Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6f12c1-9133-4a2b-9df8-9b537f63b75d/1/wk7ISzGYl2V1fpeD4vx1IBZ1UsY.roa
File: wk7ISzGYl2V1fpeD4vx1IBZ1UsY.roa (raw, json)
Hash identifier: tyZT0sA5TMVxQEAxWvBbtDc3QVM8WIdzPJMuKD1aEnE=
Subject key identifier: C2:4E:C8:4B:31:98:97:65:75:7E:97:83:E2:FC:75:20:16:75:52:C6
Certificate issuer: /CN=1838c5c22c976da65a1fd16e8f9c0c94e27a4ba6
Certificate serial: 01925174E796127578C0FDBD7AA612E9420F
Authority key identifier: 18:38:C5:C2:2C:97:6D:A6:5A:1F:D1:6E:8F:9C:0C:94:E2:7A:4B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDjFwiyXbaZaH9Fuj5wMlOJ6S6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6f12c1-9133-4a2b-9df8-9b537f63b75d/1/wk7ISzGYl2V1fpeD4vx1IBZ1UsY.roa
Signing time: Thu 03 Oct 2024 08:17:48 +0000
ROA not before: Thu 03 Oct 2024 08:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43986
IP address blocks: 91.198.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:74:e7:96:12:75:78:c0:fd:bd:7a:a6:12:e9:42:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1838c5c22c976da65a1fd16e8f9c0c94e27a4ba6
Validity
Not Before: Oct 3 08:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c24ec84b31989765757e9783e2fc7520167552c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:57:52:96:58:86:6b:2a:21:68:f7:99:dd:
5f:45:69:e2:8c:07:5a:06:a3:3d:19:c3:f0:e4:fd:
b3:ba:20:43:41:76:96:7a:fe:3b:04:73:99:57:a7:
0d:fc:a6:be:d7:df:de:01:47:f2:6f:e0:18:30:a7:
5f:bc:d7:49:85:7f:8e:cc:3c:b8:e1:4f:7b:f1:64:
74:37:4a:4e:00:e2:46:65:60:e9:10:be:c1:cb:38:
52:4a:51:69:70:0e:f4:f4:3a:14:6e:99:23:7f:c7:
6d:a6:c2:89:71:5f:f9:b7:34:bf:54:e7:fa:81:84:
31:71:88:29:c0:1e:bd:bf:01:4f:6b:f4:81:6d:4f:
53:52:47:d0:07:93:06:6f:11:da:37:0a:ef:2e:b5:
ac:8b:cf:5a:c2:f0:63:bd:42:b8:dd:d3:02:24:22:
36:fd:3e:03:f9:4c:73:ac:73:6b:dd:31:b9:0f:a0:
c5:a5:94:82:c7:07:78:dd:c4:1b:03:fe:23:72:1e:
c2:ee:15:c9:e9:2f:4c:f6:6b:bb:6f:26:1f:7b:ad:
53:06:a1:c7:8f:51:a1:13:cd:9d:6c:70:a6:1a:a1:
a8:0b:05:88:d7:53:4a:56:e0:67:ca:8e:f3:ec:3f:
0d:91:61:bd:b1:46:84:af:7e:8c:9e:d0:f1:cd:7d:
29:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4E:C8:4B:31:98:97:65:75:7E:97:83:E2:FC:75:20:16:75:52:C6
X509v3 Authority Key Identifier:
keyid:18:38:C5:C2:2C:97:6D:A6:5A:1F:D1:6E:8F:9C:0C:94:E2:7A:4B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDjFwiyXbaZaH9Fuj5wMlOJ6S6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6f12c1-9133-4a2b-9df8-9b537f63b75d/1/wk7ISzGYl2V1fpeD4vx1IBZ1UsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6f12c1-9133-4a2b-9df8-9b537f63b75d/1/GDjFwiyXbaZaH9Fuj5wMlOJ6S6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.237.0/24
