Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/nZ8B1BEMK4OhEqGyy-5imDxwqis.roa
File: nZ8B1BEMK4OhEqGyy-5imDxwqis.roa (raw, json)
Hash identifier: aeGcu9yhx8WL8pqOpSmmSAoQqwMZ+gpaPjLv89v2/G0=
Subject key identifier: 9D:9F:01:D4:11:0C:2B:83:A1:12:A1:B2:CB:EE:62:98:3C:70:AA:2B
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 019378361353522F47CCEDD054FA276653FA
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/nZ8B1BEMK4OhEqGyy-5imDxwqis.roa
Signing time: Fri 29 Nov 2024 13:57:09 +0000
ROA not before: Fri 29 Nov 2024 13:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 329007
IP address blocks: 91.228.15.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 11:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:36:13:53:52:2f:47:cc:ed:d0:54:fa:27:66:53:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 29 13:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d9f01d4110c2b83a112a1b2cbee62983c70aa2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:85:6d:76:4e:a1:9c:76:f6:62:8c:f1:43:ca:
0f:92:18:cb:fd:b4:5c:19:ab:20:d1:f2:81:01:2b:
48:d9:b2:46:e3:52:a5:dc:e8:12:22:71:d7:18:e0:
86:e3:f4:89:be:29:d9:20:5b:7e:0d:76:0b:5f:35:
c6:d3:d2:76:56:39:cc:39:f9:3c:31:c0:03:cc:66:
ea:f5:ee:0e:96:71:03:e8:f4:9f:81:c7:29:d6:96:
16:d8:90:d3:36:09:23:0b:92:68:93:13:70:3c:6e:
e4:f1:b5:34:66:a9:d5:f6:b6:cd:6f:86:ab:28:f5:
ad:71:7d:d3:59:56:44:55:5b:19:91:81:9e:eb:58:
ae:63:32:48:05:cf:4b:a2:0a:c9:c8:07:43:5c:bc:
81:ae:8f:0d:1b:9a:3b:6e:9a:98:39:83:aa:c4:87:
ba:33:25:aa:de:94:aa:4a:4e:c5:b2:3f:ca:3d:33:
30:61:45:2f:41:5e:c5:e8:5b:25:4c:7a:21:67:d6:
d8:3e:cb:aa:fc:ef:13:cb:cf:e8:03:8a:4f:b4:bf:
e9:e2:57:db:e8:c7:bf:d7:08:14:cc:15:2b:ca:e9:
8b:9e:ca:c9:ac:c0:8d:34:c7:de:5d:2a:5a:d3:b2:
75:7c:33:65:10:0d:ba:6d:bc:03:23:f5:a7:a7:a6:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9F:01:D4:11:0C:2B:83:A1:12:A1:B2:CB:EE:62:98:3C:70:AA:2B
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/nZ8B1BEMK4OhEqGyy-5imDxwqis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.15.0/24
94.154.35.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a1:06:2b:2b:1e:87:7d:0a:bd:b4:8f:a4:c6:80:6b:f2:18:
50:63:02:dd:27:a4:32:8d:97:0f:98:42:63:cb:f9:9b:fc:14:
37:bf:bf:cf:1b:cb:bd:17:69:7b:3d:31:dc:80:e5:b8:13:98:
6b:99:6b:e4:d9:45:2d:8a:51:c6:4e:03:b5:a9:1a:b6:6f:ef:
af:db:95:ae:4f:2b:c7:f7:42:f4:9e:34:69:3a:df:87:a2:9d:
bc:ff:59:ae:c6:6a:6e:bc:6c:d9:f8:79:2e:87:92:62:6c:fd:
a7:62:2e:f1:a2:e5:94:da:50:6e:02:bd:d9:5b:38:f7:7e:e1:
7a:30:f2:35:45:9c:08:c4:17:98:80:1b:8c:91:73:a9:11:9b:
29:24:b0:db:c0:61:93:83:f9:fd:40:a0:50:d0:64:75:9f:b0:
12:d4:e7:e4:b9:69:da:10:a8:21:1d:5d:0c:16:7a:61:e5:c9:
e7:25:47:f8:0c:03:0e:0e:4d:af:55:4a:66:c4:90:97:a3:76:
24:ee:b0:ec:17:84:1a:93:ba:cb:e0:92:ae:93:4d:0d:bf:24:
12:5e:4e:99:f2:98:c0:52:6d:28:e9:b5:d9:f5:35:b9:58:10:
7e:28:36:82:95:ec:b1:61:88:a2:66:3f:3e:36:5a:e9:97:d7:
4a:dc:80:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN4NhNTUi9HzO3QVPonZlP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQxMTI5MTM1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDlmMDFkNDExMGMyYjgzYTExMmExYjJjYmVlNjI5ODNjNzBhYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIVtdk6hnHb2YozxQ8oPkhjL/bRc
Gasg0fKBAStI2bJG41Kl3OgSInHXGOCG4/SJvinZIFt+DXYLXzXG09J2VjnMOfk8
McADzGbq9e4OlnED6PSfgccp1pYW2JDTNgkjC5JokxNwPG7k8bU0ZqnV9rbNb4ar
KPWtcX3TWVZEVVsZkYGe61iuYzJIBc9LogrJyAdDXLyBro8NG5o7bpqYOYOqxIe6
MyWq3pSqSk7Fsj/KPTMwYUUvQV7F6FslTHohZ9bYPsuq/O8Ty8/oA4pPtL/p4lfb
6Me/1wgUzBUryumLnsrJrMCNNMfeXSpa07J1fDNlEA26bbwDI/Wnp6YiawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2fAdQRDCuDoRKhssvuYpg8cKorMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvblo4QjFCRU1LNE9oRXFHeXktNWltRHh3cWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+QPAwQA
XpojMA0GCSqGSIb3DQEBCwUAA4IBAQAioQYrKx6HfQq9tI+kxoBr8hhQYwLdJ6Qy
jZcPmEJjy/mb/BQ3v7/PG8u9F2l7PTHcgOW4E5hrmWvk2UUtilHGTgO1qRq2b++v
25WuTyvH90L0njRpOt+Hop28/1muxmpuvGzZ+Hkuh5JibP2nYi7xouWU2lBuAr3Z
Wzj3fuF6MPI1RZwIxBeYgBuMkXOpEZspJLDbwGGTg/n9QKBQ0GR1n7AS1OfkuWna
EKghHV0MFnph5cnnJUf4DAMODk2vVUpmxJCXo3Yk7rDsF4Qak7rL4JKuk00NvyQS
Xk6Z8pjAUm0o6bXZ9TW5WBB+KDaCleyxYYiiZj8+Nlrpl9dK3IC5
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:06:52 2025 by rpki-client