Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/r_eUJ3JQd8oFpunLMpezsuG47ZY.roa
File: r_eUJ3JQd8oFpunLMpezsuG47ZY.roa (raw, json)
Hash identifier: XV+mSO/EmB23qlGkGBMJqvyQ8NflNQ1qKi509eDKCU4=
Subject key identifier: AF:F7:94:27:72:50:77:CA:05:A6:E9:CB:32:97:B3:B2:E1:B8:ED:96
Certificate issuer: /CN=21cf53481d133bacf527868dba1b3763e3d6dda7
Certificate serial: 018D2BCCB23DED3C997CED3DB7734CEA9D78
Authority key identifier: 21:CF:53:48:1D:13:3B:AC:F5:27:86:8D:BA:1B:37:63:E3:D6:DD:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/r_eUJ3JQd8oFpunLMpezsuG47ZY.roa
Signing time: Sun 21 Jan 2024 11:34:11 +0000
ROA not before: Sun 21 Jan 2024 11:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197716
IP address blocks: 91.226.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2b:cc:b2:3d:ed:3c:99:7c:ed:3d:b7:73:4c:ea:9d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cf53481d133bacf527868dba1b3763e3d6dda7
Validity
Not Before: Jan 21 11:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aff79427725077ca05a6e9cb3297b3b2e1b8ed96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:75:c7:41:e9:a6:4a:f5:11:94:68:f6:c8:
cd:a9:8a:fe:26:56:75:5b:47:ca:88:cc:4c:46:67:
92:08:08:2d:e6:92:06:ac:db:71:c2:c0:f2:f6:21:
ef:e5:5a:ac:6b:29:4e:94:3f:6d:48:0c:68:8b:c8:
6f:2b:53:ac:f2:b9:90:19:55:82:4a:01:52:eb:8f:
97:9b:9f:f4:5a:a9:d9:39:9c:6f:c0:da:d0:e8:a7:
71:ac:ff:59:b6:5c:eb:0d:f9:db:21:34:f1:fa:99:
09:9b:43:0b:f7:c4:65:8b:80:f3:3e:ef:24:d4:e6:
69:a2:f7:36:9e:1b:60:dd:30:5b:ec:5f:22:0f:57:
32:47:d0:60:28:6e:74:ed:ab:3d:dd:e2:6d:71:1e:
70:8e:50:b9:00:8a:78:a4:d1:22:52:38:82:da:43:
25:fe:2c:aa:c1:1a:8b:58:e6:ec:b4:74:03:ec:82:
19:5b:e4:1f:28:7a:d5:05:3b:0a:f3:04:3c:6e:a8:
a2:f1:09:e9:16:6b:06:cd:4d:49:de:c6:8b:77:57:
0e:b4:71:0b:5e:35:2a:5e:f1:35:bd:5a:86:ad:3d:
be:ef:34:b9:0d:26:5b:f4:48:5e:8e:30:f1:ff:34:
82:9b:0f:8c:4e:bf:c2:62:6c:8b:5c:36:fb:9c:13:
01:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F7:94:27:72:50:77:CA:05:A6:E9:CB:32:97:B3:B2:E1:B8:ED:96
X509v3 Authority Key Identifier:
keyid:21:CF:53:48:1D:13:3B:AC:F5:27:86:8D:BA:1B:37:63:E3:D6:DD:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/r_eUJ3JQd8oFpunLMpezsuG47ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.8.0/23
Signature Algorithm: sha256WithRSAEncryption
74:4b:ce:c2:77:0c:40:39:7b:77:65:d1:1a:14:c8:87:39:83:
dc:07:c4:b2:35:a3:b3:d7:11:5b:25:55:02:f4:a6:ca:84:f2:
