Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/227e6b-02e4-4108-8b33-63dd275300bc/1/yE6jcIwte5Looql5iM86S7f0MmI.roa
File: yE6jcIwte5Looql5iM86S7f0MmI.roa (raw, json)
Hash identifier: fZlrBywKOAtE517xVKB4/pE2NCOoeSywAxZbxxY+/ro=
Subject key identifier: C8:4E:A3:70:8C:2D:7B:92:E8:A2:A9:79:88:CF:3A:4B:B7:F4:32:62
Certificate issuer: /CN=819901b64fe22656b8f2db260b453f279352b7d0
Certificate serial: 018CC726C6C682801AA575EDF963AA247F3C
Authority key identifier: 81:99:01:B6:4F:E2:26:56:B8:F2:DB:26:0B:45:3F:27:93:52:B7:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZkBtk_iJla48tsmC0U_J5NSt9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/227e6b-02e4-4108-8b33-63dd275300bc/1/yE6jcIwte5Looql5iM86S7f0MmI.roa
Signing time: Mon 01 Jan 2024 22:30:56 +0000
ROA not before: Mon 01 Jan 2024 22:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50572
IP address blocks: 91.238.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:c6:c6:82:80:1a:a5:75:ed:f9:63:aa:24:7f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=819901b64fe22656b8f2db260b453f279352b7d0
Validity
Not Before: Jan 1 22:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c84ea3708c2d7b92e8a2a97988cf3a4bb7f43262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d7:30:a1:b7:2c:a5:7d:c7:6f:d1:65:53:f6:
5b:e5:92:78:ec:4e:97:b2:86:2f:f0:16:8c:a1:85:
e2:aa:f5:8c:ed:79:84:fc:c1:0d:2d:d6:9e:23:1b:
88:6c:d5:f9:96:2a:c0:ad:74:4e:ce:dd:c1:e9:0f:
79:5a:48:02:6d:35:5c:36:93:6c:dc:7a:ea:32:52:
9b:d8:41:05:23:13:da:cc:8e:5c:0a:2d:7a:83:03:
d2:14:bb:5d:76:9b:38:f4:67:bb:5a:21:f1:e3:06:
1f:e3:79:41:3d:2c:36:6e:8e:c0:8d:88:59:5b:85:
ec:b0:f1:30:d9:e3:61:d7:15:e0:56:f1:a1:41:ce:
d2:e7:b7:a7:17:04:b0:71:58:68:1e:e9:e1:c7:83:
d1:9f:1b:a8:ef:57:f5:1e:7b:e3:46:e8:27:da:a4:
28:5f:1b:f7:34:11:24:97:11:5c:da:3a:6a:18:ed:
31:c6:8a:24:e9:bd:cc:96:b5:39:07:5f:8c:99:ce:
dd:af:24:97:e2:32:38:9f:fa:c9:b8:b7:8a:c4:5a:
cf:8f:bf:b7:b5:6f:ef:f9:29:9f:0f:ef:b1:fb:60:
9d:e5:77:cf:62:41:85:c7:a4:84:39:b7:07:5e:d0:
be:f3:9a:a8:91:20:bf:05:4a:61:c0:91:1f:fe:38:
56:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4E:A3:70:8C:2D:7B:92:E8:A2:A9:79:88:CF:3A:4B:B7:F4:32:62
X509v3 Authority Key Identifier:
keyid:81:99:01:B6:4F:E2:26:56:B8:F2:DB:26:0B:45:3F:27:93:52:B7:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZkBtk_iJla48tsmC0U_J5NSt9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/227e6b-02e4-4108-8b33-63dd275300bc/1/yE6jcIwte5Looql5iM86S7f0MmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/227e6b-02e4-4108-8b33-63dd275300bc/1/gZkBtk_iJla48tsmC0U_J5NSt9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.51.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:8a:9c:dc:f0:d9:38:4d:9b:e6:ec:d1:3f:68:9f:f2:d8:98:
