Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/8zt7vhpxVZSGXd44_jz989I7BKw.roa
File: 8zt7vhpxVZSGXd44_jz989I7BKw.roa (raw, json)
Hash identifier: 3P2AoYxGRqE0b2yiT8kx6Azq5ez30+MxUoRCqnjeO0Q=
Subject key identifier: F3:3B:7B:BE:1A:71:55:94:86:5D:DE:38:FE:3C:FD:F3:D2:3B:04:AC
Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e
Certificate serial: 018F05367F4DE4935FC4E457B9B885B1C65B
Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/8zt7vhpxVZSGXd44_jz989I7BKw.roa
Signing time: Mon 22 Apr 2024 09:50:08 +0000
ROA not before: Mon 22 Apr 2024 09:50:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208716
IP address blocks: 91.220.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:36:7f:4d:e4:93:5f:c4:e4:57:b9:b8:85:b1:c6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e
Validity
Not Before: Apr 22 09:50:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f33b7bbe1a715594865dde38fe3cfdf3d23b04ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:43:02:1e:04:0c:10:b3:18:1d:58:41:ec:68:
01:5e:25:3b:e6:b0:c2:5e:1b:4d:5e:a5:cd:c9:af:
b0:5b:90:84:2e:09:ee:c4:bd:6c:ed:ae:7f:a1:c4:
52:81:3e:47:18:fa:90:32:c1:27:26:c7:bb:b4:77:
fe:95:2e:4e:23:6a:2b:62:eb:1c:5e:d4:8b:2d:01:
6e:8f:eb:60:cd:82:0c:5d:91:8b:c7:4d:5c:84:cb:
5e:9d:be:c6:e2:72:98:19:a2:08:66:74:2a:34:8d:
ab:14:3f:1b:bb:80:89:ce:03:70:a2:a3:c4:4f:28:
99:b7:e5:f8:b3:10:8d:e7:8b:70:f3:b9:82:31:4a:
38:c6:ad:9f:ee:4a:a7:d8:d5:c3:f1:b1:2b:8c:77:
72:48:6b:b3:8e:75:9b:a5:55:78:ae:74:22:96:8f:
07:4e:b2:39:b7:ff:2f:7a:20:bb:a2:91:f7:34:c9:
c7:6a:76:17:92:10:f0:87:60:c1:95:4a:20:ff:44:
9d:8b:3e:49:f3:0c:f6:0c:5f:8e:aa:2d:b3:f1:37:
cb:9c:06:4f:38:92:d1:78:01:ed:24:63:4d:e9:f5:
82:13:b6:7f:8d:58:2d:a8:fd:c4:21:59:fd:b7:e8:
7c:c5:32:c5:40:5a:af:d2:a3:b3:13:9a:34:a7:2a:
1e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3B:7B:BE:1A:71:55:94:86:5D:DE:38:FE:3C:FD:F3:D2:3B:04:AC
X509v3 Authority Key Identifier:
keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/8zt7vhpxVZSGXd44_jz989I7BKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:28:8b:2f:e6:24:22:22:b8:00:98:40:b7:87:af:71:a4:a2:
0a:b6:70:b7:2a:76:31:21:05:f7:14:f2:b9:79:b4:39:68:a7:
3a:12:1f:11:a2:4b:c1:03:ac:ad:b9:61:15:c2:ac:81:0b:90:
14:96:96:b4:17:4c:7b:57:6a:b5:90:96:b5:2c:65:71:aa:b6:
95:1d:51:d9:6b:a8:8c:8f:83:5c:f5:54:32:33:29:cc:a0:ca:
60:26:5d:dd:d4:7d:38:8b:dd:62:1e:30:a2:61:fa:42:71:87:
3a:a7:65:e0:b1:05:6a:77:78:c8:97:d5:b7:0d:3a:af:12:a5:
8b:14:cf:ca:16:61:c2:62:a7:59:3b:dc:4d:86:2b:25:12:d9:
31:cf:98:49:7f:a3:2d:fd:73:72:93:f9:83:c1:dc:f4:c9:df:
1c:fe:e1:0a:4f:29:13:b7:c1:9f:14:2d:43:d7:fc:cb:d3:11:
5b:fb:a8:f4:be:22:e7:02:ca:ff:59:22:d6:c6:71:5d:c5:38:
24:50:f4:58:3f:c6:81:f7:79:44:ff:0f:60:9f:f7:81:58:67:
78:a0:a1:86:66:d5:36:a2:d2:e7:eb:74:00:0c:4b:41:94:af:
2a:f8:d1:4c:50:f9:d9:f2:86:40:a6:68:52:ea:e2:c1:64:e2:
aa:a8:c0:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8FNn9N5JNfxORXubiFscZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2
NGIxN2UwHhcNMjQwNDIyMDk1MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNiN2JiZTFhNzE1NTk0ODY1ZGRlMzhmZTNjZmRmM2QyM2IwNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEMCHgQMELMYHVhB7GgBXiU75rDC
XhtNXqXNya+wW5CELgnuxL1s7a5/ocRSgT5HGPqQMsEnJse7tHf+lS5OI2orYusc
XtSLLQFuj+tgzYIMXZGLx01chMtenb7G4nKYGaIIZnQqNI2rFD8bu4CJzgNwoqPE
TyiZt+X4sxCN54tw87mCMUo4xq2f7kqn2NXD8bErjHdySGuzjnWbpVV4rnQilo8H
TrI5t/8veiC7opH3NMnHanYXkhDwh2DBlUog/0Sdiz5J8wz2DF+Oqi2z8TfLnAZP
OJLReAHtJGNN6fWCE7Z/jVgtqP3EIVn9t+h8xTLFQFqv0qOzE5o0pyoetQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPM7e74acVWUhl3eOP48/fPSOwSsMB8GA1UdIwQY
MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt
OTc5OTcyYTAwMTRkLzEvOHp0N3ZocHhWWlNHWGQ0NF9qejk4OUk3Qkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk
LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wPMA0G
CSqGSIb3DQEBCwUAA4IBAQBMKIsv5iQiIrgAmEC3h69xpKIKtnC3KnYxIQX3FPK5
ebQ5aKc6Eh8RokvBA6ytuWEVwqyBC5AUlpa0F0x7V2q1kJa1LGVxqraVHVHZa6iM
j4Nc9VQyMynMoMpgJl3d1H04i91iHjCiYfpCcYc6p2XgsQVqd3jIl9W3DTqvEqWL
FM/KFmHCYqdZO9xNhislEtkxz5hJf6Mt/XNyk/mDwdz0yd8c/uEKTykTt8GfFC1D
1/zL0xFb+6j0viLnAsr/WSLWxnFdxTgkUPRYP8aB93lE/w9gn/eBWGd4oKGGZtU2
otLn63QADEtBlK8q+NFMUPnZ8oZApmhS6uLBZOKqqMAp
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:39 2025 by rpki-client