Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/1oKoXFIOKNnrLlNUMW_oNeD4w2I.roa
File: 1oKoXFIOKNnrLlNUMW_oNeD4w2I.roa (raw, json)
Hash identifier: nhlxugChUqm8xRHUMkWf/sTv2Ksy3z1cEmp4O70Xbbo=
Subject key identifier: D6:82:A8:5C:52:0E:28:D9:EB:2E:53:54:31:6F:E8:35:E0:F8:C3:62
Certificate issuer: /CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Certificate serial: 018CC79575F5209BEAA55C147FF6769ED753
Authority key identifier: 78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/1oKoXFIOKNnrLlNUMW_oNeD4w2I.roa
Signing time: Tue 02 Jan 2024 00:31:50 +0000
ROA not before: Tue 02 Jan 2024 00:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47193
IP address blocks: 91.203.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:75:f5:20:9b:ea:a5:5c:14:7f:f6:76:9e:d7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Validity
Not Before: Jan 2 00:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d682a85c520e28d9eb2e5354316fe835e0f8c362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:3e:07:0a:a8:2b:45:97:8d:06:37:35:d6:
dd:43:9f:5c:ec:53:93:1d:86:cb:cd:0d:5c:fb:ed:
e0:bc:9e:90:f8:71:fc:c5:d8:83:ec:64:20:34:bc:
ed:bc:ee:ba:a3:d7:6b:c5:25:77:f6:8e:9a:48:b5:
52:86:b3:80:48:65:eb:61:bb:6f:0d:f1:e7:a7:0f:
fe:cc:98:ad:94:58:e7:7f:c1:b7:dd:42:4a:90:fc:
c1:38:8c:d6:cd:40:e7:c9:ef:2f:df:41:42:03:c2:
d0:0e:93:a4:65:3b:ef:00:74:17:a5:17:df:3c:fe:
60:01:bc:00:e2:7c:9a:8f:fd:e4:07:e4:5f:3c:31:
4a:39:72:c8:7e:1a:cd:56:dd:c0:23:21:19:a7:79:
1e:13:f7:ed:d6:b6:74:a4:22:8e:bf:61:c7:2a:e2:
21:a1:7e:25:30:44:cc:23:a6:51:78:41:d1:55:be:
5a:64:a3:6f:d3:53:79:a6:4f:57:33:82:87:8f:db:
14:71:7b:cc:e0:14:8e:09:c2:c0:ce:04:23:b6:0e:
7a:d5:a1:2f:11:55:24:f6:55:a9:c7:cf:1f:1f:d4:
82:0b:50:0e:28:50:58:86:12:10:9d:25:ff:6b:e2:
e6:78:1c:55:d2:27:27:44:77:f8:fa:3c:37:10:79:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:82:A8:5C:52:0E:28:D9:EB:2E:53:54:31:6F:E8:35:E0:F8:C3:62
X509v3 Authority Key Identifier:
keyid:78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/1oKoXFIOKNnrLlNUMW_oNeD4w2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:1f:37:18:80:be:8f:ee:87:66:29:94:6d:f6:1e:8e:45:b7:
17:cd:c7:81:e0:53:b2:61:5b:23:89:4c:b6:60:d4:29:4f:6b:
62:24:ef:d3:6b:65:3c:47:df:36:a4:48:8a:05:d8:a1:d8:9c:
ab:c9:b2:8a:1d:ad:5a:81:72:21:9e:37:57:5a:9a:fa:74:f6:
65:5b:80:9e:45:44:f8:70:60:63:49:42:cf:11:9d:3e:37:d7:
35:f7:e1:7e:a1:60:bd:19:f0:42:1f:3c:14:cc:75:01:03:47:
66:2a:df:24:4b:fb:74:b4:5f:ee:33:ee:5f:db:52:6c:23:3d:
d3:15:2d:95:93:e6:69:98:7d:93:23:5a:6e:1c:4a:20:d1:6e:
00:41:c2:02:01:66:6a:0c:27:4b:2f:9c:fe:31:21:ae:8f:a1:
84:a9:dd:2b:f7:73:75:c7:da:33:90:e3:a6:cc:45:b9:38:4e:
d6:e2:9e:54:f4:a9:4a:f6:63:28:b7:16:a2:d2:ae:84:0f:44:
93:ec:4d:6c:41:1b:06:10:77:59:70:39:f1:61:43:80:bf:32:
1e:d7:c6:45:4f:fc:4f:13:0d:4d:0b:89:a8:c7:1d:fc:1f:c5:
49:3c:87:ef:9a:d2:02:7c:ce:81:e9:b6:ad:ac:fb:33:91:29:
0b:1c:96:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlXX1IJvqpVwUf/Z2ntdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGI3ZTRjMDQ1Y2RhZTc4YjViZjQzZjJjNTNmMWE5NGQ5
ZTE1OWUwHhcNMjQwMTAyMDAzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjgyYTg1YzUyMGUyOGQ5ZWIyZTUzNTQzMTZmZTgzNWUwZjhjMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRs+BwqoK0WXjQY3NdbdQ59c7FOT
HYbLzQ1c++3gvJ6Q+HH8xdiD7GQgNLztvO66o9drxSV39o6aSLVShrOASGXrYbtv
DfHnpw/+zJitlFjnf8G33UJKkPzBOIzWzUDnye8v30FCA8LQDpOkZTvvAHQXpRff
PP5gAbwA4nyaj/3kB+RfPDFKOXLIfhrNVt3AIyEZp3keE/ft1rZ0pCKOv2HHKuIh
oX4lMETMI6ZReEHRVb5aZKNv01N5pk9XM4KHj9sUcXvM4BSOCcLAzgQjtg561aEv
EVUk9lWpx88fH9SCC1AOKFBYhhIQnSX/a+LmeBxV0icnRHf4+jw3EHmxkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaCqFxSDijZ6y5TVDFv6DXg+MNiMB8GA1UdIwQY
MBaAFHiLfkwEXNrni1v0PyxT8alNnhWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgt
MGEyNmU2ZTU3ZjIwLzEvMW9Lb1hGSU9LTm5yTGxOVU1XX29OZUQ0dzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgtMGEyNmU2ZTU3ZjIw
LzEvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8vQMA0G
CSqGSIb3DQEBCwUAA4IBAQAvHzcYgL6P7odmKZRt9h6ORbcXzceB4FOyYVsjiUy2
YNQpT2tiJO/Ta2U8R982pEiKBdih2JyrybKKHa1agXIhnjdXWpr6dPZlW4CeRUT4
cGBjSULPEZ0+N9c19+F+oWC9GfBCHzwUzHUBA0dmKt8kS/t0tF/uM+5f21JsIz3T
FS2Vk+ZpmH2TI1puHEog0W4AQcICAWZqDCdLL5z+MSGuj6GEqd0r93N1x9ozkOOm
zEW5OE7W4p5U9KlK9mMotxai0q6ED0ST7E1sQRsGEHdZcDnxYUOAvzIe18ZFT/xP
Ew1NC4moxx38H8VJPIfvmtICfM6B6batrPszkSkLHJb9
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:16 2025 by rpki-client