Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/Iz9_qBhOCfRurrmvnv9aXORg34I.roa
File: Iz9_qBhOCfRurrmvnv9aXORg34I.roa (raw, json)
Hash identifier: ficu8vYOdtebtP/j/T5+fgJvW2welZlELEiy28M8rXg=
Subject key identifier: 23:3F:7F:A8:18:4E:09:F4:6E:AE:B9:AF:9E:FF:5A:5C:E4:60:DF:82
Certificate issuer: /CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Certificate serial: 0192E84FE0A02C54812F441BBD9EF2318191
Authority key identifier: 58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/Iz9_qBhOCfRurrmvnv9aXORg34I.roa
Signing time: Fri 01 Nov 2024 15:20:01 +0000
ROA not before: Fri 01 Nov 2024 15:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212598
IP address blocks: 91.142.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e8:4f:e0:a0:2c:54:81:2f:44:1b:bd:9e:f2:31:81:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Validity
Not Before: Nov 1 15:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=233f7fa8184e09f46eaeb9af9eff5a5ce460df82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fc:b7:55:5b:ad:8b:9a:da:54:3e:16:f6:fb:
28:a0:42:88:f7:6d:5c:ab:75:90:10:d2:48:3b:22:
1e:68:c0:cd:44:c5:30:7d:22:64:aa:28:77:cf:57:
4b:95:72:47:41:45:4d:f7:77:71:a5:93:4f:be:cf:
41:3c:a3:df:fb:d8:7c:e9:96:50:68:05:72:15:ec:
2b:65:9b:a6:73:9b:1a:03:0c:d3:91:a3:09:c1:5b:
3e:24:b3:b1:05:9e:0a:84:f7:bb:a5:fb:08:de:f9:
b2:db:9d:5f:06:b5:55:6d:9b:39:53:c9:70:53:7a:
cc:80:2c:f8:81:c9:61:43:9a:bd:3e:cf:2b:62:ed:
c2:cf:9f:33:ea:7e:7e:ae:f8:d5:ff:61:00:d8:d5:
21:43:ee:78:6d:9f:f4:31:6e:7f:fe:76:b0:b7:cb:
07:ce:83:fa:e7:e3:39:a7:b5:14:d1:64:fa:7e:1e:
15:c5:b1:11:f4:d7:88:cc:d7:40:b9:10:10:5c:8c:
36:db:a1:f5:91:1c:a1:2b:72:a0:0e:98:8d:81:f2:
ac:ce:ec:45:69:91:7c:f7:d9:09:bb:9c:4e:a5:a3:
72:aa:b1:f6:a1:9a:21:49:5a:20:65:22:ed:05:55:
54:ff:83:7d:d8:46:c0:2c:6d:55:8f:0e:3e:8f:42:
09:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3F:7F:A8:18:4E:09:F4:6E:AE:B9:AF:9E:FF:5A:5C:E4:60:DF:82
X509v3 Authority Key Identifier:
keyid:58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/Iz9_qBhOCfRurrmvnv9aXORg34I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.130.0/24
Signature Algorithm: sha256WithRSAEncryption
82:36:5a:28:78:89:14:ee:2e:f2:fd:60:ab:e2:fd:34:ba:84:
6c:a6:e1:30:9d:c3:7c:57:96:92:4e:64:de:e5:14:9e:2b:67:
71:0e:1c:70:80:65:97:04:69:7c:94:c6:00:38:47:30:d2:29:
cc:f9:87:d1:8a:33:25:65:7f:91:1f:ff:42:9f:bb:ae:aa:87:
41:b9:ac:c2:e7:7f:35:d4:b3:1c:48:6d:8a:b0:c2:2c:89:10:
31:7c:4f:5a:73:ab:6e:35:d2:e8:57:18:3b:fe:7c:ce:9e:46:
2e:6d:e0:cd:e2:fd:99:90:ad:de:aa:69:ab:5c:ae:35:25:a0:
46:f7:70:67:e6:c7:64:05:43:c0:f6:96:d3:a5:c0:dc:2d:44:
8e:b9:37:3b:b3:0f:97:9e:bd:8f:d0:5c:63:5e:bb:96:b6:1c:
a6:a6:55:44:1e:40:51:84:76:1c:56:e6:74:0e:06:48:7b:d8:
93:38:27:b4:3a:6a:6f:a5:41:f7:16:3a:14:c5:66:41:31:31:
d2:1e:16:4b:aa:98:5f:35:e1:be:95:8f:e8:1c:05:3c:1e:fa:
b4:cf:7c:9b:7a:7f:bb:32:24:81:aa:c0:16:de:c3:6c:7c:30:
34:59:be:ce:a4:d8:55:7d:d3:93:cc:1a:94:ee:cb:ff:0e:45:
b6:dd:f4:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLoT+CgLFSBL0QbvZ7yMYGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmM3NGZjNTliN2FiMDk2YTI1N2QzYjYyOTlkMmY2ZmRh
NDZhODAwHhcNMjQxMTAxMTUyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNmN2ZhODE4NGUwOWY0NmVhZWI5YWY5ZWZmNWE1Y2U0NjBkZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/y3VVuti5raVD4W9vsooEKI921c
q3WQENJIOyIeaMDNRMUwfSJkqih3z1dLlXJHQUVN93dxpZNPvs9BPKPf+9h86ZZQ
aAVyFewrZZumc5saAwzTkaMJwVs+JLOxBZ4KhPe7pfsI3vmy251fBrVVbZs5U8lw
U3rMgCz4gclhQ5q9Ps8rYu3Cz58z6n5+rvjV/2EA2NUhQ+54bZ/0MW5//nawt8sH
zoP65+M5p7UU0WT6fh4VxbER9NeIzNdAuRAQXIw226H1kRyhK3KgDpiNgfKszuxF
aZF899kJu5xOpaNyqrH2oZohSVogZSLtBVVU/4N92EbALG1Vjw4+j0IJaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCM/f6gYTgn0bq65r57/WlzkYN+CMB8GA1UdIwQY
MBaAFFgsdPxZt6sJaiV9O2KZ0vb9pGqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUt
ZjllZmMwNDU3ZmI5LzEvSXo5X3FCaE9DZlJ1cnJtdm52OWFYT1JnMzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUtZjllZmMwNDU3ZmI5
LzEvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46CMA0G
CSqGSIb3DQEBCwUAA4IBAQCCNlooeIkU7i7y/WCr4v00uoRspuEwncN8V5aSTmTe
5RSeK2dxDhxwgGWXBGl8lMYAOEcw0inM+YfRijMlZX+RH/9Cn7uuqodBuazC5381
1LMcSG2KsMIsiRAxfE9ac6tuNdLoVxg7/nzOnkYubeDN4v2ZkK3eqmmrXK41JaBG
93Bn5sdkBUPA9pbTpcDcLUSOuTc7sw+Xnr2P0FxjXruWthymplVEHkBRhHYcVuZ0
DgZIe9iTOCe0OmpvpUH3FjoUxWZBMTHSHhZLqphfNeG+lY/oHAU8Hvq0z3yben+7
MiSBqsAW3sNsfDA0Wb7OpNhVfdOTzBqU7sv/DkW23fSq
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:20:01 2025 by rpki-client