Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/cNreMZb6HyTpx5s98IkOlALkOHM.roa
File: cNreMZb6HyTpx5s98IkOlALkOHM.roa (raw, json)
Hash identifier: B+NqKQh675LBiGq/mJGtu7lcqkv8VdtN2yPl00PAMsw=
Subject key identifier: 70:DA:DE:31:96:FA:1F:24:E9:C7:9B:3D:F0:89:0E:94:02:E4:38:73
Certificate issuer: /CN=31aadcca96f44a457392d8907c6b964be0fcf921
Certificate serial: 018CC49349D173789A69F6C2ED2A411CC6A1
Authority key identifier: 31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/cNreMZb6HyTpx5s98IkOlALkOHM.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47412
IP address blocks: 91.206.44.0/24 maxlen: 24
91.206.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:49:d1:73:78:9a:69:f6:c2:ed:2a:41:1c:c6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31aadcca96f44a457392d8907c6b964be0fcf921
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70dade3196fa1f24e9c79b3df0890e9402e43873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fe:43:0e:c5:2e:88:0b:f3:2c:f1:3f:22:1b:
2c:a8:ff:d3:b5:b2:da:c5:37:39:f7:ca:42:60:42:
99:b5:2d:a3:29:26:1f:e8:49:25:cc:5a:d2:8d:c5:
39:27:06:ab:33:0e:02:17:8c:59:1d:46:b6:b9:bb:
66:55:b7:1b:89:37:06:d7:62:a3:b5:9d:e2:6c:69:
d1:25:9a:7d:77:6f:7f:67:f2:6e:cf:05:9d:03:69:
df:7d:d1:fa:d4:61:21:29:bb:56:db:17:17:0f:b2:
e2:54:40:8d:96:f0:bb:61:2b:d5:dc:2f:27:49:82:
d7:06:91:42:48:bd:45:4d:5e:61:24:56:39:cd:ee:
e1:6d:75:3d:49:4d:e1:89:8d:95:2e:6a:0d:2c:6d:
9a:96:5d:f2:0e:e8:cd:e1:38:83:d9:28:8c:dd:d3:
b3:85:73:34:88:af:97:ee:da:d5:7a:86:ce:e5:88:
7a:a3:0d:d2:3c:7b:5e:02:4c:71:34:3b:c9:18:be:
65:b6:59:f0:3c:c7:66:54:a0:a2:8d:30:ff:ad:b8:
dd:a0:a4:be:f3:7a:eb:bf:a1:68:b7:c1:f3:86:73:
2d:9c:e6:3a:d9:40:7c:6e:a0:8f:40:07:5c:08:11:
5e:fd:d2:c7:9e:31:ac:82:b7:0c:c6:78:84:00:88:
29:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DA:DE:31:96:FA:1F:24:E9:C7:9B:3D:F0:89:0E:94:02:E4:38:73
X509v3 Authority Key Identifier:
keyid:31:AA:DC:CA:96:F4:4A:45:73:92:D8:90:7C:6B:96:4B:E0:FC:F9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Marcypb0SkVzktiQfGuWS-D8-SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/cNreMZb6HyTpx5s98IkOlALkOHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/666786-561c-4bd0-a7b0-8f7fd3dc15fe/1/Marcypb0SkVzktiQfGuWS-D8-SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.44.0/23
Signature Algorithm: sha256WithRSAEncryption
51:de:da:2f:4a:1c:2b:c7:21:62:72:c6:68:d2:c4:2b:d1:7f:
58:61:78:1b:4e:f7:de:54:34:8b:5f:39:9c:5b:f9:b1:0e:d0:
d7:3f:b1:ff:3b:f0:a1:a9:42:d9:84:a7:6f:47:59:70:4d:45:
91:bb:75:24:0d:7d:47:73:49:43:9e:eb:c9:f2:6a:56:d6:41:
1d:38:81:5d:50:ed:66:4e:17:11:97:4d:5d:70:f7:a6:67:ce:
76:b4:bd:a4:04:11:69:dd:b3:40:1e:32:36:b4:db:26:71:0b:
a8:74:04:3e:78:db:23:da:6b:a3:92:99:ca:35:41:b5:1c:cc:
32:a4:ed:8c:67:48:17:42:fd:62:63:c0:b2:33:05:7f:ce:50:
f0:ac:4e:28:4a:b9:8a:45:ac:47:31:a0:08:80:ae:59:84:be:
93:08:30:0c:cf:09:bd:ff:28:9c:d2:f8:9c:d9:81:38:5f:79:
22:73:bd:5b:22:81:62:ee:85:bb:7f:aa:f6:3d:78:6f:b6:73:
c9:5e:6f:9c:ee:ca:42:70:ac:65:d3:a2:3b:e2:1b:b5:16:1a:
ea:bf:94:7e:a9:2c:a2:b0:a8:92:e6:7b:d2:92:9a:db:00:19:
e8:5b:0d:32:43:29:5d:51:45:a3:22:61:a2:8b:c9:51:41:00:
bf:64:13:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk0nRc3iaafbC7SpBHMahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYWFkY2NhOTZmNDRhNDU3MzkyZDg5MDdjNmI5NjRiZTBm
Y2Y5MjEwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRhZGUzMTk2ZmExZjI0ZTljNzliM2RmMDg5MGU5NDAyZTQzODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP5DDsUuiAvzLPE/IhssqP/TtbLa
xTc598pCYEKZtS2jKSYf6EklzFrSjcU5JwarMw4CF4xZHUa2ubtmVbcbiTcG12Kj
tZ3ibGnRJZp9d29/Z/JuzwWdA2nffdH61GEhKbtW2xcXD7LiVECNlvC7YSvV3C8n
SYLXBpFCSL1FTV5hJFY5ze7hbXU9SU3hiY2VLmoNLG2all3yDujN4TiD2SiM3dOz
hXM0iK+X7trVeobO5Yh6ow3SPHteAkxxNDvJGL5ltlnwPMdmVKCijTD/rbjdoKS+
83rrv6Fot8HzhnMtnOY62UB8bqCPQAdcCBFe/dLHnjGsgrcMxniEAIgpPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDa3jGW+h8k6cebPfCJDpQC5DhzMB8GA1UdIwQY
MBaAFDGq3MqW9EpFc5LYkHxrlkvg/PkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAt
OGY3ZmQzZGMxNWZlLzEvY05yZU1aYjZIeVRweDVzOThJa09sQUxrT0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni82NjY3ODYtNTYxYy00YmQwLWE3YjAtOGY3ZmQzZGMxNWZl
LzEvTWFyY3lwYjBTa1Z6a3RpUWZHdVdTLUQ4LVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW84sMA0G
CSqGSIb3DQEBCwUAA4IBAQBR3tovShwrxyFicsZo0sQr0X9YYXgbTvfeVDSLXzmc
W/mxDtDXP7H/O/ChqULZhKdvR1lwTUWRu3UkDX1Hc0lDnuvJ8mpW1kEdOIFdUO1m
ThcRl01dcPemZ852tL2kBBFp3bNAHjI2tNsmcQuodAQ+eNsj2mujkpnKNUG1HMwy
pO2MZ0gXQv1iY8CyMwV/zlDwrE4oSrmKRaxHMaAIgK5ZhL6TCDAMzwm9/yic0vic
2YE4X3kic71bIoFi7oW7f6r2PXhvtnPJXm+c7spCcKxl06I74hu1Fhrqv5R+qSyi
sKiS5nvSkprbABnoWw0yQyldUUWjImGii8lRQQC/ZBOh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:29 2025 by rpki-client