15:01:06:a8:c1:7f:df:29:8a:21:9f:4c:14:36:4a:a6:1c:30:
90:8a:f4:45:ff:5f:a8:db:84:72:dd:3e:ac:a8:5e:3e:48:ef:
94:31:a7:24:28:b4:02:5f:96:6d:98:89:6d:5a:07:df:c1:e7:
c7:a1:9f:29:04:8b:a1:d5:e4:49:f4:3b:33:ae:2b:93:7e:4d:
84:32:86:49:29:26:24:ee:72:c8:0c:bb:90:78:6f:91:36:a8:
32:ac:65:f8:b8:41:22:6c:0d:0c:7d:fb:c1:af:22:79:af:42:
2b:06:69:df:59:b4:f8:24:6b:11:e4:95:ac:af:0b:10:1b:83:
42:ff:cb:0c:ea:0e:19:60:45:19:3e:cc:81:54:1f:12:d8:52:
f1:76:dc:93:f7:94:75:ba:65:a9:74:dd:89:13:68:30:3e:2a:
64:5e:2e:5b:80:bd:29:a4:7f:39:df:f0:08:8d:42:99:fc:3a:
de:9f:fd:1c:73:92:e0:3f:3c:6d:fc:fc:1c:fe:25:11:2f:9e:
18:94:95:6e:fb:e6:d1:9b:31:92:85:47:e6:34:f9:42:bd:00:
83:6b:17:ba:d5:81:47:02:23:5e:94:3b:fe:e4:c6:6f:b3:19:
43:d5:0b:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJsbGgoAapXXt+WOqJH88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTkwMWI2NGZlMjI2NTZiOGYyZGIyNjBiNDUzZjI3OTM1
MmI3ZDAwHhcNMjQwMTAxMjIzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRlYTM3MDhjMmQ3YjkyZThhMmE5Nzk4OGNmM2E0YmI3ZjQzMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydcwobcspX3Hb9FlU/Zb5ZJ47E6X
soYv8BaMoYXiqvWM7XmE/MENLdaeIxuIbNX5lirArXROzt3B6Q95WkgCbTVcNpNs
3HrqMlKb2EEFIxPazI5cCi16gwPSFLtddps49Ge7WiHx4wYf43lBPSw2bo7AjYhZ
W4XssPEw2eNh1xXgVvGhQc7S57enFwSwcVhoHunhx4PRnxuo71f1HnvjRugn2qQo
Xxv3NBEklxFc2jpqGO0xxook6b3MlrU5B1+Mmc7drySX4jI4n/rJuLeKxFrPj7+3
tW/v+SmfD++x+2Cd5XfPYkGFx6SEObcHXtC+85qokSC/BUphwJEf/jhWDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhOo3CMLXuS6KKpeYjPOku39DJiMB8GA1UdIwQY
MBaAFIGZAbZP4iZWuPLbJgtFPyeTUrfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1prQnRrX2lKbGE0OHRzbUMwVV9KNU5TdDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8yMjdlNmItMDJlNC00MTA4LThiMzMt
NjNkZDI3NTMwMGJjLzEveUU2amNJd3RlNUxvb3FsNWlNODZTN2YwTW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8yMjdlNmItMDJlNC00MTA4LThiMzMtNjNkZDI3NTMwMGJj
LzEvZ1prQnRrX2lKbGE0OHRzbUMwVV9KNU5TdDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+4zMA0G
CSqGSIb3DQEBCwUAA4IBAQBqipzc8Nk4TZvm7NE/aJ/y2JgVAQaowX/fKYohn0wU
NkqmHDCQivRF/1+o24Ry3T6sqF4+SO+UMackKLQCX5ZtmIltWgffwefHoZ8pBIuh
1eRJ9DszriuTfk2EMoZJKSYk7nLIDLuQeG+RNqgyrGX4uEEibA0MffvBryJ5r0Ir
BmnfWbT4JGsR5JWsrwsQG4NC/8sM6g4ZYEUZPsyBVB8S2FLxdtyT95R1umWpdN2J
E2gwPipkXi5bgL0ppH853/AIjUKZ/Dren/0cc5LgPzxt/Pwc/iURL54YlJVu++bR
mzGShUfmNPlCvQCDaxe61YFHAiNelDv+5MZvsxlD1QvL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:45 2025 by rpki-client