Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xf6q4mL5LyQGA3gf9oxMJkVxMYE.roa
File: xf6q4mL5LyQGA3gf9oxMJkVxMYE.roa (raw, json)
Hash identifier: DhOydrBQMxgyankRqU7D4uaEw9ZkW1no1JywKrQh+wE=
Subject key identifier: C5:FE:AA:E2:62:F9:2F:24:06:03:78:1F:F6:8C:4C:26:45:71:31:81
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191D658F4D25298AB771906B21ED081DD52
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xf6q4mL5LyQGA3gf9oxMJkVxMYE.roa
Signing time: Mon 09 Sep 2024 10:33:59 +0000
ROA not before: Mon 09 Sep 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49729
IP address blocks: 91.228.88.0/24 maxlen: 24
195.64.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:58:f4:d2:52:98:ab:77:19:06:b2:1e:d0:81:dd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Sep 9 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5feaae262f92f240603781ff68c4c2645713181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4c:24:c4:4f:a2:6a:e1:75:c8:d1:65:40:99:
a1:7f:79:88:25:98:57:d4:d5:4a:73:00:cd:68:50:
33:e4:71:f9:22:d6:e1:d7:c1:af:87:2d:12:13:bc:
cd:06:b8:91:7e:68:8e:69:28:2c:cb:8b:53:17:a2:
fe:9c:18:a7:58:bb:61:4c:5a:ed:ee:98:4a:50:07:
1b:e5:1a:cb:af:fd:8a:8b:b0:a5:7a:61:f6:4a:86:
eb:9b:7f:8d:f3:e5:ed:7a:54:32:25:3a:21:61:f0:
2d:79:52:df:4e:e0:17:56:f9:a2:4d:a4:93:9d:09:
37:00:3e:4f:1e:4d:c1:72:50:3c:1f:59:c3:ae:74:
3a:f5:7f:7f:d4:11:3a:71:cc:84:1a:d7:46:e3:d9:
2a:a7:ff:a0:06:1e:08:7d:81:27:16:b2:c4:86:d0:
37:4d:c6:ea:d8:ce:df:43:d8:33:de:9b:38:83:1c:
75:25:38:1a:6d:a1:75:d4:7a:65:5d:4f:8f:c5:07:
8d:3b:99:fb:12:da:01:68:ad:a3:be:22:e0:b5:47:
55:b8:a9:e1:76:53:1a:0c:c1:4b:4b:0a:84:79:d8:
a4:9f:dc:bb:c7:4a:52:64:2a:fa:55:1c:35:89:8a:
28:54:c1:72:61:77:e7:9a:fe:52:30:04:6f:c9:c7:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FE:AA:E2:62:F9:2F:24:06:03:78:1F:F6:8C:4C:26:45:71:31:81
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xf6q4mL5LyQGA3gf9oxMJkVxMYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.88.0/24
195.64.126.0/24
Signature Algorithm: sha256WithRSAEncryption
28:7b:15:be:0c:59:e1:77:60:37:26:7a:98:d8:5b:31:14:bb:
27:1d:83:dc:ea:d5:55:4a:bf:1f:f3:cd:17:a0:aa:a4:d4:23:
62:6e:c6:66:4c:c7:0f:49:c0:da:dd:46:38:f4:eb:40:d0:c1:
52:e0:02:6d:24:6c:c8:7b:78:98:25:ae:94:b3:78:89:79:23:
fb:2c:89:59:7a:2f:de:79:32:3a:2f:19:14:5e:21:c7:12:40:
86:4c:2d:00:c1:b8:be:03:32:08:59:03:34:ce:be:8c:d8:87:
de:08:04:ea:08:6b:b6:04:10:2d:76:88:13:c5:a2:43:5c:cb:
d6:19:70:8c:28:b6:2c:cf:e2:00:3e:61:7f:05:9b:f0:f9:21:
6d:b6:55:92:2b:db:04:73:ed:e5:8e:ea:58:93:cd:c0:ea:33:
d7:49:b4:cd:9f:d0:0f:6d:7c:7a:98:3a:61:b4:ec:ee:31:ee:
82:14:27:bd:9c:9a:55:ae:01:bf:5f:b3:6b:f3:70:d7:b8:4a:
a5:dc:29:56:db:58:66:3f:cf:bf:9e:03:98:e0:45:be:3e:f0:
3d:c1:17:a1:84:ed:8e:20:8b:44:44:42:47:13:9f:45:6c:d0:
3b:76:be:82:7a:89:19:1f:7d:19:ce:fb:91:4f:a8:3a:55:ae:
0e:ce:94:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHWWPTSUpirdxkGsh7Qgd1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwOTA5MTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZlYWFlMjYyZjkyZjI0MDYwMzc4MWZmNjhjNGMyNjQ1NzEzMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0wkxE+iauF1yNFlQJmhf3mIJZhX
1NVKcwDNaFAz5HH5Itbh18Gvhy0SE7zNBriRfmiOaSgsy4tTF6L+nBinWLthTFrt
7phKUAcb5RrLr/2Ki7ClemH2Sobrm3+N8+XtelQyJTohYfAteVLfTuAXVvmiTaST
nQk3AD5PHk3BclA8H1nDrnQ69X9/1BE6ccyEGtdG49kqp/+gBh4IfYEnFrLEhtA3
Tcbq2M7fQ9gz3ps4gxx1JTgabaF11HplXU+PxQeNO5n7EtoBaK2jviLgtUdVuKnh
dlMaDMFLSwqEedikn9y7x0pSZCr6VRw1iYooVMFyYXfnmv5SMARvycc45QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMX+quJi+S8kBgN4H/aMTCZFcTGBMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEveGY2cTRtTDVMeVFHQTNnZjlveE1Ka1Z4TVlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+RYAwQA
w0B+MA0GCSqGSIb3DQEBCwUAA4IBAQAoexW+DFnhd2A3JnqY2FsxFLsnHYPc6tVV
Sr8f880XoKqk1CNibsZmTMcPScDa3UY49OtA0MFS4AJtJGzIe3iYJa6Us3iJeSP7
LIlZei/eeTI6LxkUXiHHEkCGTC0Awbi+AzIIWQM0zr6M2IfeCATqCGu2BBAtdogT
xaJDXMvWGXCMKLYsz+IAPmF/BZvw+SFttlWSK9sEc+3ljupYk83A6jPXSbTNn9AP
bXx6mDphtOzuMe6CFCe9nJpVrgG/X7Nr83DXuEql3ClW21hmP8+/ngOY4EW+PvA9
wRehhO2OIItEREJHE59FbNA7dr6CeokZH30ZzvuRT6g6Va4OzpRO
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:30 2025 by rpki-client