Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/lwAcnmRUUFgsZVghJY96Q8LpuTU.roa
File: lwAcnmRUUFgsZVghJY96Q8LpuTU.roa (raw, json)
Hash identifier: n7e0Db0bGoHPLJXa+T2DDvzFR/jNRTrKN87hN3nY+nM=
Subject key identifier: 97:00:1C:9E:64:54:50:58:2C:65:58:21:25:8F:7A:43:C2:E9:B9:35
Certificate issuer: /CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Certificate serial: 018E66490468B9DC4969D4B2C6E2EBD4DB8B
Authority key identifier: 9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/lwAcnmRUUFgsZVghJY96Q8LpuTU.roa
Signing time: Fri 22 Mar 2024 13:10:45 +0000
ROA not before: Fri 22 Mar 2024 13:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.200.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 17:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:49:04:68:b9:dc:49:69:d4:b2:c6:e2:eb:d4:db:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Validity
Not Before: Mar 22 13:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97001c9e645450582c655821258f7a43c2e9b935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9b:cc:a2:99:ad:6c:ce:38:9a:73:eb:96:b0:
26:76:ca:b4:16:7f:cc:c5:00:1c:11:39:25:ea:c5:
ca:50:fb:58:54:49:e8:23:0c:28:b0:7a:12:68:fb:
cb:6e:30:4a:68:8f:0f:44:d5:0d:c1:df:00:be:fc:
4c:c1:60:6f:90:59:64:30:5b:c7:31:c5:97:93:8e:
0b:4c:77:0f:99:4e:4b:20:c7:f9:58:c7:6c:f2:be:
fd:af:67:14:9c:23:02:64:0e:55:56:5a:e3:4e:02:
c8:e8:73:25:44:6f:56:c5:09:84:01:04:c8:20:dd:
ae:fd:cc:61:d7:34:4e:45:79:ec:61:37:5e:f4:91:
d2:bf:87:41:74:d5:b7:e6:94:f3:41:f7:d4:79:37:
ec:94:da:14:a2:0d:67:80:50:05:85:f4:a6:32:fa:
54:8f:26:50:42:ab:cc:da:a9:96:6b:8d:47:68:e6:
aa:b6:58:be:e4:ae:87:25:7a:52:a9:20:c0:32:5f:
19:44:37:8e:79:5c:bd:bd:f4:7a:1c:58:b0:de:71:
98:8b:9a:e7:7f:4f:bd:52:13:94:ba:f5:b1:07:c8:
51:00:ae:8b:27:f7:ce:c4:92:64:93:d0:77:e2:f8:
0a:21:88:8e:49:4e:49:61:be:be:51:cf:34:9e:c1:
0f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:00:1C:9E:64:54:50:58:2C:65:58:21:25:8F:7A:43:C2:E9:B9:35
X509v3 Authority Key Identifier:
keyid:9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/lwAcnmRUUFgsZVghJY96Q8LpuTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:0e:e3:a9:fb:eb:d1:55:7a:18:82:3f:47:a6:02:e5:ec:24:
bb:4e:b1:f4:b0:6c:d0:77:87:44:73:ab:b2:94:7d:74:d3:cc:
95:7b:b8:2a:b3:7b:6c:cd:4f:6e:bb:27:6c:1e:50:8d:c1:cb:
0b:26:d3:03:44:10:2a:18:33:e4:06:2a:b9:5d:ff:b7:cf:97:
7d:81:f8:07:f8:3e:20:fe:7c:44:09:ea:f3:b6:02:fe:d6:21:
f6:e9:66:b3:3d:b9:41:2e:2c:bd:e5:dc:92:72:d1:51:d6:49:
57:24:02:c2:81:8f:b6:6e:a9:9b:ae:40:dc:d9:12:2a:f8:07:
bd:d3:04:96:55:86:b8:b2:96:75:ea:eb:94:78:e1:d0:fc:46:
00:ae:d8:60:27:00:7a:2d:49:bd:1e:c5:f9:fd:71:72:c8:d8:
45:83:25:0e:45:a5:fb:3e:27:1a:a9:51:56:79:b5:67:74:c0:
58:d0:3d:86:ea:3f:8b:40:b5:d4:c1:a6:96:9f:65:1a:7c:6c:
22:bb:ba:01:a5:85:ea:5c:a3:8b:e6:73:42:4d:fb:e1:3a:3e:
7a:42:50:72:60:0c:e7:13:da:14:96:ef:47:fe:0b:56:16:1c:
4a:a9:8a:7c:bb:14:5d:c8:55:97:7c:11:20:8e:72:fb:85:4e:
d6:74:f9:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5mSQRoudxJadSyxuLr1NuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2VjMjFlMTBmMzY0NmU0ZGMwZTIzZjVmN2VjNDQ1MDE1
NjBkZTMwHhcNMjQwMzIyMTMxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzAwMWM5ZTY0NTQ1MDU4MmM2NTU4MjEyNThmN2E0M2MyZTliOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZvMopmtbM44mnPrlrAmdsq0Fn/M
xQAcETkl6sXKUPtYVEnoIwwosHoSaPvLbjBKaI8PRNUNwd8AvvxMwWBvkFlkMFvH
McWXk44LTHcPmU5LIMf5WMds8r79r2cUnCMCZA5VVlrjTgLI6HMlRG9WxQmEAQTI
IN2u/cxh1zRORXnsYTde9JHSv4dBdNW35pTzQffUeTfslNoUog1ngFAFhfSmMvpU
jyZQQqvM2qmWa41HaOaqtli+5K6HJXpSqSDAMl8ZRDeOeVy9vfR6HFiw3nGYi5rn
f0+9UhOUuvWxB8hRAK6LJ/fOxJJkk9B34vgKIYiOSU5JYb6+Uc80nsEP+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcAHJ5kVFBYLGVYISWPekPC6bk1MB8GA1UdIwQY
MBaAFJ8+wh4Q82RuTcDiP19+xEUBVg3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUt
N2JhMjVkNTU5NWZhLzEvbHdBY25tUlVVRmdzWlZnaEpZOTZROExwdVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUtN2JhMjVkNTU5NWZh
LzEvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8iRMA0G
CSqGSIb3DQEBCwUAA4IBAQChDuOp++vRVXoYgj9HpgLl7CS7TrH0sGzQd4dEc6uy
lH1008yVe7gqs3tszU9uuydsHlCNwcsLJtMDRBAqGDPkBiq5Xf+3z5d9gfgH+D4g
/nxECerztgL+1iH26WazPblBLiy95dySctFR1klXJALCgY+2bqmbrkDc2RIq+Ae9
0wSWVYa4spZ16uuUeOHQ/EYArthgJwB6LUm9HsX5/XFyyNhFgyUORaX7PicaqVFW
ebVndMBY0D2G6j+LQLXUwaaWn2UafGwiu7oBpYXqXKOL5nNCTfvhOj56QlByYAzn
E9oUlu9H/gtWFhxKqYp8uxRdyFWXfBEgjnL7hU7WdPlM
-----END CERTIFICATE-----
Generated at Mon Mar 25 19:53:16 2024 by rpki-client on console-fra.rpki-client.org