Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/3gEkCZlP8XTgKuVIEmJEkCKpncU.roa
File: 3gEkCZlP8XTgKuVIEmJEkCKpncU.roa (raw, json)
Hash identifier: ecTRYVWB+2AvUAaJR9CKpxhkduVI9J93qLxTQApmHeM=
Subject key identifier: DE:01:24:09:99:4F:F1:74:E0:2A:E5:48:12:62:44:90:22:A9:9D:C5
Certificate issuer: /CN=36cfb3975bbd5ef87b29c3dc4a4b98ea5c25c444
Certificate serial: 018CC649A712403439CC957953C8BC73B7FD
Authority key identifier: 36:CF:B3:97:5B:BD:5E:F8:7B:29:C3:DC:4A:4B:98:EA:5C:25:C4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/3gEkCZlP8XTgKuVIEmJEkCKpncU.roa
Signing time: Mon 01 Jan 2024 18:29:24 +0000
ROA not before: Mon 01 Jan 2024 18:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47991
IP address blocks: 91.208.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:a7:12:40:34:39:cc:95:79:53:c8:bc:73:b7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36cfb3975bbd5ef87b29c3dc4a4b98ea5c25c444
Validity
Not Before: Jan 1 18:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de012409994ff174e02ae5481262449022a99dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1e:26:6b:a8:08:b5:9a:de:78:19:46:3c:7f:
d6:76:73:6a:d5:2f:52:2c:e4:db:a1:eb:0c:d0:24:
65:5d:80:79:36:fe:38:69:93:ff:93:7e:61:f5:84:
bc:29:ec:3c:56:47:42:60:05:84:4a:35:c3:f1:d3:
b2:8e:3d:e5:a0:58:84:56:8a:16:b1:e2:aa:ef:8f:
9b:f0:69:56:47:ba:00:ed:20:1f:f0:72:5e:3c:c4:
a1:20:d6:05:dc:7a:b5:77:65:79:3b:e0:6c:3d:f7:
b6:26:bb:f2:b5:bc:06:06:6e:5b:e5:f3:9c:0e:de:
d3:49:5d:08:bc:30:d1:c0:8f:fe:c3:dd:fd:2e:10:
4a:df:a2:b4:44:c5:00:3f:1e:66:b3:6b:ae:8f:18:
05:df:77:c3:4f:89:d6:0a:6c:9a:c9:0d:15:2c:9c:
01:36:ea:20:85:a3:14:21:e8:74:fd:c7:9d:b5:74:
ea:3c:b9:3c:a1:44:fd:42:f6:81:20:f1:4f:01:8f:
59:76:72:9e:f3:cc:27:e4:38:0e:a3:be:75:e4:fa:
1b:3a:42:cb:50:a7:52:39:56:83:a9:6c:21:f7:7c:
a2:1c:53:14:5f:60:68:91:5c:d6:4e:5e:97:37:d7:
b9:36:cc:7b:31:bb:24:f5:36:86:2a:a8:f0:5f:4e:
bd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:01:24:09:99:4F:F1:74:E0:2A:E5:48:12:62:44:90:22:A9:9D:C5
X509v3 Authority Key Identifier:
keyid:36:CF:B3:97:5B:BD:5E:F8:7B:29:C3:DC:4A:4B:98:EA:5C:25:C4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/3gEkCZlP8XTgKuVIEmJEkCKpncU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2c1061-db25-44bd-804c-a14dcee57e74/1/Ns-zl1u9Xvh7KcPcSkuY6lwlxEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.235.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:94:df:da:6a:b5:e5:e9:eb:76:26:2f:8d:8d:2a:eb:29:eb:
