Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/lU087P7wZlFSMjgoyXsxY9zXmik.roa
File: lU087P7wZlFSMjgoyXsxY9zXmik.roa (raw, json)
Hash identifier: 7O4xkPdjYcKY9zlyAkEK5+5UWHFzspkvrS/Kd21GvuA=
Subject key identifier: 95:4D:3C:EC:FE:F0:66:51:52:32:38:28:C9:7B:31:63:DC:D7:9A:29
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0192543233D5076943ABD21D4AE56BD48AB8
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/lU087P7wZlFSMjgoyXsxY9zXmik.roa
Signing time: Thu 03 Oct 2024 21:03:48 +0000
ROA not before: Thu 03 Oct 2024 21:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 91.239.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:54:32:33:d5:07:69:43:ab:d2:1d:4a:e5:6b:d4:8a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Oct 3 21:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954d3cecfef0665152323828c97b3163dcd79a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f6:8c:14:1a:86:35:47:83:fe:df:33:7e:3c:
67:64:41:9a:25:fb:63:51:e8:27:0d:48:f5:7e:bb:
62:65:4c:ef:09:e9:c2:3a:26:03:a9:f8:37:85:91:
8a:97:3d:49:30:41:c2:70:c5:d3:db:05:ab:74:06:
91:01:d0:a9:69:0a:6b:97:d2:66:eb:2a:29:01:e3:
1e:bb:80:34:68:1b:cc:b5:0a:ec:e7:86:d0:e3:93:
8e:2e:46:91:eb:ea:a5:9e:f4:3d:51:f6:12:4e:8b:
0d:1c:2b:e6:69:ac:37:34:7d:5d:a6:b0:93:28:79:
ca:a6:2e:33:de:56:9a:1f:8c:7d:d0:25:e7:0e:e5:
f1:b8:b9:1f:51:42:63:78:c5:1e:33:cc:c1:e0:2b:
4f:52:42:bb:08:e5:2d:a4:20:13:ba:51:12:e6:0c:
2d:e9:46:1b:db:9b:f1:0c:41:d1:58:ba:66:3a:7b:
91:4d:b8:9a:6c:3d:d3:00:83:3c:9e:0f:e1:b9:3f:
d2:3a:0b:15:d5:ac:c8:14:91:9e:7b:84:fd:2f:4b:
93:04:8c:d1:d4:0c:1f:28:87:ac:cc:63:c4:c9:ff:
29:76:69:26:6d:c1:25:22:bb:d8:0f:cd:38:08:5e:
07:d1:c3:d5:02:fa:50:55:1b:76:79:1e:c8:24:d3:
b5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4D:3C:EC:FE:F0:66:51:52:32:38:28:C9:7B:31:63:DC:D7:9A:29
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/lU087P7wZlFSMjgoyXsxY9zXmik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.217.0/24
Signature Algorithm: sha256WithRSAEncryption
16:dd:37:27:e5:db:db:e4:5b:2c:32:36:7f:89:ae:5d:1a:39:
99:e0:f5:9e:7f:8f:82:b9:58:be:8b:c9:d3:5c:3a:f3:ff:71:
9a:6a:a4:06:e7:7c:84:24:87:b2:e2:39:6e:d9:ad:6d:35:2a:
5d:67:2c:a6:cf:cd:06:89:1c:53:92:84:f4:ac:44:0e:c6:1a:
b1:4c:46:f0:ca:34:4e:6e:f3:c9:61:c2:e3:85:04:77:33:fb:
b6:84:b0:4e:6e:3f:6b:2f:4f:93:81:19:32:ab:45:30:34:36:
64:63:da:b8:ac:5b:d9:c5:0d:15:3c:2a:ee:19:38:e8:eb:3a:
e0:2f:cd:6f:6c:77:18:db:05:37:d8:8c:fe:22:df:c6:c6:f1:
91:23:a6:a9:a8:b7:46:bc:93:70:c4:dd:fb:a0:71:c7:85:f2:
c3:06:42:10:ab:97:e7:4b:02:7a:69:f0:2a:00:88:c2:bc:80:
47:5d:47:33:7d:5f:95:44:ba:9a:b5:bd:ff:07:bf:7f:3b:a4:
d6:57:a9:74:5b:ca:f0:11:32:2d:ba:cf:62:2d:45:fd:b7:17:
e2:9d:7a:8d:72:5f:28:18:68:2c:37:24:40:e3:85:a4:ac:e4:
4e:b1:7e:b7:4f:60:75:f9:de:88:e0:bc:8f:61:28:48:a5:aa:
77:6c:1e:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJUMjPVB2lDq9IdSuVr1Iq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMDAzMjEwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRkM2NlY2ZlZjA2NjUxNTIzMjM4MjhjOTdiMzE2M2RjZDc5YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vaMFBqGNUeD/t8zfjxnZEGaJftj
UegnDUj1frtiZUzvCenCOiYDqfg3hZGKlz1JMEHCcMXT2wWrdAaRAdCpaQprl9Jm
6yopAeMeu4A0aBvMtQrs54bQ45OOLkaR6+qlnvQ9UfYSTosNHCvmaaw3NH1dprCT
KHnKpi4z3laaH4x90CXnDuXxuLkfUUJjeMUeM8zB4CtPUkK7COUtpCATulES5gwt
6UYb25vxDEHRWLpmOnuRTbiabD3TAIM8ng/huT/SOgsV1azIFJGee4T9L0uTBIzR
1AwfKIeszGPEyf8pdmkmbcElIrvYD804CF4H0cPVAvpQVRt2eR7IJNO1VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVNPOz+8GZRUjI4KMl7MWPc15opMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvbFUwODdQN3dabEZTTWpnb3lYc3hZOXpYbWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/ZMA0G
CSqGSIb3DQEBCwUAA4IBAQAW3Tcn5dvb5FssMjZ/ia5dGjmZ4PWef4+CuVi+i8nT
XDrz/3GaaqQG53yEJIey4jlu2a1tNSpdZyymz80GiRxTkoT0rEQOxhqxTEbwyjRO
bvPJYcLjhQR3M/u2hLBObj9rL0+TgRkyq0UwNDZkY9q4rFvZxQ0VPCruGTjo6zrg
L81vbHcY2wU32Iz+It/GxvGRI6apqLdGvJNwxN37oHHHhfLDBkIQq5fnSwJ6afAq
AIjCvIBHXUczfV+VRLqatb3/B79/O6TWV6l0W8rwETItus9iLUX9txfinXqNcl8o
GGgsNyRA44WkrOROsX63T2B1+d6I4LyPYShIpap3bB7J
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:14 2025 by rpki-client