Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4003bd-494d-4246-be94-c8659f76a2ea/1/D_WV9Qs1CrhMaFh0UWM4Y2xqaA8.roa
File: D_WV9Qs1CrhMaFh0UWM4Y2xqaA8.roa (raw, json)
Hash identifier: GUTONQLz16OpbT46d720UXyCK5yhakGqAKivbnm8n5s=
Subject key identifier: 0F:F5:95:F5:0B:35:0A:B8:4C:68:58:74:51:63:38:63:6C:6A:68:0F
Certificate issuer: /CN=419a82be1e16422f9a88549af6d542481d691ac9
Certificate serial: 01932198EB6AF180CD16C0DBE280ECD0C6EE
Authority key identifier: 41:9A:82:BE:1E:16:42:2F:9A:88:54:9A:F6:D5:42:48:1D:69:1A:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZqCvh4WQi-aiFSa9tVCSB1pGsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4003bd-494d-4246-be94-c8659f76a2ea/1/D_WV9Qs1CrhMaFh0UWM4Y2xqaA8.roa
Signing time: Tue 12 Nov 2024 18:18:09 +0000
ROA not before: Tue 12 Nov 2024 18:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48955
IP address blocks: 91.211.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:98:eb:6a:f1:80:cd:16:c0:db:e2:80:ec:d0:c6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=419a82be1e16422f9a88549af6d542481d691ac9
Validity
Not Before: Nov 12 18:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ff595f50b350ab84c685874516338636c6a680f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:17:8a:7f:40:93:fc:91:4c:e8:02:30:5f:
16:93:e0:9b:ce:63:82:47:53:e8:54:61:a4:68:bb:
04:51:d9:8c:ce:7e:1a:9e:b5:62:71:be:65:a8:ce:
d9:f6:f7:d0:de:ab:f0:47:56:9b:05:5f:cc:21:64:
83:db:e4:a4:ff:73:d0:6a:1a:47:b3:24:40:2e:9c:
f1:f2:b6:cf:e2:4b:39:be:4e:dc:ff:1d:33:06:88:
34:84:c5:81:f4:27:22:2f:ff:59:8c:80:9c:bc:03:
72:4f:6d:dd:cb:58:de:60:8e:77:25:87:bc:cd:e7:
67:ac:de:3e:b9:ca:4b:ff:f4:3c:04:22:d9:df:8e:
01:54:7d:4c:1f:46:01:35:26:60:5d:6c:ab:60:24:
ff:cd:27:e2:c6:d7:2c:a6:33:7b:b4:87:43:f9:20:
ff:59:35:87:7a:de:cb:96:ca:a5:71:cc:b8:3e:24:
a8:8e:ff:c3:dc:dd:bf:27:a6:be:ea:66:06:a1:89:
70:3a:8e:c0:b0:ed:48:ea:59:91:f2:a5:97:f0:40:
27:8f:50:03:a0:05:9e:64:7e:b2:0e:c7:60:c4:6b:
df:57:ec:66:94:18:a6:87:a4:a2:7b:ab:cc:18:42:
95:3e:33:be:7c:37:32:db:eb:5f:65:c6:80:cc:83:
67:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F5:95:F5:0B:35:0A:B8:4C:68:58:74:51:63:38:63:6C:6A:68:0F
X509v3 Authority Key Identifier:
keyid:41:9A:82:BE:1E:16:42:2F:9A:88:54:9A:F6:D5:42:48:1D:69:1A:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZqCvh4WQi-aiFSa9tVCSB1pGsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4003bd-494d-4246-be94-c8659f76a2ea/1/D_WV9Qs1CrhMaFh0UWM4Y2xqaA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4003bd-494d-4246-be94-c8659f76a2ea/1/QZqCvh4WQi-aiFSa9tVCSB1pGsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.87.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:cb:f3:9e:90:ec:4a:09:dc:87:62:01:65:7d:3a:40:86:f5:
