Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/iaQf8vdKeavZOi3c0TzzpGZFQvM.roa
File: iaQf8vdKeavZOi3c0TzzpGZFQvM.roa (raw, json)
Hash identifier: +Xx1RXFK1mCEC3/pJBQOSw1KeSCUEjfLdxB/5IHzCpk=
Subject key identifier: 89:A4:1F:F2:F7:4A:79:AB:D9:3A:2D:DC:D1:3C:F3:A4:66:45:42:F3
Certificate issuer: /CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Certificate serial: 018CC8715C722F3E482C1DCF64FA19F5B0EF
Authority key identifier: B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/iaQf8vdKeavZOi3c0TzzpGZFQvM.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43349
IP address blocks: 91.215.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5c:72:2f:3e:48:2c:1d:cf:64:fa:19:f5:b0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8ed3ebcd2155f9a178a103adab48fda8b2275a5
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a41ff2f74a79abd93a2ddcd13cf3a4664542f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:e5:90:5e:08:67:df:91:b2:ad:d6:88:ec:
d7:5d:34:13:88:d0:ac:48:9b:3c:40:34:b7:fe:ba:
76:58:83:ff:24:6d:f6:13:dd:0c:07:ca:52:9e:0f:
b6:91:9e:2d:f1:c9:47:52:47:d3:9a:8b:8d:a3:8a:
3e:74:e5:32:f7:10:d9:25:ab:51:a6:a1:e4:07:f9:
83:a1:de:3f:fe:da:94:39:df:9f:cb:ff:bf:7c:d2:
fe:05:f1:7b:1d:48:de:f9:6d:df:4c:cf:94:47:55:
4c:8d:a8:38:da:a0:a2:8b:fb:73:ac:bf:c5:be:4c:
0d:a1:9f:8e:eb:dd:1d:8b:ec:c4:4d:db:d5:5b:1c:
19:6d:ae:8c:63:08:29:a8:78:fb:c3:06:9d:b3:83:
1a:7e:92:20:bc:ad:44:49:82:3a:70:a4:b6:66:61:
80:bb:f5:e8:e4:42:d1:73:ba:23:0b:e7:e9:3a:f5:
f5:39:40:83:84:64:7e:8d:57:cd:f3:97:0e:4d:5e:
f3:bd:e1:38:3e:1c:3a:3e:d4:9b:43:ab:ed:a8:b5:
a0:1f:c9:2f:56:fe:66:34:0a:e5:19:3b:7e:3d:54:
96:ba:45:c3:33:c7:62:f8:d4:2d:60:19:62:01:07:
d7:5c:d8:8d:27:d6:d9:a8:6f:52:98:eb:f1:ad:a6:
cb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A4:1F:F2:F7:4A:79:AB:D9:3A:2D:DC:D1:3C:F3:A4:66:45:42:F3
X509v3 Authority Key Identifier:
keyid:B8:ED:3E:BC:D2:15:5F:9A:17:8A:10:3A:DA:B4:8F:DA:8B:22:75:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uO0-vNIVX5oXihA62rSP2osidaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/iaQf8vdKeavZOi3c0TzzpGZFQvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/421c6d-535c-4c13-8da3-dea12dd8c7f4/1/uO0-vNIVX5oXihA62rSP2osidaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:c4:9d:9b:66:41:4c:35:2c:9e:32:85:7c:11:e0:71:e2:fb:
8a:f6:b7:3d:88:d0:3f:04:a9:4d:9e:36:73:f7:a2:79:09:28:
0e:25:1c:02:02:9c:3e:bc:f0:23:84:fb:e4:8e:d6:a5:f2:b2:
c9:f5:fc:a1:20:e5:b9:ae:08:1f:a5:e2:5e:91:fd:40:76:80:
73:ba:ef:08:1c:b8:60:8d:48:b1:92:16:8f:31:e5:8e:13:ae:
eb:db:2a:63:34:85:54:2c:a3:71:5a:b5:14:9e:9e:48:4e:e1:
13:19:33:4a:81:40:b2:7e:c3:35:4e:0a:92:a0:e4:ff:db:c4:
28:ef:a1:24:c3:63:1a:67:7c:15:f6:d5:de:97:d3:8c:10:8e:
30:da:a5:96:fb:3b:21:ba:00:90:69:c9:d5:a2:c6:dc:a9:c1:
cf:51:f3:29:27:19:80:49:90:35:82:70:8a:fd:29:2e:fc:8c:
c9:37:da:28:83:8b:00:c5:b1:c7:0a:34:13:c4:7e:39:78:51:
c6:78:15:fe:bf:4f:3e:3c:68:ff:45:1b:31:02:78:a0:43:9a:
f8:74:3f:d5:32:e9:9f:d0:8c:e9:75:32:2e:12:ec:15:f3:d7:
22:1c:24:e5:60:a7:3d:a9:fa:72:b9:6f:5b:74:b1:51:89:98:
9d:90:d8:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcVxyLz5ILB3PZPoZ9bDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZWQzZWJjZDIxNTVmOWExNzhhMTAzYWRhYjQ4ZmRhOGIy
Mjc1YTUwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE0MWZmMmY3NGE3OWFiZDkzYTJkZGNkMTNjZjNhNDY2NDU0MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKjlkF4IZ9+Rsq3WiOzXXTQTiNCs
SJs8QDS3/rp2WIP/JG32E90MB8pSng+2kZ4t8clHUkfTmouNo4o+dOUy9xDZJatR
pqHkB/mDod4//tqUOd+fy/+/fNL+BfF7HUje+W3fTM+UR1VMjag42qCii/tzrL/F
vkwNoZ+O690di+zETdvVWxwZba6MYwgpqHj7wwads4MafpIgvK1ESYI6cKS2ZmGA
u/Xo5ELRc7ojC+fpOvX1OUCDhGR+jVfN85cOTV7zveE4Phw6PtSbQ6vtqLWgH8kv
Vv5mNArlGTt+PVSWukXDM8di+NQtYBliAQfXXNiNJ9bZqG9SmOvxrabLIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImkH/L3Snmr2Tot3NE886RmRULzMB8GA1UdIwQY
MBaAFLjtPrzSFV+aF4oQOtq0j9qLInWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMt
ZGVhMTJkZDhjN2Y0LzEvaWFRZjh2ZEtlYXZaT2kzYzBUenpwR1pGUXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80MjFjNmQtNTM1Yy00YzEzLThkYTMtZGVhMTJkZDhjN2Y0
LzEvdU8wLXZOSVZYNW9YaWhBNjJyU1Ayb3NpZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9fJMA0G
CSqGSIb3DQEBCwUAA4IBAQAsxJ2bZkFMNSyeMoV8EeBx4vuK9rc9iNA/BKlNnjZz
96J5CSgOJRwCApw+vPAjhPvkjtal8rLJ9fyhIOW5rggfpeJekf1AdoBzuu8IHLhg
jUixkhaPMeWOE67r2ypjNIVULKNxWrUUnp5ITuETGTNKgUCyfsM1TgqSoOT/28Qo
76Ekw2MaZ3wV9tXel9OMEI4w2qWW+zshugCQacnVosbcqcHPUfMpJxmASZA1gnCK
/Sku/IzJN9oog4sAxbHHCjQTxH45eFHGeBX+v08+PGj/RRsxAnigQ5r4dD/VMumf
0IzpdTIuEuwV89ciHCTlYKc9qfpyuW9bdLFRiZidkNi4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:41 2025 by rpki-client