Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/gggO8DVV7iZwCSasEaLPQ42soKk.roa
File: gggO8DVV7iZwCSasEaLPQ42soKk.roa (raw, json)
Hash identifier: 8+/dNDI7lcw8y3xnk3m03RDxAtchKvl9eJ6s7qo82gU=
Subject key identifier: 82:08:0E:F0:35:55:EE:26:70:09:26:AC:11:A2:CF:43:8D:AC:A0:A9
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 018CC94D7CA6B02F1B9F90D3C87606716257
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/gggO8DVV7iZwCSasEaLPQ42soKk.roa
Signing time: Tue 02 Jan 2024 08:32:27 +0000
ROA not before: Tue 02 Jan 2024 08:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50942
IP address blocks: 91.207.26.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:7c:a6:b0:2f:1b:9f:90:d3:c8:76:06:71:62:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Jan 2 08:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82080ef03555ee26700926ac11a2cf438daca0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d0:39:4d:5d:c0:fb:ff:71:5f:77:45:47:1f:
b1:62:78:f2:92:eb:84:58:a2:ca:5a:65:58:a7:bc:
01:d4:7e:55:7c:94:7d:90:b4:9f:e3:71:65:6a:66:
44:2c:aa:95:51:af:e7:11:d9:b0:98:17:06:62:9d:
25:70:87:98:8b:96:ec:08:54:23:57:dd:61:61:f5:
24:01:ea:79:5f:54:1e:02:69:00:a7:2d:96:25:89:
52:bb:98:87:8b:55:b9:08:a1:0d:dc:d1:c2:47:0b:
e2:27:fa:c2:e1:e9:61:df:84:39:c2:2b:64:1a:69:
a1:49:7d:01:9d:8a:de:5b:9d:f8:e8:4c:14:c7:b4:
57:44:c4:61:50:ca:b0:04:15:06:65:e7:25:91:45:
73:ad:fd:a9:39:c6:4d:7b:8c:c3:de:6f:70:bf:e4:
8c:92:22:d8:b5:15:38:dd:a2:61:2b:6a:84:17:a8:
e9:2b:51:90:2e:fd:54:ba:d0:1e:16:1d:15:32:71:
51:42:b5:d1:99:07:13:11:f2:ec:84:e2:1d:7f:a8:
e2:91:27:d2:8c:b5:53:79:76:04:0f:9b:58:da:31:
0e:ab:fb:02:7e:66:bd:9c:ec:37:b2:36:05:d0:45:
ed:81:77:9a:04:e3:1b:2a:1c:18:b7:87:a3:8e:9e:
10:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:08:0E:F0:35:55:EE:26:70:09:26:AC:11:A2:CF:43:8D:AC:A0:A9
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/gggO8DVV7iZwCSasEaLPQ42soKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.26.0/23
Signature Algorithm: sha256WithRSAEncryption
40:4c:76:4f:bc:36:79:8a:ea:4c:e5:b6:1f:5b:c7:06:86:48:
a0:70:51:48:69:8f:a9:54:0c:9d:3b:c2:66:da:be:f4:a5:c8:
74:ab:65:9b:a9:d8:d1:f2:01:d8:b0:c8:b2:1c:48:26:e9:f9:
90:4f:81:a0:0f:36:7b:7a:ae:94:16:04:04:04:d0:af:97:75:
4a:aa:2c:24:66:f4:f1:2d:d6:c1:c8:89:d9:75:7b:68:6e:dc:
87:a7:d1:c2:67:bd:0f:07:8a:d6:0e:a5:06:e8:fd:b7:60:a1:
41:ef:ed:43:de:9a:88:6c:63:93:45:21:e0:d4:94:85:b3:49:
7f:fa:a0:d7:b6:1c:d7:b7:a6:e3:be:ea:4a:bc:c3:d0:38:7f:
0f:ee:bf:58:0d:9c:4e:36:51:d1:1e:ff:d9:ee:e0:61:5a:15:
67:f9:a6:30:2e:64:48:ca:9d:b3:23:98:ad:da:00:50:48:a3:
cc:a7:87:09:52:1c:69:ee:b3:73:f5:23:8b:d5:6b:75:c7:4f:
74:6e:60:77:9b:d8:47:12:6f:56:84:ae:7f:52:d9:da:45:ac:
c9:e8:c8:57:c4:5a:0b:c0:28:89:ec:b4:50:6e:20:29:87:85:
4b:ae:1f:fe:87:26:f5:8a:13:ca:d2:58:52:9e:a0:ac:f9:9a:
fd:6d:d3:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTXymsC8bn5DTyHYGcWJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjQwMTAyMDgzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjA4MGVmMDM1NTVlZTI2NzAwOTI2YWMxMWEyY2Y0MzhkYWNhMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntA5TV3A+/9xX3dFRx+xYnjykuuE
WKLKWmVYp7wB1H5VfJR9kLSf43FlamZELKqVUa/nEdmwmBcGYp0lcIeYi5bsCFQj
V91hYfUkAep5X1QeAmkApy2WJYlSu5iHi1W5CKEN3NHCRwviJ/rC4elh34Q5witk
GmmhSX0BnYreW5346EwUx7RXRMRhUMqwBBUGZeclkUVzrf2pOcZNe4zD3m9wv+SM
kiLYtRU43aJhK2qEF6jpK1GQLv1UutAeFh0VMnFRQrXRmQcTEfLshOIdf6jikSfS
jLVTeXYED5tY2jEOq/sCfma9nOw3sjYF0EXtgXeaBOMbKhwYt4ejjp4QIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIIDvA1Ve4mcAkmrBGiz0ONrKCpMB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvZ2dnTzhEVlY3aVp3Q1Nhc0VhTFBRNDJzb0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW88aMA0G
CSqGSIb3DQEBCwUAA4IBAQBATHZPvDZ5iupM5bYfW8cGhkigcFFIaY+pVAydO8Jm
2r70pch0q2WbqdjR8gHYsMiyHEgm6fmQT4GgDzZ7eq6UFgQEBNCvl3VKqiwkZvTx
LdbByInZdXtobtyHp9HCZ70PB4rWDqUG6P23YKFB7+1D3pqIbGOTRSHg1JSFs0l/
+qDXthzXt6bjvupKvMPQOH8P7r9YDZxONlHRHv/Z7uBhWhVn+aYwLmRIyp2zI5it
2gBQSKPMp4cJUhxp7rNz9SOL1Wt1x090bmB3m9hHEm9WhK5/UtnaRazJ6MhXxFoL
wCiJ7LRQbiAph4VLrh/+hyb1ihPK0lhSnqCs+Zr9bdME
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:23 2025 by rpki-client