Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Ub5lSWLNlUqOZQ5On_mqFbz9G3w.roa
File: Ub5lSWLNlUqOZQ5On_mqFbz9G3w.roa (raw, json)
Hash identifier: tKV1DqTu3cirZQ+c7WWLYMDVgCptwBQ5iAkticMbnbU=
Subject key identifier: 51:BE:65:49:62:CD:95:4A:8E:65:0E:4E:9F:F9:AA:15:BC:FD:1B:7C
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 018CC94D4DCCD0A609BE4C7294834B5F8AAE
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Ub5lSWLNlUqOZQ5On_mqFbz9G3w.roa
Signing time: Tue 02 Jan 2024 08:32:15 +0000
ROA not before: Tue 02 Jan 2024 08:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198560
IP address blocks: 91.236.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:4d:cc:d0:a6:09:be:4c:72:94:83:4b:5f:8a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 2 08:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51be654962cd954a8e650e4e9ff9aa15bcfd1b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:51:26:f4:91:60:54:43:2d:21:07:17:be:4f:
d9:1d:a7:df:5c:5a:3c:37:c2:57:aa:8e:3c:0a:20:
f5:03:ce:48:fd:1b:fc:63:9b:04:fb:07:d2:f4:97:
29:b5:0f:37:6e:9b:80:c6:93:62:32:7b:af:18:39:
25:e5:69:e7:bc:ce:f2:c6:01:06:f1:32:24:b6:8c:
6f:0a:fd:fc:e3:03:3f:85:a4:4e:43:4c:af:a0:ea:
93:35:48:63:b4:3e:47:29:fc:df:e6:ef:e1:85:f8:
56:f6:43:fe:18:8f:ad:fa:b4:f0:a2:0b:ad:50:b4:
88:25:8a:aa:0d:13:d6:4c:84:5d:cb:25:ec:63:a7:
7c:58:c3:b8:6c:18:c6:c3:cb:7a:c4:92:03:ec:f9:
4e:8c:84:22:39:43:7c:02:b5:90:c7:a0:c6:9c:0e:
f0:43:c7:32:9a:d9:07:d0:08:74:ba:45:5c:bf:e0:
83:50:aa:ec:12:0e:9f:30:85:66:41:9c:bf:97:f7:
c7:0e:37:d9:2e:5e:ed:b9:a1:0d:55:ca:28:ae:30:
8b:66:a4:43:86:6f:70:b7:17:ec:6c:74:0c:a6:98:
82:1c:02:1f:ce:e1:8e:f2:f7:e3:0f:a3:29:1a:1f:
39:09:82:ef:22:91:b2:ee:40:ec:53:67:26:7b:96:
86:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:BE:65:49:62:CD:95:4A:8E:65:0E:4E:9F:F9:AA:15:BC:FD:1B:7C
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/Ub5lSWLNlUqOZQ5On_mqFbz9G3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.128.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d4:30:24:d8:47:8a:3c:fd:a6:ba:f2:26:1d:eb:64:98:5f:
23:85:a4:c5:cc:ba:c9:ff:92:65:c4:59:a6:94:50:2b:c2:4a:
2c:36:6a:6a:e7:79:66:84:2d:42:56:3c:ca:6d:81:a8:5c:13:
bb:51:3b:54:32:37:b6:0c:b8:66:2b:fe:ee:93:e7:81:92:4f:
ed:07:19:e7:36:40:73:10:1c:43:27:d0:79:5b:ab:2d:02:f5:
82:a3:bc:a2:20:85:34:21:08:68:c0:46:3a:a0:90:5b:ca:5b:
85:0f:1c:7c:29:ce:7b:55:8b:94:57:ab:1a:5a:33:e8:b4:c9:
51:0f:dd:ca:29:0f:00:2a:d1:8b:50:e7:54:ec:62:11:2a:c4:
88:6e:5b:36:bd:b4:70:b1:fd:83:9b:d9:49:57:3d:9b:c5:d7:
2d:5a:4e:50:c4:3f:92:c2:e3:32:b8:fd:b2:70:03:b5:89:2f:
a8:f8:d0:58:d3:48:96:91:fd:9f:35:28:94:7d:44:29:d8:94:
a6:84:0b:db:d0:a1:b4:92:b1:12:7c:0a:51:e6:f7:74:4f:c6:
2f:32:aa:9d:c4:1b:31:83:1d:a8:65:97:26:16:15:ac:b7:27:
93:ef:37:9f:aa:53:9b:a4:eb:ac:75:54:e6:1c:74:37:dd:26:
6c:fc:69:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTU3M0KYJvkxylINLX4quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjQwMTAyMDgzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWJlNjU0OTYyY2Q5NTRhOGU2NTBlNGU5ZmY5YWExNWJjZmQxYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolEm9JFgVEMtIQcXvk/ZHaffXFo8
N8JXqo48CiD1A85I/Rv8Y5sE+wfS9JcptQ83bpuAxpNiMnuvGDkl5WnnvM7yxgEG
8TIktoxvCv384wM/haROQ0yvoOqTNUhjtD5HKfzf5u/hhfhW9kP+GI+t+rTwogut
ULSIJYqqDRPWTIRdyyXsY6d8WMO4bBjGw8t6xJID7PlOjIQiOUN8ArWQx6DGnA7w
Q8cymtkH0Ah0ukVcv+CDUKrsEg6fMIVmQZy/l/fHDjfZLl7tuaENVcoorjCLZqRD
hm9wtxfsbHQMppiCHAIfzuGO8vfjD6MpGh85CYLvIpGy7kDsU2cme5aGrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFG+ZUlizZVKjmUOTp/5qhW8/Rt8MB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvVWI1bFNXTE5sVXFPWlE1T25fbXFGYno5RzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+yAMA0G
CSqGSIb3DQEBCwUAA4IBAQBY1DAk2EeKPP2muvImHetkmF8jhaTFzLrJ/5JlxFmm
lFArwkosNmpq53lmhC1CVjzKbYGoXBO7UTtUMje2DLhmK/7uk+eBkk/tBxnnNkBz
EBxDJ9B5W6stAvWCo7yiIIU0IQhowEY6oJBbyluFDxx8Kc57VYuUV6saWjPotMlR
D93KKQ8AKtGLUOdU7GIRKsSIbls2vbRwsf2Dm9lJVz2bxdctWk5QxD+SwuMyuP2y
cAO1iS+o+NBY00iWkf2fNSiUfUQp2JSmhAvb0KG0krESfApR5vd0T8YvMqqdxBsx
gx2oZZcmFhWstyeT7zefqlObpOusdVTmHHQ33SZs/GmF
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:34:04 2025 by rpki-client