Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCagtDY1oIUUpCfw5hPufmvQGKc.roa
File: nCagtDY1oIUUpCfw5hPufmvQGKc.roa (raw, json)
Hash identifier: vf4CjC/PigoHWIX+g6t1/knl5D1gHKwQUJi6DcRPE0U=
Subject key identifier: 9C:26:A0:B4:36:35:A0:85:14:A4:27:F0:E6:13:EE:7E:6B:D0:18:A7
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 018CC3488F7059A0C602BADF17B5B5F441B9
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCagtDY1oIUUpCfw5hPufmvQGKc.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12642
IP address blocks: 91.195.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8f:70:59:a0:c6:02:ba:df:17:b5:b5:f4:41:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c26a0b43635a08514a427f0e613ee7e6bd018a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6f:36:22:08:6f:c4:4b:d1:45:40:c3:ec:bf:
85:ad:8f:4d:02:2f:27:50:b7:1e:f3:3a:87:47:5f:
84:6b:6d:a9:8c:7c:41:87:cf:8f:ce:77:da:52:87:
41:d1:3b:e0:03:ca:31:5c:24:97:9e:f8:e8:4d:e8:
17:e3:17:06:21:e9:d8:0f:52:c7:ef:d5:8d:7b:e8:
e9:a8:0f:f4:56:8b:f0:18:08:ef:f4:11:04:aa:e7:
4e:f1:0b:a8:b7:27:61:1d:70:9c:6f:d6:de:ad:d7:
e5:d0:48:5f:f7:fc:fa:ba:95:0f:51:f8:b2:68:eb:
df:65:fd:65:68:7c:49:e3:d0:45:e4:7d:e3:75:5f:
44:12:90:70:29:4b:b0:06:49:5d:36:63:f3:da:95:
a5:f9:b4:99:f4:3b:4e:c4:02:f9:eb:0f:34:44:52:
64:5c:e9:fa:fb:e1:32:b0:19:ba:3e:ca:e6:bb:23:
cc:11:48:d0:7d:be:e1:bb:b7:b3:48:fb:66:89:98:
09:a1:1e:9c:87:72:9a:71:61:42:f8:d1:18:97:7b:
f7:e0:d6:23:f8:5a:7d:e4:b3:bd:d2:fe:7d:5e:1f:
56:e6:19:0d:24:57:6c:83:e5:c7:ae:b5:a7:20:90:
f6:69:66:e5:2e:9c:be:62:69:4c:57:ba:df:72:fc:
74:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:26:A0:B4:36:35:A0:85:14:A4:27:F0:E6:13:EE:7E:6B:D0:18:A7
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/nCagtDY1oIUUpCfw5hPufmvQGKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:03:e7:8c:8e:47:86:fb:20:30:4b:b3:11:70:ca:83:b4:27:
ab:4f:d6:cc:76:71:55:9a:ff:7c:b3:1a:46:d0:6f:86:54:e4:
42:1a:04:d3:16:37:09:45:f8:5b:b9:7f:6c:b4:d5:e6:64:d9:
1b:c2:82:bf:1b:dc:91:ae:2c:bd:3f:95:17:a3:ac:8b:50:3d:
54:2c:38:9d:a4:63:51:bc:ce:3a:4a:28:ce:c0:84:9a:41:a7:
80:14:8e:74:16:56:2e:a9:26:47:75:bc:1f:3c:41:03:59:12:
5c:0b:96:b4:11:94:fa:5d:4f:9d:20:cc:64:00:26:28:70:bb:
70:90:4d:d5:82:c5:77:73:23:ac:dc:65:da:92:30:a4:b7:c8:
04:83:36:9d:50:5a:0e:83:6a:25:90:28:e7:ba:28:6c:1f:e4:
b9:b3:cd:06:e6:b7:7d:57:bc:84:89:a3:eb:9e:64:20:55:73:
60:33:c8:32:9a:d9:dd:f0:43:d6:f8:72:26:e1:42:3d:6f:1a:
11:b4:bc:e5:07:03:5b:75:c1:38:44:d2:38:28:b4:3c:ee:4d:
37:ee:56:bf:ba:0d:ea:7d:d2:cf:1b:99:06:04:a0:6e:47:20:
6c:8f:95:3c:70:ef:e7:5f:e6:29:b8:5c:f7:e9:bd:b2:a3:5d:
f2:c7:42:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSI9wWaDGArrfF7W19EG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI2YTBiNDM2MzVhMDg1MTRhNDI3ZjBlNjEzZWU3ZTZiZDAxOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG82IghvxEvRRUDD7L+FrY9NAi8n
ULce8zqHR1+Ea22pjHxBh8+PznfaUodB0TvgA8oxXCSXnvjoTegX4xcGIenYD1LH
79WNe+jpqA/0VovwGAjv9BEEqudO8QuotydhHXCcb9berdfl0Ehf9/z6upUPUfiy
aOvfZf1laHxJ49BF5H3jdV9EEpBwKUuwBkldNmPz2pWl+bSZ9DtOxAL56w80RFJk
XOn6++EysBm6PsrmuyPMEUjQfb7hu7ezSPtmiZgJoR6ch3KacWFC+NEYl3v34NYj
+Fp95LO90v59Xh9W5hkNJFdsg+XHrrWnIJD2aWblLpy+YmlMV7rfcvx0FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwmoLQ2NaCFFKQn8OYT7n5r0BinMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvbkNhZ3REWTFvSVVVcENmdzVoUHVmbXZRR0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8O/MA0G
CSqGSIb3DQEBCwUAA4IBAQCMA+eMjkeG+yAwS7MRcMqDtCerT9bMdnFVmv98sxpG
0G+GVORCGgTTFjcJRfhbuX9stNXmZNkbwoK/G9yRriy9P5UXo6yLUD1ULDidpGNR
vM46SijOwISaQaeAFI50FlYuqSZHdbwfPEEDWRJcC5a0EZT6XU+dIMxkACYocLtw
kE3VgsV3cyOs3GXakjCkt8gEgzadUFoOg2olkCjnuihsH+S5s80G5rd9V7yEiaPr
nmQgVXNgM8gymtnd8EPW+HIm4UI9bxoRtLzlBwNbdcE4RNI4KLQ87k037la/ug3q
fdLPG5kGBKBuRyBsj5U8cO/nX+YpuFz36b2yo13yx0IS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:13 2025 by rpki-client