28:d7:ba:02:d3:6e:aa:9d:a8:
8a:9a:6a:90:0e:39:58:c4:49:4e:ab:1f:0a:69:89:6a:9b:4c:
65:18:c8:e3:72:da:45:00:fd:3e:f7:39:32:f0:21:de:5e:66:
44:12:a4:0f:b8:1d:11:bc:21:50:ac:72:33:7f:85:ad:ed:87:
75:e8:21:28:bf:07:34:47:b6:59:ae:5a:eb:64:2b:97:d4:0e:
54:d6:1d:b9:1d:5c:d1:b6:42:b6:66:9c:09:81:a3:f9:81:64:
d5:b4:f7:27:c3:b1:05:b2:ed:8d:be:b0:6a:14:a0:dc:e4:04:
81:cd:f6:14:b6:4c:98:a3:01:c2:07:1d:43:28:cb:cb:78:1b:
13:2c:3b:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJIpq96nD94dbEWpt0879MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Njg0YTdlYmY5ZGUyOTQ4MzFhMmMwM2UxYjVhMDEyNDIw
YWNkOTcwHhcNMjQwMTAxMDgyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIxNTZlMDM0ZTBkNzA5NzYwMTJlMWFjNzcyYTQ3MmI1NWJjNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjQ/2SQADtIhNVjNVh9sHKVniHKq
VwzBE5ssXFDSj2T+1mk3fuaibuWnd+Li+h62ortc4+JRKImytTr5KTA9PCrHdUdx
iFL/pYt6fB2okSXLPe9uhMm0MgaikYfBct73y+lAzlGfjwFy8BCTZ5qGWkXk2r9S
SRnNhN5mgMkQOATabEOQJVV8fJfgnMQ2VHEezjRKSEwERGs+NZftQBzH8TW3gJ8p
H9OhSER8s9Os2v3vhDHIen3ZdlWKWppBD/Wt1zBeVxJOrGAfrFMroeMcOshjrTU/
J/p7TFbS55j5yGPKOgZJCA6HNcRN3vLx1f66pfzRNlcTULjgDbmUmW8nVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAhVuA04NcJdgEuGsdypHK1W8UKMB8GA1UdIwQY
MBaAFEdoSn6/neKUgxosA+G1oBJCCs2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJoS2ZyLWQ0cFNER2l3RDRiV2dFa0lLelpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wOTg3NzItZGJiNi00ZGJiLWI1OTUt
YjI2ZjcwZTAzZDc2LzEvOENGVzREVGcxd2wyQVM0YXgzS2tjclZieFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wOTg3NzItZGJiNi00ZGJiLWI1OTUtYjI2ZjcwZTAzZDc2
LzEvUjJoS2ZyLWQ0cFNER2l3RDRiV2dFa0lLelpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nDMA0G
CSqGSIb3DQEBCwUAA4IBAQBjJg4pFFA/p7rlAS5BCAWRUftTuut8SLKIjibUxFp8
muNWsr5Pz33b0CETepGV3VEgtXWuCvR7S6gay3zuWySDHNeUrpHR2RvRtEouCUA0
+otDKFyMBUauC54fFXRkzT7PJiFsgwjoZokL5VkwOVMsFrVOZ4Ao17oC026qnaiK
mmqQDjlYxElOqx8KaYlqm0xlGMjjctpFAP0+9zky8CHeXmZEEqQPuB0RvCFQrHIz
f4Wt7Yd16CEovwc0R7ZZrlrrZCuX1A5U1h25HVzRtkK2ZpwJgaP5gWTVtPcnw7EF
su2NvrBqFKDc5ASBzfYUtkyYowHCBx1DKMvLeBsTLDt5
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:02:27 2025 by rpki-client