Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/139ETW_lKXrnJsaVw0MZPf56WYI.roa
File: 139ETW_lKXrnJsaVw0MZPf56WYI.roa (raw, json)
Hash identifier: L4v9vf+siLhaBIpEqD+lqBXzsQjcK/4zAnEA/tlwnkg=
Subject key identifier: D7:7F:44:4D:6F:E5:29:7A:E7:26:C6:95:C3:43:19:3D:FE:7A:59:82
Certificate issuer: /CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Certificate serial: 018CC8DEDCCDE076BC86A4797E8F3E25AA1B
Authority key identifier: 09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/139ETW_lKXrnJsaVw0MZPf56WYI.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.238.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 22:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:dc:cd:e0:76:bc:86:a4:79:7e:8f:3e:25:aa:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d77f444d6fe5297ae726c695c343193dfe7a5982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:00:39:51:31:ff:5b:d5:c8:38:0a:6e:ae:ee:
b8:50:32:05:aa:e3:5e:0a:1f:b6:9e:da:9f:26:95:
3c:e2:d1:b5:11:63:da:89:ea:4f:60:1c:99:bd:99:
5b:3d:53:f5:df:63:3f:75:cf:9b:8c:b8:f9:59:3a:
c3:c8:5f:be:49:4b:d0:76:61:9a:37:84:67:9d:48:
54:0a:5b:48:cd:0c:3d:95:04:6d:30:99:cc:40:39:
d5:f0:c9:29:e7:bb:8f:ff:1c:98:35:91:d2:d5:eb:
25:1b:f4:55:5a:d1:f1:e3:6f:f0:e7:4a:09:7a:98:
1d:93:8e:f1:db:d3:87:88:78:b5:63:1c:c9:7c:9e:
17:44:19:8c:d3:39:88:6e:09:8d:d6:a5:88:2b:6b:
36:54:f9:dd:d9:ef:4f:c5:77:5d:44:c2:15:63:6d:
b7:be:0f:66:1d:0d:5f:2c:c2:ee:ff:89:07:06:10:
92:34:f4:fb:47:af:ac:8e:21:aa:d1:7f:b1:59:94:
e9:e0:1a:7c:c3:c5:77:9a:4f:36:aa:65:b7:47:a1:
a7:32:a9:c9:01:26:f0:a3:db:21:7b:06:d7:44:9a:
91:6a:52:6b:a5:d1:90:ca:dc:2e:9e:7c:b6:20:00:
a7:b6:e6:2d:e7:cd:e1:33:e4:21:61:ac:49:d8:c8:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7F:44:4D:6F:E5:29:7A:E7:26:C6:95:C3:43:19:3D:FE:7A:59:82
X509v3 Authority Key Identifier:
keyid:09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/139ETW_lKXrnJsaVw0MZPf56WYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/CVeyPIN5W8NcMLwTZaMP3zN1rIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.209.0/24
Signature Algorithm: sha256WithRSAEncryption
04:cf:81:a5:66:9d:85:bd:d2:70:9a:61:7c:54:cf:3a:6b:36:
3c:4f:7a:cb:6d:eb:aa:11:08:24:d9:06:44:66:2f:df:1f:96:
2b:63:a9:d4:50:80:ac:2b:a6:d6:bc:ee:53:85:d3:3a:10:e7:
fb:07:29:bf:b2:22:c3:c5:f2:04:b3:fc:c6:a4:9c:dc:78:ff:
1f:93:ff:68:64:bc:c6:7c:cc:d9:84:2c:e4:cc:90:78:75:b9:
5d:f2:c2:49:cb:88:c6:20:1b:1c:d0:11:42:09:80:93:05:6d:
96:cd:b3:97:9d:dc:85:6d:a0:51:e2:2e:81:c6:77:00:b2:e2:
b5:20:8b:ba:68:d5:7c:31:72:38:8e:cd:77:ef:f4:15:42:be:
f1:3c:ba:91:25:25:82:5b:ed:66:f5:89:6c:6c:6b:76:3b:e4:
03:14:5b:e9:63:d0:af:72:4a:cf:67:a5:58:a7:f4:3b:ce:67:
aa:7a:b3:60:14:40:1c:78:5b:e9:ee:66:0d:84:e6:88:cb:22:
63:86:86:aa:98:72:b0:00:6c:70:67:c2:c8:25:90:f6:e2:69:
41:1b:bb:a1:4c:5a:9c:b6:3c:ae:b6:37:5b:34:33:fb:2c:21:
36:e3:71:c9:11:8b:25:1f:c3:61:bc:ce:cb:41:e6:64:c0:d3:
59:4c:65:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3tzN4Ha8hqR5fo8+JaobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTdiMjNjODM3OTViYzM1YzMwYmMxMzY1YTMwZmRmMzM3
NWFjODkwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzdmNDQ0ZDZmZTUyOTdhZTcyNmM2OTVjMzQzMTkzZGZlN2E1OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQA5UTH/W9XIOApuru64UDIFquNe
Ch+2ntqfJpU84tG1EWPaiepPYByZvZlbPVP132M/dc+bjLj5WTrDyF++SUvQdmGa
N4RnnUhUCltIzQw9lQRtMJnMQDnV8Mkp57uP/xyYNZHS1eslG/RVWtHx42/w50oJ
epgdk47x29OHiHi1YxzJfJ4XRBmM0zmIbgmN1qWIK2s2VPnd2e9PxXddRMIVY223
vg9mHQ1fLMLu/4kHBhCSNPT7R6+sjiGq0X+xWZTp4Bp8w8V3mk82qmW3R6GnMqnJ
ASbwo9shewbXRJqRalJrpdGQytwunny2IACntuYt583hM+QhYaxJ2MjxkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNd/RE1v5Sl65ybGlcNDGT3+elmCMB8GA1UdIwQY
MBaAFAlXsjyDeVvDXDC8E2WjD98zdayJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMt
MWU5MmM3YmRjNTgyLzEvMTM5RVRXX2xLWHJuSnNhVncwTVpQZjU2V1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMtMWU5MmM3YmRjNTgy
LzEvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7RMA0G
CSqGSIb3DQEBCwUAA4IBAQAEz4GlZp2FvdJwmmF8VM86azY8T3rLbeuqEQgk2QZE
Zi/fH5YrY6nUUICsK6bWvO5ThdM6EOf7Bym/siLDxfIEs/zGpJzceP8fk/9oZLzG
fMzZhCzkzJB4dbld8sJJy4jGIBsc0BFCCYCTBW2WzbOXndyFbaBR4i6BxncAsuK1
IIu6aNV8MXI4js137/QVQr7xPLqRJSWCW+1m9YlsbGt2O+QDFFvpY9CvckrPZ6VY
p/Q7zmeqerNgFEAceFvp7mYNhOaIyyJjhoaqmHKwAGxwZ8LIJZD24mlBG7uhTFqc
tjyutjdbNDP7LCE243HJEYslH8NhvM7LQeZkwNNZTGV3
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:18 2025 by rpki-client