Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o8i3RhoMTBK-W7fBQ_jXHkAcmAg.roa
File: o8i3RhoMTBK-W7fBQ_jXHkAcmAg.roa (raw, json)
Hash identifier: jmAd2eMZzsXyHZR5lmRcczi4phqy+qJp+POhLyx2+Xg=
Subject key identifier: A3:C8:B7:46:1A:0C:4C:12:BE:5B:B7:C1:43:F8:D7:1E:40:1C:98:08
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 018E14EDEEDB25F8BBDA2940CF0E5D6006E4
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o8i3RhoMTBK-W7fBQ_jXHkAcmAg.roa
Signing time: Wed 06 Mar 2024 18:02:01 +0000
ROA not before: Wed 06 Mar 2024 18:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210895
IP address blocks: 91.198.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:ed:ee:db:25:f8:bb:da:29:40:cf:0e:5d:60:06:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Mar 6 18:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3c8b7461a0c4c12be5bb7c143f8d71e401c9808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ed:8d:a8:d2:26:e7:0e:1b:d0:7c:4c:98:94:
87:83:c6:0f:3b:b7:d9:2e:f8:2d:3b:03:63:d2:cd:
5f:84:19:35:67:83:74:64:de:f5:b6:7c:7e:81:94:
d3:a3:91:79:c2:48:d6:ed:ee:d0:6c:b9:83:51:c0:
bd:c4:97:fd:17:6d:da:32:a8:b3:31:a9:6b:e8:d7:
44:14:2b:b3:7b:cf:91:55:f0:d8:3e:d1:a6:df:26:
d0:ec:69:6d:63:88:3a:f9:61:65:0e:0e:ac:72:df:
6f:ea:68:c1:63:d7:f8:ac:1e:e1:da:66:af:ab:b8:
49:e1:2d:09:d1:14:75:7d:ba:6c:c1:f8:31:2b:b6:
6b:70:82:6d:3c:3c:b7:39:3d:8e:3a:e7:67:7f:76:
54:ac:12:11:5b:3b:67:4d:d9:32:2c:0e:f6:be:a2:
fb:fd:c5:89:60:68:a5:43:7b:a0:d8:77:02:76:6a:
34:d5:5b:a1:64:59:3c:6b:c9:de:91:91:73:e0:c5:
6c:19:4d:f6:73:d1:ae:90:23:5c:3e:c5:46:0e:13:
e7:3b:3e:22:38:e4:ff:3b:85:69:92:d2:80:00:10:
6f:57:d8:bd:96:ab:93:b7:92:ba:fb:22:7b:05:26:
19:22:df:c9:41:8e:1f:e7:ed:bc:58:4d:cf:b0:03:
6d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C8:B7:46:1A:0C:4C:12:BE:5B:B7:C1:43:F8:D7:1E:40:1C:98:08
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o8i3RhoMTBK-W7fBQ_jXHkAcmAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b0:1f:74:42:c7:f3:00:d6:6d:cd:42:fd:7f:20:53:fc:a4:
0e:d6:45:47:1a:d1:30:bc:24:ff:1e:a8:10:33:76:6f:8c:99:
59:86:2e:ba:8e:d0:c8:c2:b8:31:3f:1b:50:5a:10:df:ac:ca:
f6:a8:57:9e:99:9a:6c:5b:52:ec:4a:ab:c0:44:45:57:fa:44:
da:48:96:c7:51:eb:d4:be:46:29:46:cc:62:3f:f8:2c:0f:4d:
60:de:aa:bc:0c:91:88:f3:3a:44:fe:e6:76:43:02:05:90:67:
23:b5:18:64:f2:63:86:e1:e3:5d:0d:41:ae:36:a0:45:04:44:
16:6d:57:ba:75:73:f9:5f:c2:3a:2c:15:0b:01:03:22:93:56:
e4:ad:18:a2:ad:bf:fa:6a:78:1d:45:65:7c:8e:c6:b6:e9:77:
a6:1f:33:11:0d:b4:c8:d6:43:f7:cd:8e:4a:8b:c9:49:ce:59:
49:cb:69:76:cc:bd:e1:d8:cb:83:be:ea:32:6d:f6:32:1c:01:
67:b5:1e:3b:37:6b:f2:51:6a:bf:f6:7a:f0:9c:ca:cb:cc:cd:
e5:f4:53:bc:e3:71:0e:18:49:a5:22:71:95:d6:3e:c3:d9:3d:
56:b9:df:19:f8:2c:6d:e2:24:aa:b7:fe:5d:cb:4b:89:d3:ac:
2a:2b:4c:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4U7e7bJfi72ilAzw5dYAbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwMzA2MTgwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M4Yjc0NjFhMGM0YzEyYmU1YmI3YzE0M2Y4ZDcxZTQwMWM5ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu2NqNIm5w4b0HxMmJSHg8YPO7fZ
LvgtOwNj0s1fhBk1Z4N0ZN71tnx+gZTTo5F5wkjW7e7QbLmDUcC9xJf9F23aMqiz
Malr6NdEFCuze8+RVfDYPtGm3ybQ7GltY4g6+WFlDg6sct9v6mjBY9f4rB7h2mav
q7hJ4S0J0RR1fbpswfgxK7ZrcIJtPDy3OT2OOudnf3ZUrBIRWztnTdkyLA72vqL7
/cWJYGilQ3ug2HcCdmo01VuhZFk8a8nekZFz4MVsGU32c9GukCNcPsVGDhPnOz4i
OOT/O4VpktKAABBvV9i9lquTt5K6+yJ7BSYZIt/JQY4f5+28WE3PsANtXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPIt0YaDEwSvlu3wUP41x5AHJgIMB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvbzhpM1Job01UQkstVzdmQlFfalhIa0FjbUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8amMA0G
CSqGSIb3DQEBCwUAA4IBAQAusB90QsfzANZtzUL9fyBT/KQO1kVHGtEwvCT/HqgQ
M3ZvjJlZhi66jtDIwrgxPxtQWhDfrMr2qFeemZpsW1LsSqvAREVX+kTaSJbHUevU
vkYpRsxiP/gsD01g3qq8DJGI8zpE/uZ2QwIFkGcjtRhk8mOG4eNdDUGuNqBFBEQW
bVe6dXP5X8I6LBULAQMik1bkrRiirb/6angdRWV8jsa26XemHzMRDbTI1kP3zY5K
i8lJzllJy2l2zL3h2MuDvuoybfYyHAFntR47N2vyUWq/9nrwnMrLzM3l9FO843EO
GEmlInGV1j7D2T1Wud8Z+Cxt4iSqt/5dy0uJ06wqK0zG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:03 2025 by rpki-client