78:55:46:03:2c:53:14:b3:98:a5:2d:e9:35:7f:40:c5:34:0b:
4a:f2:f5:13:11:f6:e0:cc:26:51:f9:a5:6f:31:29:07:6e:e9:
64:ec:b0:0a:fa:f8:e5:82:91:37:28:51:49:1a:d5:55:ba:c2:
27:d6:0d:d8:cf:8d:8d:e3:25:ce:70:29:0e:4e:51:72:32:65:
13:02:09:d4:69:62:6a:70:28:fb:a5:ef:2d:d1:f7:05:2b:5e:
ee:a8:4e:9d:76:31:3d:94:b1:99:bd:77:a9:ad:b9:bf:3d:ef:
3a:c8:06:f0:e2:29:ff:2c:e3:de:17:67:60:f0:24:02:07:da:
66:20:46:50:e7:6a:22:60:19:d8:27:96:2c:97:6e:13:e6:1a:
f5:e1:f0:e8:4f:e2:59:f7:cb:aa:ef:5a:b7:d7:14:ba:7d:33:
ab:bc:b7:bf:d6:4c:45:5e:ee:e0:33:5f:a6:7f:97:b3:18:27:
12:47:c5:72:f5:36:7b:be:67:3e:c7:3f:79:76:d6:19:0a:83:
e0:99:f4:1d:59:34:94:f8:ae:e0:b2:1a:11:c2:c2:a9:ac:8d:
95:7a:e5:b5:d6:c4:a2:ed:49:be:70:90:f0:aa:33:b2:78:b7:
5f:ae:dc:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSacSQDQ5zJV5U8i8c7f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2ZiMzk3NWJiZDVlZjg3YjI5YzNkYzRhNGI5OGVhNWMy
NWM0NDQwHhcNMjQwMTAxMTgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAxMjQwOTk5NGZmMTc0ZTAyYWU1NDgxMjYyNDQ5MDIyYTk5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR4ma6gItZreeBlGPH/WdnNq1S9S
LOTboesM0CRlXYB5Nv44aZP/k35h9YS8Kew8VkdCYAWESjXD8dOyjj3loFiEVooW
seKq74+b8GlWR7oA7SAf8HJePMShINYF3Hq1d2V5O+BsPfe2JrvytbwGBm5b5fOc
Dt7TSV0IvDDRwI/+w939LhBK36K0RMUAPx5ms2uujxgF33fDT4nWCmyayQ0VLJwB
NuoghaMUIeh0/cedtXTqPLk8oUT9QvaBIPFPAY9ZdnKe88wn5DgOo7515PobOkLL
UKdSOVaDqWwh93yiHFMUX2BokVzWTl6XN9e5Nsx7Mbsk9TaGKqjwX0697QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4BJAmZT/F04CrlSBJiRJAiqZ3FMB8GA1UdIwQY
MBaAFDbPs5dbvV74eynD3EpLmOpcJcREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnMtemwxdTlYdmg3S2NQY1NrdVk2bHdseEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYzEwNjEtZGIyNS00NGJkLTgwNGMt
YTE0ZGNlZTU3ZTc0LzEvM2dFa0NabFA4WFRnS3VWSUVtSkVrQ0twbmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYzEwNjEtZGIyNS00NGJkLTgwNGMtYTE0ZGNlZTU3ZTc0
LzEvTnMtemwxdTlYdmg3S2NQY1NrdVk2bHdseEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DrMA0G
CSqGSIb3DQEBCwUAA4IBAQC6lN/aarXl6et2Ji+NjSrrKet4VUYDLFMUs5ilLek1
f0DFNAtK8vUTEfbgzCZR+aVvMSkHbulk7LAK+vjlgpE3KFFJGtVVusIn1g3Yz42N
4yXOcCkOTlFyMmUTAgnUaWJqcCj7pe8t0fcFK17uqE6ddjE9lLGZvXeprbm/Pe86
yAbw4in/LOPeF2dg8CQCB9pmIEZQ52oiYBnYJ5Ysl24T5hr14fDoT+JZ98uq71q3
1xS6fTOrvLe/1kxFXu7gM1+mf5ezGCcSR8Vy9TZ7vmc+xz95dtYZCoPgmfQdWTSU
+K7gshoRwsKprI2VeuW11sSi7Um+cJDwqjOyeLdfrtxe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:33 2025 by rpki-client