Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/MF7gUqV1bP0pZdGtgxnh_eyO6I8.roa
File: MF7gUqV1bP0pZdGtgxnh_eyO6I8.roa (raw, json)
Hash identifier: 0JqiX5mWGDDw7xsSYSWlOWQFsyBT7AR0VxFuLt/fLTI=
Subject key identifier: 30:5E:E0:52:A5:75:6C:FD:29:65:D1:AD:83:19:E1:FD:EC:8E:E8:8F
Certificate issuer: /CN=d4a039aeee62103b288c6c8b9692cf5808743e21
Certificate serial: 018CC4923DB2F9A81F9A8AECB01691E19FC9
Authority key identifier: D4:A0:39:AE:EE:62:10:3B:28:8C:6C:8B:96:92:CF:58:08:74:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1KA5ru5iEDsojGyLlpLPWAh0PiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/MF7gUqV1bP0pZdGtgxnh_eyO6I8.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208772
IP address blocks: 91.216.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3d:b2:f9:a8:1f:9a:8a:ec:b0:16:91:e1:9f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4a039aeee62103b288c6c8b9692cf5808743e21
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=305ee052a5756cfd2965d1ad8319e1fdec8ee88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:f8:c9:9d:8c:cd:97:7f:8c:10:53:69:bf:
58:bd:05:f8:f9:7e:07:61:c3:55:bb:67:6b:a5:c5:
d8:0a:e8:14:2d:5f:1b:cd:8f:c8:0e:02:dd:74:d4:
cd:dc:4e:5f:b9:06:07:80:d7:75:c2:db:92:b2:1f:
43:c2:f4:8d:45:c2:9a:01:97:ad:15:b1:8a:a6:61:
d0:74:c1:cc:91:34:e0:bb:9a:c7:42:74:c5:c9:6f:
54:af:b2:eb:24:56:26:6e:71:46:5b:1a:9b:c9:ad:
5c:ec:2a:58:ba:5a:ee:2a:ce:88:e3:4c:d3:ab:fc:
5b:40:10:0a:83:ce:19:4a:1a:80:30:88:d0:22:f8:
24:47:7d:f7:2a:90:9e:6b:44:c5:46:8c:ab:12:5a:
63:a8:7a:f8:d6:72:69:88:27:af:a3:95:46:f4:d8:
ca:6b:ee:91:be:45:c8:bd:de:b2:7c:a1:3b:b5:50:
e6:bf:84:ed:f0:b8:7b:26:00:8d:5d:bc:d7:8e:bc:
08:76:ba:f0:78:33:d3:bb:62:fe:6c:79:37:97:06:
0a:0b:20:93:b6:8b:4e:e1:2f:1d:ee:98:61:6f:98:
46:a1:d3:63:96:9c:c1:3d:03:8f:77:13:50:0b:97:
14:20:19:b5:5e:8d:c5:49:a7:0b:f0:92:13:43:77:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:5E:E0:52:A5:75:6C:FD:29:65:D1:AD:83:19:E1:FD:EC:8E:E8:8F
X509v3 Authority Key Identifier:
keyid:D4:A0:39:AE:EE:62:10:3B:28:8C:6C:8B:96:92:CF:58:08:74:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1KA5ru5iEDsojGyLlpLPWAh0PiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/MF7gUqV1bP0pZdGtgxnh_eyO6I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e54e89-7b6b-417d-9bc9-62ce84f7075e/1/1KA5ru5iEDsojGyLlpLPWAh0PiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.35.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c3:d3:53:68:7b:96:7d:b8:8e:e2:95:28:ad:83:4b:f2:6d:
67:eb:03:a9:d3:0f:b1:14:56:6d:7c:2a:1c:83:60:bf:0c:e1:
bc:14:ed:7b:a1:72:75:c0:95:64:a2:96:33:fd:f5:59:07:cc:
0c:91:a9:8f:58:c5:c5:30:da:a8:da:a8:76:59:84:fd:64:64:
8a:45:08:e2:3c:f0:58:ab:6f:85:e2:39:8a:19:02:a8:d7:cb:
cb:0e:f5:02:3d:d0:dd:2b:f8:b9:f3:27:d6:0e:35:83:95:d0:
1b:06:58:7c:e3:70:ef:21:0c:f8:96:27:6a:85:c8:70:6a:91:
71:6e:2b:12:74:67:e6:74:05:55:cb:85:c2:b8:07:35:28:a2:
7f:96:59:94:b6:86:6e:9e:89:5c:10:df:9b:50:2a:e5:3e:ab:
cb:10:29:a1:0b:36:0a:d5:bb:61:ee:cb:e2:3f:08:0b:6d:db:
ff:9e:be:41:a4:9e:7f:4b:a5:73:54:43:79:b2:0a:83:ee:36:
ad:ef:ff:c0:c5:02:74:29:6b:92:05:70:e5:48:47:22:c2:ab:
34:32:da:dd:96:a6:f1:16:28:12:a7:66:70:06:ff:4a:20:09:
fe:cc:8a:74:c3:99:87:d5:ba:93:7e:09:8d:75:83:2d:8f:5a:
b0:7e:4b:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkj2y+agfmorssBaR4Z/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YTAzOWFlZWU2MjEwM2IyODhjNmM4Yjk2OTJjZjU4MDg3
NDNlMjEwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDVlZTA1MmE1NzU2Y2ZkMjk2NWQxYWQ4MzE5ZTFmZGVjOGVlODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBf4yZ2MzZd/jBBTab9YvQX4+X4H
YcNVu2drpcXYCugULV8bzY/IDgLddNTN3E5fuQYHgNd1wtuSsh9DwvSNRcKaAZet
FbGKpmHQdMHMkTTgu5rHQnTFyW9Ur7LrJFYmbnFGWxqbya1c7CpYulruKs6I40zT
q/xbQBAKg84ZShqAMIjQIvgkR333KpCea0TFRoyrElpjqHr41nJpiCevo5VG9NjK
a+6RvkXIvd6yfKE7tVDmv4Tt8Lh7JgCNXbzXjrwIdrrweDPTu2L+bHk3lwYKCyCT
totO4S8d7phhb5hGodNjlpzBPQOPdxNQC5cUIBm1Xo3FSacL8JITQ3fN/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBe4FKldWz9KWXRrYMZ4f3sjuiPMB8GA1UdIwQY
MBaAFNSgOa7uYhA7KIxsi5aSz1gIdD4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUtBNXJ1NWlFRHNvakd5TGxwTFBXQWgwUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNTRlODktN2I2Yi00MTdkLTliYzkt
NjJjZTg0ZjcwNzVlLzEvTUY3Z1VxVjFiUDBwWmRHdGd4bmhfZXlPNkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNTRlODktN2I2Yi00MTdkLTliYzktNjJjZTg0ZjcwNzVl
LzEvMUtBNXJ1NWlFRHNvakd5TGxwTFBXQWgwUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9gjMA0G
CSqGSIb3DQEBCwUAA4IBAQBgw9NTaHuWfbiO4pUorYNL8m1n6wOp0w+xFFZtfCoc
g2C/DOG8FO17oXJ1wJVkopYz/fVZB8wMkamPWMXFMNqo2qh2WYT9ZGSKRQjiPPBY
q2+F4jmKGQKo18vLDvUCPdDdK/i58yfWDjWDldAbBlh843DvIQz4lidqhchwapFx
bisSdGfmdAVVy4XCuAc1KKJ/llmUtoZunolcEN+bUCrlPqvLECmhCzYK1bth7svi
PwgLbdv/nr5BpJ5/S6VzVEN5sgqD7jat7//AxQJ0KWuSBXDlSEciwqs0Mtrdlqbx
FigSp2ZwBv9KIAn+zIp0w5mH1bqTfgmNdYMtj1qwfkvB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:35 2025 by rpki-client