Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/nd4i72NO084shjyZpXRhzM4iNCE.roa
File: nd4i72NO084shjyZpXRhzM4iNCE.roa (raw, json)
Hash identifier: Te/kGq8CKAUWrxGrhe3DOvcvgorfpn7pC3V85RtY2to=
Subject key identifier: 9D:DE:22:EF:63:4E:D3:CE:2C:86:3C:99:A5:74:61:CC:CE:22:34:21
Certificate issuer: /CN=afa474a5ea601c809291ee79bae3918964d0871e
Certificate serial: 018CC2DB01E9130E80CE9A6D63324A32616C
Authority key identifier: AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/nd4i72NO084shjyZpXRhzM4iNCE.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48736
IP address blocks: 91.209.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:01:e9:13:0e:80:ce:9a:6d:63:32:4a:32:61:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa474a5ea601c809291ee79bae3918964d0871e
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dde22ef634ed3ce2c863c99a57461ccce223421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2b:eb:d1:6b:3d:f6:5a:d3:be:8f:8e:5d:71:
53:26:1b:bd:db:3e:1e:10:83:52:e1:58:50:c1:68:
68:7a:a0:7f:67:d6:be:04:25:40:4d:af:fe:03:81:
67:65:b7:d1:30:de:f0:b4:b6:aa:19:91:72:ca:5b:
93:0d:af:d9:be:5f:f1:ef:50:38:4c:8d:c3:79:cc:
ad:d5:fc:f0:4a:b7:3f:f9:8b:33:da:5a:54:64:92:
28:32:35:ee:40:e0:3e:43:80:70:27:56:01:73:bb:
f0:3a:a2:26:39:31:42:eb:af:54:d2:4e:7b:62:fc:
8c:9c:40:42:4d:ed:2a:3d:d4:32:06:23:8a:79:b3:
d6:76:0d:1d:d9:a9:aa:6f:f7:74:b6:09:ff:c0:63:
5f:3e:f2:5e:f0:c7:6f:c1:ef:53:a7:5e:93:38:f2:
e8:4b:d9:5f:56:cc:9e:42:cf:7f:6f:72:14:8d:eb:
68:bf:ed:48:db:ac:0a:9b:fd:34:c9:4d:42:fa:07:
5a:f0:9a:a6:e8:e6:e8:d3:d3:24:72:fa:71:cd:d6:
8a:1e:a2:97:8b:79:4c:31:c3:c1:8c:6c:c8:b9:e3:
9b:c2:8b:39:ec:04:be:40:ef:29:fc:9a:15:ec:0e:
30:80:e1:71:b6:ad:51:af:66:e0:00:78:5d:49:50:
1e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DE:22:EF:63:4E:D3:CE:2C:86:3C:99:A5:74:61:CC:CE:22:34:21
X509v3 Authority Key Identifier:
keyid:AF:A4:74:A5:EA:60:1C:80:92:91:EE:79:BA:E3:91:89:64:D0:87:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6R0pepgHICSke55uuORiWTQhx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/nd4i72NO084shjyZpXRhzM4iNCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/cc4d76-3ae9-491e-9bd2-193cc61bce61/1/r6R0pepgHICSke55uuORiWTQhx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:97:93:7d:53:86:e3:33:f4:84:fd:e5:aa:a1:78:94:99:44:
70:5d:26:97:e7:e9:d2:b8:97:99:e0:66:64:c5:a3:1b:20:d1:
74:71:ba:02:a1:49:3d:ab:66:9b:88:d1:b7:44:4d:27:e4:80:
e8:bf:51:9e:6c:54:e7:70:63:6e:a9:6e:e6:0c:07:a6:22:60:
be:43:90:2a:cd:c4:68:1d:f4:5c:f5:b5:17:7f:17:54:ea:2f:
27:df:f2:14:14:09:ca:ca:23:fc:9b:5a:44:38:a2:3b:c9:56:
d9:52:36:aa:82:55:ac:30:2f:19:81:4e:07:c3:d8:bf:21:73:
7c:4d:59:9e:9e:ca:55:11:b2:94:6a:61:e6:ed:ee:8d:f0:3b:
38:14:b2:c7:cf:87:be:0e:89:71:b3:f1:f2:e8:83:58:97:65:
da:5c:31:b6:51:29:e4:b0:c2:74:b5:92:43:db:94:38:8b:c9:
16:93:ba:0d:4e:32:42:32:84:2d:8b:e0:f5:e6:4a:cb:30:b5:
38:e0:ef:2e:95:9f:4c:24:f0:87:91:7f:b8:03:9a:12:0e:31:
de:9a:46:52:5f:12:5f:0f:b3:b3:b4:4d:7b:a0:3f:a4:44:6b:
a8:af:6a:c3:07:6e:8d:c6:1a:53:e8:b4:61:f1:92:b8:c9:84:
a1:a2:22:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wHpEw6AzpptYzJKMmFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTQ3NGE1ZWE2MDFjODA5MjkxZWU3OWJhZTM5MTg5NjRk
MDg3MWUwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRlMjJlZjYzNGVkM2NlMmM4NjNjOTlhNTc0NjFjY2NlMjIzNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhivr0Ws99lrTvo+OXXFTJhu92z4e
EINS4VhQwWhoeqB/Z9a+BCVATa/+A4FnZbfRMN7wtLaqGZFyyluTDa/Zvl/x71A4
TI3Decyt1fzwSrc/+Ysz2lpUZJIoMjXuQOA+Q4BwJ1YBc7vwOqImOTFC669U0k57
YvyMnEBCTe0qPdQyBiOKebPWdg0d2amqb/d0tgn/wGNfPvJe8Mdvwe9Tp16TOPLo
S9lfVsyeQs9/b3IUjetov+1I26wKm/00yU1C+gda8Jqm6Obo09MkcvpxzdaKHqKX
i3lMMcPBjGzIueObwos57AS+QO8p/JoV7A4wgOFxtq1Rr2bgAHhdSVAeZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3eIu9jTtPOLIY8maV0YczOIjQhMB8GA1UdIwQY
MBaAFK+kdKXqYByAkpHuebrjkYlk0IceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDIt
MTkzY2M2MWJjZTYxLzEvbmQ0aTcyTk8wODRzaGp5WnBYUmh6TTRpTkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jYzRkNzYtM2FlOS00OTFlLTliZDItMTkzY2M2MWJjZTYx
LzEvcjZSMHBlcGdISUNTa2U1NXV1T1JpV1RRaHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HxMA0G
CSqGSIb3DQEBCwUAA4IBAQA6l5N9U4bjM/SE/eWqoXiUmURwXSaX5+nSuJeZ4GZk
xaMbINF0cboCoUk9q2abiNG3RE0n5IDov1GebFTncGNuqW7mDAemImC+Q5AqzcRo
HfRc9bUXfxdU6i8n3/IUFAnKyiP8m1pEOKI7yVbZUjaqglWsMC8ZgU4Hw9i/IXN8
TVmenspVEbKUamHm7e6N8Ds4FLLHz4e+Dolxs/Hy6INYl2XaXDG2USnksMJ0tZJD
25Q4i8kWk7oNTjJCMoQti+D15krLMLU44O8ulZ9MJPCHkX+4A5oSDjHemkZSXxJf
D7OztE17oD+kRGuor2rDB26NxhpT6LRh8ZK4yYShoiJM
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:06:43 2025 by rpki-client