Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/oYKwWbsFdcq9f-ZzrwTeQ1IrbKc.roa
File: oYKwWbsFdcq9f-ZzrwTeQ1IrbKc.roa (raw, json)
Hash identifier: eFUATRu+3/m0yJvgx9EgsppXb596wNYzeNqMSXvQ75E=
Subject key identifier: A1:82:B0:59:BB:05:75:CA:BD:7F:E6:73:AF:04:DE:43:52:2B:6C:A7
Certificate issuer: /CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Certificate serial: 018CC86FAAD00DD7E599506B8941A6E5526C
Authority key identifier: F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/oYKwWbsFdcq9f-ZzrwTeQ1IrbKc.roa
Signing time: Tue 02 Jan 2024 04:30:10 +0000
ROA not before: Tue 02 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43164
IP address blocks: 91.198.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:aa:d0:0d:d7:e5:99:50:6b:89:41:a6:e5:52:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f85d04e6c50ba906f9ac11c2e75bf3f5d1042a62
Validity
Not Before: Jan 2 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a182b059bb0575cabd7fe673af04de43522b6ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f0:d9:48:7f:48:2c:5d:b9:b5:62:fe:00:12:
6a:b7:e1:27:46:5e:8a:29:38:a3:af:1d:27:33:9e:
32:35:7f:11:0b:1c:61:60:cb:c1:15:e4:6d:37:d1:
c1:bc:71:4e:f9:e8:57:ee:1b:30:21:1c:fd:e1:55:
fb:4a:e9:fe:b1:85:66:b4:f2:6d:36:1d:ff:ad:81:
8c:be:95:1f:94:d6:fd:bb:0f:29:cf:af:e4:77:eb:
82:93:07:07:f7:ad:f4:a8:fe:23:fe:c9:6a:5b:62:
70:ad:e2:ec:29:cd:bb:80:83:c6:a6:8e:d3:e9:b5:
ea:08:1b:a2:d7:f7:da:b8:ba:5f:76:a3:8d:67:e2:
15:0e:65:cf:0f:8a:f3:8b:be:b4:d1:b0:ee:98:bc:
80:3c:6d:67:d6:20:be:b5:30:f0:ad:3a:fb:8b:a6:
40:df:49:67:06:02:fe:75:c5:2b:55:5b:63:3e:4d:
a3:46:b9:d3:65:46:be:46:cc:da:f5:26:02:12:fb:
67:a9:56:00:61:72:ea:b5:da:49:2f:42:8f:4a:40:
84:8f:7f:e7:40:98:59:8d:a8:95:00:dd:ea:6f:41:
81:f9:28:6b:46:dd:fb:a7:09:4c:25:89:6a:0a:e0:
fe:f0:e6:58:6f:74:33:d3:90:93:78:fc:a2:8b:c7:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:82:B0:59:BB:05:75:CA:BD:7F:E6:73:AF:04:DE:43:52:2B:6C:A7
X509v3 Authority Key Identifier:
keyid:F8:5D:04:E6:C5:0B:A9:06:F9:AC:11:C2:E7:5B:F3:F5:D1:04:2A:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0E5sULqQb5rBHC51vz9dEEKmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/oYKwWbsFdcq9f-ZzrwTeQ1IrbKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e3aa31-964f-4a81-bcee-de8c26202b17/1/1-F0E5sULqQb5rBHC51vz9dEEKmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:ba:34:44:ad:1c:fd:cf:9d:ca:b2:c6:5c:82:c4:07:d1:40:
63:8d:31:54:2c:84:19:56:88:0f:cd:ee:34:f4:a8:6a:6b:58:
9a:36:38:cd:b7:b6:24:c3:01:24:cf:10:c7:54:7c:84:4d:37:
53:32:91:5b:b1:15:da:af:0c:69:f7:97:95:c0:39:8b:ce:b4:
05:36:d6:d7:12:63:1c:63:bf:94:ef:ee:cf:04:3f:e8:19:85:
84:73:d4:c9:32:b7:40:22:a7:d2:af:8d:35:1c:b2:bf:c3:4e:
0c:29:27:ce:98:84:67:9f:4b:c0:9b:91:6d:2d:bf:d3:09:f4:
2f:d2:bd:05:90:d0:28:3e:81:af:10:e6:57:09:cc:f0:8c:72:
dc:60:71:a2:b2:55:44:fd:c6:7b:fa:b5:32:f4:88:72:78:e9:
e2:04:2d:20:7f:50:36:79:d5:04:bf:5a:01:1e:93:e6:92:d1:
0f:29:31:6c:45:a1:d5:88:3c:89:20:00:fe:bb:a2:d6:cf:18:
0c:f4:18:d3:5d:fa:31:2c:90:e3:f6:0e:d0:3b:d0:77:86:1b:
9b:47:0e:8a:02:cc:aa:4f:74:27:2a:bb:d9:33:77:9d:c1:33:
bd:b5:7d:9b:f1:ed:b3:18:b2:66:ef:b3:94:86:38:03:5e:eb:
19:7a:25:4f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIb6rQDdflmVBriUGm5VJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NWQwNGU2YzUwYmE5MDZmOWFjMTFjMmU3NWJmM2Y1ZDEw
NDJhNjIwHhcNMjQwMTAyMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgyYjA1OWJiMDU3NWNhYmQ3ZmU2NzNhZjA0ZGU0MzUyMmI2Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfDZSH9ILF25tWL+ABJqt+EnRl6K
KTijrx0nM54yNX8RCxxhYMvBFeRtN9HBvHFO+ehX7hswIRz94VX7Sun+sYVmtPJt
Nh3/rYGMvpUflNb9uw8pz6/kd+uCkwcH9630qP4j/slqW2JwreLsKc27gIPGpo7T
6bXqCBui1/fauLpfdqONZ+IVDmXPD4rzi7600bDumLyAPG1n1iC+tTDwrTr7i6ZA
30lnBgL+dcUrVVtjPk2jRrnTZUa+Rsza9SYCEvtnqVYAYXLqtdpJL0KPSkCEj3/n
QJhZjaiVAN3qb0GB+ShrRt37pwlMJYlqCuD+8OZYb3Qz05CTePyii8d+ZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKGCsFm7BXXKvX/mc68E3kNSK2ynMB8GA1UdIwQY
MBaAFPhdBObFC6kG+awRwudb8/XRBCpiMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GMEU1c1VMcVFiNXJCSEM1MXZ6OWRFRUttSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvZTNhYTMxLTk2NGYtNGE4MS1iY2Vl
LWRlOGMyNjIwMmIxNy8xL29ZS3dXYnNGZGNxOWYtWnpyd1RlUTFJcmJLYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvZTNhYTMxLTk2NGYtNGE4MS1iY2VlLWRlOGMyNjIwMmIx
Ny8xLzEtRjBFNXNVTHFRYjVyQkhDNTF2ejlkRUVLbUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbxgAw
DQYJKoZIhvcNAQELBQADggEBAC+6NEStHP3PncqyxlyCxAfRQGONMVQshBlWiA/N
7jT0qGprWJo2OM23tiTDASTPEMdUfIRNN1MykVuxFdqvDGn3l5XAOYvOtAU21tcS
Yxxjv5Tv7s8EP+gZhYRz1Mkyt0Aip9KvjTUcsr/DTgwpJ86YhGefS8CbkW0tv9MJ
9C/SvQWQ0Cg+ga8Q5lcJzPCMctxgcaKyVUT9xnv6tTL0iHJ46eIELSB/UDZ51QS/
WgEek+aS0Q8pMWxFodWIPIkgAP67otbPGAz0GNNd+jEskOP2DtA70HeGG5tHDooC
zKpPdCcqu9kzd53BM721fZvx7bMYsmbvs5SGOANe6xl6JU8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:25 2025 by rpki-client