Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/91GDD6pxMXsrTbd4OpYWbva8MtY.roa
File: 91GDD6pxMXsrTbd4OpYWbva8MtY.roa (raw, json)
Hash identifier: VpfuNMsK+quWTA1/5dd2SlVq8dYI6mMWQ86V9W6Mtc4=
Subject key identifier: F7:51:83:0F:AA:71:31:7B:2B:4D:B7:78:3A:96:16:6E:F6:BC:32:D6
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 018CC348B55576C55AAD073EC4E110DF9D6D
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/91GDD6pxMXsrTbd4OpYWbva8MtY.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8860
IP address blocks: 5.182.21.0/24 maxlen: 24
5.182.20.0/24 maxlen: 24
2a0e:b800:dddd::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Aug 2024 09:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b5:55:76:c5:5a:ad:07:3e:c4:e1:10:df:9d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f751830faa71317b2b4db7783a96166ef6bc32d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b8:35:a0:99:f0:bf:38:d8:73:e3:05:95:e1:
9a:3e:de:a9:79:29:d1:8a:e1:99:0f:54:3f:83:87:
2e:64:d2:85:d0:7f:8c:a9:f3:26:ed:3d:00:ce:b0:
63:3d:39:56:61:a1:b4:4c:6a:4c:db:da:2e:1d:60:
bc:45:f8:a0:50:0d:3f:1e:53:76:6c:09:6c:60:38:
d9:d0:5c:51:a1:2c:61:42:34:4a:f3:cc:c9:2b:fa:
2f:5e:32:e3:64:4b:8a:94:8e:d1:44:36:73:e9:65:
34:bb:57:61:4a:38:57:da:27:2f:7a:14:b4:ce:62:
8c:d5:5d:6a:25:a1:b1:d4:82:91:61:16:68:79:d5:
42:5d:8a:2d:5a:3c:96:35:1e:17:a7:e3:c6:38:ff:
41:48:48:f3:8a:58:0a:b3:a8:70:d5:5f:28:08:63:
a3:ec:94:04:65:0e:b2:f0:69:70:4c:05:5c:96:ff:
56:50:17:96:f7:c9:dc:76:f5:d6:b1:a5:31:c6:87:
04:77:be:73:69:38:b7:69:89:65:bc:67:5f:9c:cd:
e4:d9:0e:b8:d4:8e:16:81:b2:00:23:60:2c:43:fd:
2a:29:8d:a2:9c:95:4e:01:b3:e1:de:8f:52:0d:3c:
53:9e:35:53:b0:22:2c:9e:56:c0:48:f2:55:a9:b9:
e1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:51:83:0F:AA:71:31:7B:2B:4D:B7:78:3A:96:16:6E:F6:BC:32:D6
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/91GDD6pxMXsrTbd4OpYWbva8MtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.20.0/23
IPv6:
2a0e:b800:dddd::/48
Signature Algorithm: sha256WithRSAEncryption
21:d8:75:d5:93:2a:6e:2d:20:52:bf:0c:d2:42:d5:ff:6f:6d:
a1:bb:7f:4a:af:1a:59:8e:47:7a:9d:0b:99:9f:34:8f:d2:e4:
66:f3:c9:0a:f7:20:c3:5b:58:bb:8f:46:25:34:92:3b:ca:bf:
5c:12:99:3f:a7:f7:fb:6a:0b:b8:f2:98:d6:9b:06:6e:5f:c5:
72:d1:66:3a:d3:47:ec:ec:46:47:55:b1:ab:a8:5e:95:60:0b:
2f:fe:31:6b:81:31:cc:dc:c6:5d:44:6a:f4:e8:86:61:a1:eb:
b4:20:88:c2:04:78:a0:d5:ba:fa:d6:a5:38:7e:94:e7:04:1c:
7e:23:8d:59:8d:dc:9b:c8:66:51:3e:12:f3:0f:c9:f1:53:16:
74:5f:1b:0e:56:83:8c:13:06:9a:7e:9d:37:da:b6:e2:0e:63:
1c:1b:1c:cf:76:03:b5:3c:9a:38:71:79:5c:4e:90:b6:57:38:
fc:36:68:eb:63:1b:b8:42:05:4b:23:3e:89:e3:90:af:42:1a:
8a:2e:9c:0b:b3:f1:fc:66:ba:50:4b:cf:71:63:a6:4b:05:18:
45:03:bf:2d:ab:e4:38:c1:8f:e5:38:c3:ae:e0:2c:f4:b9:6a:
d8:ee:df:52:49:f6:e1:20:da:88:8b:2a:08:8a:3d:07:c8:4c:
37:10:76:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSLVVdsVarQc+xOEQ351tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzUxODMwZmFhNzEzMTdiMmI0ZGI3NzgzYTk2MTY2ZWY2YmMzMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobg1oJnwvzjYc+MFleGaPt6peSnR
iuGZD1Q/g4cuZNKF0H+MqfMm7T0AzrBjPTlWYaG0TGpM29ouHWC8RfigUA0/HlN2
bAlsYDjZ0FxRoSxhQjRK88zJK/ovXjLjZEuKlI7RRDZz6WU0u1dhSjhX2icvehS0
zmKM1V1qJaGx1IKRYRZoedVCXYotWjyWNR4Xp+PGOP9BSEjzilgKs6hw1V8oCGOj
7JQEZQ6y8GlwTAVclv9WUBeW98ncdvXWsaUxxocEd75zaTi3aYllvGdfnM3k2Q64
1I4WgbIAI2AsQ/0qKY2inJVOAbPh3o9SDTxTnjVTsCIsnlbASPJVqbnhRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPdRgw+qcTF7K023eDqWFm72vDLWMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvOTFHREQ2cHhNWHNyVGJkNE9wWVdidmE4TXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBBbYUMA8E
AgACMAkDBwAqDrgA3d0wDQYJKoZIhvcNAQELBQADggEBACHYddWTKm4tIFK/DNJC
1f9vbaG7f0qvGlmOR3qdC5mfNI/S5GbzyQr3IMNbWLuPRiU0kjvKv1wSmT+n9/tq
C7jymNabBm5fxXLRZjrTR+zsRkdVsauoXpVgCy/+MWuBMczcxl1EavTohmGh67Qg
iMIEeKDVuvrWpTh+lOcEHH4jjVmN3JvIZlE+EvMPyfFTFnRfGw5Wg4wTBpp+nTfa
tuIOYxwbHM92A7U8mjhxeVxOkLZXOPw2aOtjG7hCBUsjPonjkK9CGoounAuz8fxm
ulBLz3FjpksFGEUDvy2r5DjBj+U4w67gLPS5atju31JJ9uEg2oiLKgiKPQfITDcQ
dqM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:36 2025 by rpki-client