8b:26:9b:da:7a:b2:1b:be:5e:8b:21:f8:a4:7a:9b:9c:da:9c:
73:e1:d0:0e:26:b2:06:42:43:1c:55:ce:e3:ea:d0:3d:d2:e7:
8c:20:cd:19:7d:08:ef:de:5e:0d:4b:41:a8:81:28:67:ab:c7:
04:79:d6:67:d1:3a:b7:a8:35:b9:d5:d4:68:c7:e6:60:66:6f:
88:61:1b:8d:31:8c:1e:63:da:8b:af:21:7c:f8:51:d3:a0:d9:
f4:e4:96:a8:f6:90:28:d6:34:16:86:43:52:09:dc:2c:f9:76:
be:2f:2a:64:97:1f:6e:66:27:36:17:5f:88:85:d8:eb:c2:b0:
d7:e9:7f:40:a2:3e:d2:b4:c4:c1:48:4e:f5:3d:d5:4d:f4:97:
a0:67:fb:54:a0:4f:95:bb:22:82:d6:a9:33:55:0f:e4:fd:7b:
bf:6b:67:88:82:70:f4:98:e5:14:fe:f2:d2:aa:84:5d:0a:56:
b2:eb:02:93:f9:c1:41:b8:2d:33:c3:e0:88:f6:d6:8f:c4:18:
29:bb:36:b1:99:65:4b:6c:b1:03:a8:b8:4e:ab:5b:05:29:7d:
d7:1e:9f:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0rzLI97TyZfO09t3NM6p14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2Y1MzQ4MWQxMzNiYWNmNTI3ODY4ZGJhMWIzNzYzZTNk
NmRkYTcwHhcNMjQwMTIxMTEzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY3OTQyNzcyNTA3N2NhMDVhNmU5Y2IzMjk3YjNiMmUxYjhlZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgct1x0Hppkr1EZRo9sjNqYr+JlZ1
W0fKiMxMRmeSCAgt5pIGrNtxwsDy9iHv5VqsaylOlD9tSAxoi8hvK1Os8rmQGVWC
SgFS64+Xm5/0WqnZOZxvwNrQ6KdxrP9ZtlzrDfnbITTx+pkJm0ML98Rli4DzPu8k
1OZpovc2nhtg3TBb7F8iD1cyR9BgKG507as93eJtcR5wjlC5AIp4pNEiUjiC2kMl
/iyqwRqLWObstHQD7IIZW+QfKHrVBTsK8wQ8bqii8QnpFmsGzU1J3saLd1cOtHEL
XjUqXvE1vVqGrT2+7zS5DSZb9EhejjDx/zSCmw+MTr/CYmyLXDb7nBMB+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/3lCdyUHfKBabpyzKXs7LhuO2WMB8GA1UdIwQY
MBaAFCHPU0gdEzus9SeGjbobN2Pj1t2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWM5VFNCMFRPNnoxSjRhTnVoczNZLVBXM2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS83MjViODgtYzUyMy00MzEzLTllMzAt
MDJjMWUxOWE3MWQ1LzEvcl9lVUozSlFkOG9GcHVuTE1wZXpzdUc0N1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS83MjViODgtYzUyMy00MzEzLTllMzAtMDJjMWUxOWE3MWQ1
LzEvSWM5VFNCMFRPNnoxSjRhTnVoczNZLVBXM2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+IIMA0G
CSqGSIb3DQEBCwUAA4IBAQB0S87CdwxAOXt3ZdEaFMiHOYPcB8SyNaOz1xFbJVUC
9KbKhPKLJpvaerIbvl6LIfikepuc2pxz4dAOJrIGQkMcVc7j6tA90ueMIM0ZfQjv
3l4NS0GogShnq8cEedZn0Tq3qDW51dRox+ZgZm+IYRuNMYweY9qLryF8+FHToNn0
5Jao9pAo1jQWhkNSCdws+Xa+Lypklx9uZic2F1+IhdjrwrDX6X9Aoj7StMTBSE71
PdVN9JegZ/tUoE+VuyKC1qkzVQ/k/Xu/a2eIgnD0mOUU/vLSqoRdClay6wKT+cFB
uC0zw+CI9taPxBgpuzaxmWVLbLEDqLhOq1sFKX3XHp+0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:06 2025 by rpki-client