Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/nUI4ICZf4ySjzhqeQR-muc9Z9B0.roa
File: nUI4ICZf4ySjzhqeQR-muc9Z9B0.roa (raw, json)
Hash identifier: ILtnPSZsD39gzXPDw9++NT1J6q6I46V87JOUEpIC+hA=
Subject key identifier: 9D:42:38:20:26:5F:E3:24:A3:CE:1A:9E:41:1F:A6:B9:CF:59:F4:1D
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0187D1F2B1840E29A121B5A3282B0E1781D7
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/nUI4ICZf4ySjzhqeQR-muc9Z9B0.roa
Signing time: Sun 30 Apr 2023 11:35:55 +0000
ROA not before: Sun 30 Apr 2023 11:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d1:f2:b1:84:0e:29:a1:21:b5:a3:28:2b:0e:17:81:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Apr 30 11:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d423820265fe324a3ce1a9e411fa6b9cf59f41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:93:c4:ad:c0:52:9b:b2:56:59:ac:40:52:99:
e6:2f:0a:62:88:cb:5d:2b:9e:86:ac:af:2d:44:f4:
1f:28:73:a7:f0:c5:42:3c:96:f4:34:c0:c1:26:a8:
20:23:cb:6d:5a:57:f1:52:bc:81:7e:6d:ad:64:a3:
8d:b6:42:b0:3d:43:d8:3d:83:e4:b4:d3:5e:6e:2c:
b2:eb:fa:48:88:1a:8d:20:37:a4:e3:ad:db:83:77:
71:ef:ee:bf:0e:ff:c3:f0:2e:09:56:7c:11:f8:8a:
e4:34:58:80:98:f9:da:46:2b:24:7e:86:d6:60:d4:
bb:9c:93:03:89:64:80:d7:77:f9:6e:6a:b9:77:10:
02:0f:4e:ca:9a:b2:18:62:21:03:fc:8e:9b:82:cf:
3a:30:88:3d:87:c5:8f:42:71:c3:33:01:6e:47:30:
97:66:64:a1:17:dc:77:98:b2:42:41:96:df:c1:b8:
e0:9b:6b:02:42:89:b6:69:aa:e5:97:09:29:ac:33:
c3:52:8b:ec:8e:fa:34:52:e8:4b:4e:f7:cd:93:95:
99:6c:88:d8:ad:b4:07:ea:9c:92:e4:5a:c2:52:60:
e1:a9:70:a0:18:aa:5f:63:2c:79:19:61:61:03:a8:
52:fd:7d:a4:9f:32:78:65:12:bd:31:af:ae:db:aa:
f3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:42:38:20:26:5F:E3:24:A3:CE:1A:9E:41:1F:A6:B9:CF:59:F4:1D
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/nUI4ICZf4ySjzhqeQR-muc9Z9B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ea:c6:e4:3e:f3:d5:12:3e:93:07:91:54:ed:84:38:54:20:
f5:75:42:71:12:f8:24:c2:2e:00:0c:af:49:f0:0c:be:e9:98:
9e:8a:57:70:07:2e:83:c9:ef:82:cd:b6:57:0b:1f:d5:f4:97:
50:34:12:46:58:06:c9:d3:30:0d:3d:3b:77:a5:0e:d2:61:7f:
97:49:82:a1:69:78:54:8c:78:27:3d:17:d5:8c:38:67:7d:42:
17:2d:43:bb:cc:36:1c:7e:ed:69:5f:d3:5e:6f:74:ba:65:6c:
5c:b8:36:de:51:73:13:cf:f2:53:1d:bd:d8:6d:02:a9:a9:bb:
fc:14:6b:e7:6c:8d:6b:20:44:12:f7:93:d5:14:61:2e:d9:e1:
74:71:fb:7c:fc:04:f0:71:52:4d:34:9e:30:10:61:92:4e:b9:
58:89:da:b1:0b:17:a1:ef:6b:12:2b:e1:b3:d4:b8:6c:04:c8:
50:b0:da:ec:23:9d:5d:5e:8c:77:07:84:d0:35:43:14:6f:d3:
45:7e:80:83:ae:f8:7b:f5:61:21:aa:f2:69:60:f1:64:fa:bb:
3c:dc:99:b7:60:1a:04:67:c9:72:e9:db:0b:7a:85:74:b3:6d:
c2:2a:fb:08:6f:41:99:6f:d0:eb:9d:69:6f:c7:81:fa:25:6a:
64:19:be:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfR8rGEDimhIbWjKCsOF4HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNDMwMTEzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQyMzgyMDI2NWZlMzI0YTNjZTFhOWU0MTFmYTZiOWNmNTlmNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpPErcBSm7JWWaxAUpnmLwpiiMtd
K56GrK8tRPQfKHOn8MVCPJb0NMDBJqggI8ttWlfxUryBfm2tZKONtkKwPUPYPYPk
tNNebiyy6/pIiBqNIDek463bg3dx7+6/Dv/D8C4JVnwR+IrkNFiAmPnaRiskfobW
YNS7nJMDiWSA13f5bmq5dxACD07KmrIYYiED/I6bgs86MIg9h8WPQnHDMwFuRzCX
ZmShF9x3mLJCQZbfwbjgm2sCQom2aarllwkprDPDUovsjvo0UuhLTvfNk5WZbIjY
rbQH6pyS5FrCUmDhqXCgGKpfYyx5GWFhA6hS/X2knzJ4ZRK9Ma+u26rzCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1COCAmX+Mko84ankEfprnPWfQdMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvblVJNElDWmY0eVNqemhxZVFSLW11YzlaOUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+HhMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ6sbkPvPVEj6TB5FU7YQ4VCD1dUJxEvgkwi4ADK9J
8Ay+6ZieildwBy6Dye+CzbZXCx/V9JdQNBJGWAbJ0zANPTt3pQ7SYX+XSYKhaXhU
jHgnPRfVjDhnfUIXLUO7zDYcfu1pX9Neb3S6ZWxcuDbeUXMTz/JTHb3YbQKpqbv8
FGvnbI1rIEQS95PVFGEu2eF0cft8/ATwcVJNNJ4wEGGSTrlYidqxCxeh72sSK+Gz
1LhsBMhQsNrsI51dXox3B4TQNUMUb9NFfoCDrvh79WEhqvJpYPFk+rs83Jm3YBoE
Z8ly6dsLeoV0s23CKvsIb0GZb9DrnWlvx4H6JWpkGb4F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org