26:4e:61:bb:b0:77:ca:6c:fe:9d:6b:0f:3d:c1:1a:b2:9f:e7:
6b:b4:40:c6:f0:74:39:60:ea:58:2c:c0:cf:c6:0d:68:fa:96:
11:9c:76:15:7d:3e:d0:f6:24:cf:4a:90:50:04:9e:ac:ce:28:
65:46:d1:01:75:d3:35:f8:26:63:3d:f0:33:b9:66:f8:62:e2:
36:1d:f1:7c:d7:52:55:9d:aa:39:20:88:37:ca:99:a9:d4:91:
27:03:4b:2b:fc:a0:65:45:ec:b8:27:1c:91:60:47:e1:88:db:
2a:a0:bc:78:27:6b:92:01:43:a8:03:f9:54:df:64:1c:53:05:
98:20:61:3f:d5:6d:9d:db:93:a6:68:fc:b1:d9:55:10:7c:16:
a0:11:d6:08:58:16:f5:a7:60:60:44:87:bc:0e:a4:7d:7c:7b:
3b:a9:b4:60:70:fb:54:4e:3e:67:be:61:f8:d0:30:66:99:5b:
43:b5:88:b4:af:4d:ee:c5:8d:1d:06:37:aa:8e:3e:d6:16:4b:
f8:5b:08:0a:5b:c8:a0:3c:ef:00:3f:5b:a5:d3:f8:44:af:28:
38:a2:a5:cc:2e:c8:80:9c:8d:84:bd:07:4d:0b:9d:43:64:2b:
5e:83:db:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMhmOtq8YDNFsDb4oDs0MbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOWE4MmJlMWUxNjQyMmY5YTg4NTQ5YWY2ZDU0MjQ4MWQ2
OTFhYzkwHhcNMjQxMTEyMTgxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY1OTVmNTBiMzUwYWI4NGM2ODU4NzQ1MTYzMzg2MzZjNmE2ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a8Xin9Ak/yRTOgCMF8Wk+CbzmOC
R1PoVGGkaLsEUdmMzn4anrVicb5lqM7Z9vfQ3qvwR1abBV/MIWSD2+Sk/3PQahpH
syRALpzx8rbP4ks5vk7c/x0zBog0hMWB9CciL/9ZjICcvANyT23dy1jeYI53JYe8
zednrN4+ucpL//Q8BCLZ344BVH1MH0YBNSZgXWyrYCT/zSfixtcspjN7tIdD+SD/
WTWHet7Llsqlccy4PiSojv/D3N2/J6a+6mYGoYlwOo7AsO1I6lmR8qWX8EAnj1AD
oAWeZH6yDsdgxGvfV+xmlBimh6Sie6vMGEKVPjO+fDcy2+tfZcaAzINn1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/1lfULNQq4TGhYdFFjOGNsamgPMB8GA1UdIwQY
MBaAFEGagr4eFkIvmohUmvbVQkgdaRrJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpxQ3ZoNFdRaS1haUZTYTl0VkNTQjFwR3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MDAzYmQtNDk0ZC00MjQ2LWJlOTQt
Yzg2NTlmNzZhMmVhLzEvRF9XVjlRczFDcmhNYUZoMFVXTTRZMnhxYUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MDAzYmQtNDk0ZC00MjQ2LWJlOTQtYzg2NTlmNzZhMmVh
LzEvUVpxQ3ZoNFdRaS1haUZTYTl0VkNTQjFwR3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9NXMA0G
CSqGSIb3DQEBCwUAA4IBAQCgy/OekOxKCdyHYgFlfTpAhvUmTmG7sHfKbP6daw89
wRqyn+drtEDG8HQ5YOpYLMDPxg1o+pYRnHYVfT7Q9iTPSpBQBJ6szihlRtEBddM1
+CZjPfAzuWb4YuI2HfF811JVnao5IIg3ypmp1JEnA0sr/KBlRey4JxyRYEfhiNsq
oLx4J2uSAUOoA/lU32QcUwWYIGE/1W2d25OmaPyx2VUQfBagEdYIWBb1p2BgRIe8
DqR9fHs7qbRgcPtUTj5nvmH40DBmmVtDtYi0r03uxY0dBjeqjj7WFkv4WwgKW8ig
PO8AP1ul0/hEryg4oqXMLsiAnI2EvQdNC51DZCteg9to
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:03 2025 by rpki-client