Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/bI_xYye2-OxZAf27ra_zyEKjuXc.roa
File: bI_xYye2-OxZAf27ra_zyEKjuXc.roa (raw, json)
Hash identifier: N1i8Lpg+byPMcBq5ZcVlgtfRR9tl2UbMt72Qq0ghJ7A=
Subject key identifier: 6C:8F:F1:63:27:B6:F8:EC:59:01:FD:BB:AD:AF:F3:C8:42:A3:B9:77
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 018CC3B674738EB21859264BA25216849E48
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/bI_xYye2-OxZAf27ra_zyEKjuXc.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203190
IP address blocks: 91.216.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:74:73:8e:b2:18:59:26:4b:a2:52:16:84:9e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c8ff16327b6f8ec5901fdbbadaff3c842a3b977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a3:ca:f6:6b:73:28:5c:f6:02:05:f5:b1:85:
ef:9d:b0:fb:35:15:22:58:84:44:7f:91:ba:79:35:
50:3e:dd:1f:70:1b:43:3b:7b:f0:df:9a:22:08:a1:
12:27:6c:3f:90:6b:1b:c6:fc:88:c1:e3:a8:c2:3e:
d6:0b:1d:4d:49:e5:8e:3b:09:06:98:31:1c:fa:e1:
92:66:bf:de:f5:ee:ce:6e:37:94:1a:66:d6:bc:de:
3c:04:e6:77:f4:00:82:fe:22:2b:1b:8b:b8:be:d1:
41:4f:6c:45:a9:03:cc:30:75:1e:ab:7f:35:c9:5e:
b7:4d:11:70:f4:4b:3b:21:bd:75:d4:bb:c0:fa:fa:
a8:bd:ac:bd:d2:f5:91:2d:9d:82:11:6a:ac:81:6c:
a2:88:e6:87:5c:9c:95:7b:66:f4:9a:ae:95:3f:8e:
6a:66:5f:52:57:b7:a4:9d:d0:a5:1e:31:72:35:a9:
30:5c:ca:c2:b0:8d:0c:fc:80:f8:63:85:da:79:52:
99:2f:c3:95:b4:12:64:ea:70:eb:00:8e:67:e6:45:
ab:23:1c:d1:e5:e6:8c:5f:34:dc:aa:bf:4f:27:47:
60:fe:b7:f0:ff:8e:e6:38:0c:76:e8:93:b7:f4:f0:
f7:c8:bf:63:d2:dd:0f:79:48:8e:5f:f9:d7:14:fa:
78:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8F:F1:63:27:B6:F8:EC:59:01:FD:BB:AD:AF:F3:C8:42:A3:B9:77
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/bI_xYye2-OxZAf27ra_zyEKjuXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:89:45:09:82:8a:e5:2c:39:fe:57:34:f5:29:2b:cd:c3:9d:
d9:a6:78:9f:f0:50:a7:fc:d5:bd:eb:d4:cf:f2:9c:41:10:bb:
50:1c:0c:7b:58:3f:e7:49:fa:dc:87:b0:01:2b:aa:3d:6e:fc:
0f:b5:f7:22:f8:9d:2a:b9:e9:8d:59:ec:38:b3:a6:dd:3f:fc:
94:b5:69:da:71:36:f2:54:41:01:5b:e1:24:f6:a6:0d:e0:c7:
f0:3f:aa:ff:cd:cb:6e:c5:d0:6e:c1:c8:44:50:e8:8f:bf:6a:
07:a0:2e:5a:6d:d8:ca:0e:16:9c:25:cf:b3:85:dc:47:72:e1:
3d:96:58:34:63:1a:47:8c:ba:35:19:be:11:90:c2:cb:09:b1:
dc:c8:15:46:ad:a0:29:e6:90:db:9d:5c:03:f6:ac:25:21:3c:
f9:85:b6:9a:9b:00:7f:92:f6:5b:d1:df:7b:f4:c4:35:9a:04:
cc:35:b7:47:e4:93:12:a1:c9:75:a2:79:11:ab:09:4d:24:70:
06:0c:fd:25:b0:ef:08:a7:89:be:59:d9:9c:0a:37:d9:2a:7b:
62:a3:fa:92:de:37:ac:dd:1a:79:3f:d2:0f:6e:8e:6c:bb:d0:
09:b3:65:60:e1:fd:29:65:33:49:78:d4:83:f3:9d:3f:81:f4:
18:c5:48:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnRzjrIYWSZLolIWhJ5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhmZjE2MzI3YjZmOGVjNTkwMWZkYmJhZGFmZjNjODQyYTNiOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKPK9mtzKFz2AgX1sYXvnbD7NRUi
WIREf5G6eTVQPt0fcBtDO3vw35oiCKESJ2w/kGsbxvyIweOowj7WCx1NSeWOOwkG
mDEc+uGSZr/e9e7ObjeUGmbWvN48BOZ39ACC/iIrG4u4vtFBT2xFqQPMMHUeq381
yV63TRFw9Es7Ib111LvA+vqovay90vWRLZ2CEWqsgWyiiOaHXJyVe2b0mq6VP45q
Zl9SV7ekndClHjFyNakwXMrCsI0M/ID4Y4XaeVKZL8OVtBJk6nDrAI5n5kWrIxzR
5eaMXzTcqr9PJ0dg/rfw/47mOAx26JO39PD3yL9j0t0PeUiOX/nXFPp4wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyP8WMntvjsWQH9u62v88hCo7l3MB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvYklfeFl5ZTItT3haQWYyN3JhX3p5RUtqdVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gDMA0G
CSqGSIb3DQEBCwUAA4IBAQBviUUJgorlLDn+VzT1KSvNw53Zpnif8FCn/NW969TP
8pxBELtQHAx7WD/nSfrch7ABK6o9bvwPtfci+J0quemNWew4s6bdP/yUtWnacTby
VEEBW+Ek9qYN4MfwP6r/zctuxdBuwchEUOiPv2oHoC5abdjKDhacJc+zhdxHcuE9
llg0YxpHjLo1Gb4RkMLLCbHcyBVGraAp5pDbnVwD9qwlITz5hbaamwB/kvZb0d97
9MQ1mgTMNbdH5JMSocl1onkRqwlNJHAGDP0lsO8Ip4m+WdmcCjfZKntio/qS3jes
3Rp5P9IPbo5su9AJs2Vg4f0pZTNJeNSD850/gfQYxUgm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:34 2025 by rpki-client