Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/sS5oFO1LNpIE84H9S5H1o35rnkQ.roa
File: sS5oFO1LNpIE84H9S5H1o35rnkQ.roa (raw, json)
Hash identifier: purg2FdP9LTOXpRkBe7gf9eHNHPcsnRBUpBrFuo6RUE=
Subject key identifier: B1:2E:68:14:ED:4B:36:92:04:F3:81:FD:4B:91:F5:A3:7E:6B:9E:44
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF20A2EDFF035236540FF35641B77
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/sS5oFO1LNpIE84H9S5H1o35rnkQ.roa
Signing time: Tue 02 Jan 2024 04:30:28 +0000
ROA not before: Tue 02 Jan 2024 04:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60027
IP address blocks: 91.93.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f2:0a:2e:df:f0:35:23:65:40:ff:35:64:1b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b12e6814ed4b369204f381fd4b91f5a37e6b9e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:47:83:6b:49:3d:8c:76:b9:41:81:91:fa:
03:78:a4:e4:15:b2:0b:c8:39:d0:bf:71:94:b6:96:
4e:c9:82:1a:92:bb:45:da:57:d4:10:94:b0:61:05:
b1:91:41:81:3a:ed:98:db:62:da:05:96:95:14:c2:
e2:82:e2:c0:52:d5:9a:cd:54:e1:95:70:f0:b1:ea:
a3:8f:80:d7:d2:0c:8b:0a:21:13:2d:36:8c:1f:5c:
b6:74:c6:05:4e:76:d0:b1:7e:20:b2:c5:19:43:e3:
9e:15:c9:79:14:af:12:87:90:f6:8c:4e:ae:76:23:
6b:08:63:3f:30:42:56:43:9c:f3:f9:39:85:e2:e4:
4a:9e:e4:c7:9e:0c:12:f5:26:62:60:16:67:e1:e8:
8a:1b:b9:75:17:27:62:9c:47:be:3e:64:6b:3d:2a:
fd:83:c5:12:02:ca:06:62:5a:d8:49:fe:24:56:c8:
cd:0f:03:f7:6b:8e:71:2c:4c:8f:17:34:2f:3d:d6:
60:f7:13:2d:3c:10:df:60:5c:94:d9:a4:44:07:42:
68:1c:a8:eb:6e:57:b1:68:a1:ad:ad:39:64:10:8c:
0a:44:09:b0:56:04:95:18:58:e1:1e:df:75:26:45:
e7:36:c0:0a:f8:22:cd:1a:e3:f9:36:31:7a:b5:88:
dd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:2E:68:14:ED:4B:36:92:04:F3:81:FD:4B:91:F5:A3:7E:6B:9E:44
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/sS5oFO1LNpIE84H9S5H1o35rnkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.93.50.0/24
Signature Algorithm: sha256WithRSAEncryption
21:10:e0:92:d2:74:b1:9f:6e:58:69:a2:bc:c3:b5:69:d2:1b:
7e:01:5e:74:bf:48:4b:9c:c4:f6:65:23:b5:bb:9e:b1:af:7d:
b8:26:eb:4c:16:a7:5d:90:9f:ce:3d:fa:dc:aa:be:ed:51:a7:
5a:01:2b:9f:28:ff:2e:ba:67:54:96:f7:5c:68:ee:87:6c:4b:
35:a5:21:cb:a3:73:77:16:4e:30:8c:a5:34:c9:2d:41:fe:7f:
2b:8f:19:85:1b:99:99:02:b5:3e:6f:f6:f3:95:c6:c3:d2:0c:
91:d9:fe:60:a2:9d:b4:c5:4e:50:e2:c8:67:64:33:d6:1a:a4:
61:ab:c5:13:1f:4c:ec:74:ae:f9:33:63:c7:fe:2e:0a:7d:df:
2f:3a:cc:55:1a:6b:67:42:dd:64:38:27:ba:68:c7:5f:97:04:
0f:9a:92:f8:ce:d3:8b:bb:19:e3:aa:2c:18:8c:23:d4:34:eb:
72:93:f4:c7:bf:7f:a4:c0:8b:d4:e8:bb:3e:6f:ba:83:61:20:
48:85:d8:be:99:96:d0:49:a8:23:05:c6:d1:c2:01:c0:15:e9:
58:62:7d:a1:d7:68:fa:f9:5f:27:d9:7d:24:41:89:af:81:52:
f9:63:ec:ca:44:f8:68:d0:3a:89:f5:6b:1b:29:cd:a1:f3:46:
e0:be:ad:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb/IKLt/wNSNlQP81ZBt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTJlNjgxNGVkNGIzNjkyMDRmMzgxZmQ0YjkxZjVhMzdlNmI5ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLdHg2tJPYx2uUGBkfoDeKTkFbIL
yDnQv3GUtpZOyYIakrtF2lfUEJSwYQWxkUGBOu2Y22LaBZaVFMLiguLAUtWazVTh
lXDwseqjj4DX0gyLCiETLTaMH1y2dMYFTnbQsX4gssUZQ+OeFcl5FK8Sh5D2jE6u
diNrCGM/MEJWQ5zz+TmF4uRKnuTHngwS9SZiYBZn4eiKG7l1FydinEe+PmRrPSr9
g8USAsoGYlrYSf4kVsjNDwP3a45xLEyPFzQvPdZg9xMtPBDfYFyU2aREB0JoHKjr
blexaKGtrTlkEIwKRAmwVgSVGFjhHt91JkXnNsAK+CLNGuP5NjF6tYjdZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEuaBTtSzaSBPOB/UuR9aN+a55EMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvc1M1b0ZPMUxOcElFODRIOVM1SDFvMzVybmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW10yMA0G
CSqGSIb3DQEBCwUAA4IBAQAhEOCS0nSxn25YaaK8w7Vp0ht+AV50v0hLnMT2ZSO1
u56xr324JutMFqddkJ/OPfrcqr7tUadaASufKP8uumdUlvdcaO6HbEs1pSHLo3N3
Fk4wjKU0yS1B/n8rjxmFG5mZArU+b/bzlcbD0gyR2f5gop20xU5Q4shnZDPWGqRh
q8UTH0zsdK75M2PH/i4Kfd8vOsxVGmtnQt1kOCe6aMdflwQPmpL4ztOLuxnjqiwY
jCPUNOtyk/THv3+kwIvU6Ls+b7qDYSBIhdi+mZbQSagjBcbRwgHAFelYYn2h12j6
+V8n2X0kQYmvgVL5Y+zKRPho0DqJ9WsbKc2h80bgvq1e
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:59:34 2025 by rpki-client