Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/iVzhevvy52SZMGxE0CbxWxNn8PM.roa
File: iVzhevvy52SZMGxE0CbxWxNn8PM.roa (raw, json)
Hash identifier: MJrdOy6Mq8abYAy003aDK8/ELyYh65Y11oEicNvY7zY=
Subject key identifier: 89:5C:E1:7A:FB:F2:E7:64:99:30:6C:44:D0:26:F1:5B:13:67:F0:F3
Certificate issuer: /CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Certificate serial: 01936C9870B2D704CAF6BC35A4E7E9948DB7
Authority key identifier: 3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/iVzhevvy52SZMGxE0CbxWxNn8PM.roa
Signing time: Wed 27 Nov 2024 07:49:09 +0000
ROA not before: Wed 27 Nov 2024 07:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 81.91.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:98:70:b2:d7:04:ca:f6:bc:35:a4:e7:e9:94:8d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Validity
Not Before: Nov 27 07:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895ce17afbf2e76499306c44d026f15b1367f0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:bc:95:ed:ec:bb:1f:2f:77:cf:1c:a8:b9:
37:3a:4d:b5:5e:9f:3a:f1:00:50:35:5b:2c:e0:c8:
a3:11:0e:f5:73:ea:e3:08:7e:67:84:a8:fe:65:39:
18:0d:5a:cf:2d:c1:03:a5:f2:17:63:19:3d:e5:1d:
77:d0:d2:94:63:a7:6a:b5:c6:ac:60:91:83:49:ca:
d1:c3:1e:d9:8d:93:f9:5c:74:5f:ed:c7:86:df:57:
12:0d:29:0d:52:ba:b6:b8:e1:5f:c4:72:0b:ed:2d:
c0:89:ee:4f:4e:5a:2e:64:72:d2:34:c4:9e:6c:4c:
01:b9:15:04:74:3e:9f:aa:f9:85:79:a9:6f:96:75:
bf:4b:2b:d2:bb:ed:9f:5b:28:81:68:08:15:8d:64:
7c:cf:9b:42:ba:19:27:bd:a8:e9:5a:ec:ed:a1:82:
1b:a9:d2:16:38:a6:e9:70:c9:71:ad:6a:64:f6:22:
f6:b0:9a:af:32:60:05:bc:4d:b7:17:f2:82:af:8b:
e7:89:01:7e:c4:5e:82:ff:1f:c5:0c:45:67:d3:c3:
9e:a3:7d:15:0f:dc:11:09:15:22:1d:52:0d:ef:69:
78:5e:e8:96:0a:89:4f:c6:63:cb:20:cc:ef:2b:c6:
d5:a5:96:00:9e:f9:77:87:94:69:45:67:b1:97:35:
7b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5C:E1:7A:FB:F2:E7:64:99:30:6C:44:D0:26:F1:5B:13:67:F0:F3
X509v3 Authority Key Identifier:
keyid:3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/iVzhevvy52SZMGxE0CbxWxNn8PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.188.0/24
Signature Algorithm: sha256WithRSAEncryption
66:86:e7:d2:a5:50:4e:97:a3:67:63:fe:c1:cd:7d:e6:08:cc:
51:90:86:77:6e:25:2a:e7:44:f2:27:48:10:ba:da:29:61:3d:
cd:db:c4:69:eb:8a:49:dd:3b:50:79:1d:38:ae:f0:ac:0e:fb:
f4:30:3c:02:b3:9e:68:49:2f:68:10:7e:5e:44:57:f4:2b:eb:
73:68:5b:71:df:05:19:3e:c9:c5:5a:bc:fe:b2:fa:4e:9b:41:
cb:f7:da:b3:2c:f5:50:76:da:ec:d9:27:13:a1:8b:15:5a:7f:
07:f6:a8:78:1f:3d:5a:91:13:71:e0:98:12:51:a9:e4:83:b1:
5d:be:fd:79:93:28:4a:c6:31:74:87:9e:0e:6d:49:99:e6:58:
94:13:47:9f:25:e1:a6:8f:dc:36:2e:ff:d1:41:29:ef:02:b9:
39:44:ac:e7:a2:40:e5:3b:a2:83:49:3b:bb:c9:70:b1:d6:7a:
53:9c:50:7a:fa:69:9e:35:f5:a1:ae:b7:35:b5:26:2e:09:ef:
7a:1a:a0:61:a5:e1:c0:35:ee:16:b3:b6:da:01:fa:7b:08:9f:
13:09:c2:81:89:d2:43:41:8c:e2:01:a6:8b:e3:cd:c6:5a:fa:
af:6d:ee:a2:95:25:e6:47:d0:fe:5c:fe:ce:b5:9d:9d:12:0d:
fb:bf:04:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNsmHCy1wTK9rw1pOfplI23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWRjMmJhNTk0MmUwNGZkZDhiYTk5NTE2YTFiOTNiMWU0
Zjk2MjQwHhcNMjQxMTI3MDc0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVjZTE3YWZiZjJlNzY0OTkzMDZjNDRkMDI2ZjE1YjEzNjdmMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnq8le3sux8vd88cqLk3Ok21Xp86
8QBQNVss4MijEQ71c+rjCH5nhKj+ZTkYDVrPLcEDpfIXYxk95R130NKUY6dqtcas
YJGDScrRwx7ZjZP5XHRf7ceG31cSDSkNUrq2uOFfxHIL7S3Aie5PTlouZHLSNMSe
bEwBuRUEdD6fqvmFealvlnW/SyvSu+2fWyiBaAgVjWR8z5tCuhknvajpWuztoYIb
qdIWOKbpcMlxrWpk9iL2sJqvMmAFvE23F/KCr4vniQF+xF6C/x/FDEVn08Oeo30V
D9wRCRUiHVIN72l4XuiWColPxmPLIMzvK8bVpZYAnvl3h5RpRWexlzV7YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlc4Xr78udkmTBsRNAm8VsTZ/DzMB8GA1UdIwQY
MBaAFDpdwrpZQuBP3YuplRahuTseT5YkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGIt
OWMxNWZiZDVlZTVlLzEvaVZ6aGV2dnk1MlNaTUd4RTBDYnhXeE5uOFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGItOWMxNWZiZDVlZTVl
LzEvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVu8MA0G
CSqGSIb3DQEBCwUAA4IBAQBmhufSpVBOl6NnY/7BzX3mCMxRkIZ3biUq50TyJ0gQ
utopYT3N28Rp64pJ3TtQeR04rvCsDvv0MDwCs55oSS9oEH5eRFf0K+tzaFtx3wUZ
PsnFWrz+svpOm0HL99qzLPVQdtrs2ScToYsVWn8H9qh4Hz1akRNx4JgSUankg7Fd
vv15kyhKxjF0h54ObUmZ5liUE0efJeGmj9w2Lv/RQSnvArk5RKznokDlO6KDSTu7
yXCx1npTnFB6+mmeNfWhrrc1tSYuCe96GqBhpeHANe4Ws7baAfp7CJ8TCcKBidJD
QYziAaaL483GWvqvbe6ilSXmR9D+XP7OtZ2dEg37vwSq
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:54:50 2025 by rpki-client