Signature Algorithm: sha256WithRSAEncryption
65:85:0a:3b:03:7e:88:b4:f9:f0:91:49:a2:51:e6:51:85:75:
d4:e0:24:94:5e:19:58:4b:0a:9f:6f:62:e9:32:a2:78:ec:cd:
24:bd:f6:6c:bb:b9:61:ae:13:06:12:fc:6f:56:c6:2f:d3:5a:
58:ca:e9:9c:bc:db:f7:d0:c5:d1:09:1b:b1:5a:cb:f2:af:05:
29:98:41:40:48:fb:3c:b7:04:a8:ca:08:ec:76:91:fd:d3:35:
6c:fb:7b:5a:5a:0c:50:ea:b0:15:bc:fa:42:45:ab:df:e7:70:
fa:93:28:28:8b:ab:f4:0a:4a:2a:7f:a5:64:2c:5f:a3:7c:f2:
d5:4c:4c:03:22:f8:cc:dc:dd:7b:8e:42:c1:f7:c8:30:af:66:
0e:54:fb:5b:ef:51:e2:2c:a9:45:14:21:d2:34:50:ec:e8:7a:
a4:8a:d4:6a:0f:f7:a0:10:cd:c6:25:65:51:66:fe:a1:69:69:
83:55:98:ef:83:80:cb:ba:c2:3f:7f:07:0e:ce:54:1b:37:e3:
15:09:fd:0f:28:d2:83:e7:c9:41:dd:40:72:c4:a0:df:ad:f4:
b7:b7:ae:24:a1:1f:54:6a:f6:fe:15:3f:44:23:29:b5:53:51:
9b:e0:fb:ee:3d:9d:16:ad:e2:8c:25:b4:4e:89:46:ba:a3:d0:
04:2b:65:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRdOeWEnV4wP29eqYS6UIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzhjNWMyMmM5NzZkYTY1YTFmZDE2ZThmOWMwYzk0ZTI3
YTRiYTYwHhcNMjQxMDAzMDgxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRlYzg0YjMxOTg5NzY1NzU3ZTk3ODNlMmZjNzUyMDE2NzU1MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1lXUpZYhmsqIWj3md1fRWnijAda
BqM9GcPw5P2zuiBDQXaWev47BHOZV6cN/Ka+19/eAUfyb+AYMKdfvNdJhX+OzDy4
4U978WR0N0pOAOJGZWDpEL7ByzhSSlFpcA709DoUbpkjf8dtpsKJcV/5tzS/VOf6
gYQxcYgpwB69vwFPa/SBbU9TUkfQB5MGbxHaNwrvLrWsi89awvBjvUK43dMCJCI2
/T4D+UxzrHNr3TG5D6DFpZSCxwd43cQbA/4jch7C7hXJ6S9M9mu7byYfe61TBqHH
j1GhE82dbHCmGqGoCwWI11NKVuBnyo7z7D8NkWG9sUaEr36MntDxzX0pCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJOyEsxmJdldX6Xg+L8dSAWdVLGMB8GA1UdIwQY
MBaAFBg4xcIsl22mWh/Rbo+cDJTiekumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0RqRndpeVhiYVphSDlGdWo1d01sT0o2UzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82ZjEyYzEtOTEzMy00YTJiLTlkZjgt
OWI1MzdmNjNiNzVkLzEvd2s3SVN6R1lsMlYxZnBlRDR2eDFJQloxVXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82ZjEyYzEtOTEzMy00YTJiLTlkZjgtOWI1MzdmNjNiNzVk
LzEvR0RqRndpeVhiYVphSDlGdWo1d01sT0o2UzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8btMA0G
CSqGSIb3DQEBCwUAA4IBAQBlhQo7A36ItPnwkUmiUeZRhXXU4CSUXhlYSwqfb2Lp
MqJ47M0kvfZsu7lhrhMGEvxvVsYv01pYyumcvNv30MXRCRuxWsvyrwUpmEFASPs8
twSoygjsdpH90zVs+3taWgxQ6rAVvPpCRavf53D6kygoi6v0Ckoqf6VkLF+jfPLV
TEwDIvjM3N17jkLB98gwr2YOVPtb71HiLKlFFCHSNFDs6HqkitRqD/egEM3GJWVR
Zv6haWmDVZjvg4DLusI/fwcOzlQbN+MVCf0PKNKD58lB3UByxKDfrfS3t64koR9U
avb+FT9EIym1U1Gb4PvuPZ0WreKMJbROiUa6o9AEK2Ud
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:18 2025 by rpki-client