Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/vkER44Gql4Dp1YAjerT5EAO8Nbw.roa
File: vkER44Gql4Dp1YAjerT5EAO8Nbw.roa (raw, json)
Hash identifier: d9PlM5z+DZCVqgBwc9oOP2pNhDs7EJ+xhDT5loW72cw=
Subject key identifier: BE:41:11:E3:81:AA:97:80:E9:D5:80:23:7A:B4:F9:10:03:BC:35:BC
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 01916A0A9183C761E33CBCEA910649306BB7
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/vkER44Gql4Dp1YAjerT5EAO8Nbw.roa
Signing time: Mon 19 Aug 2024 09:49:22 +0000
ROA not before: Mon 19 Aug 2024 09:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215671
IP address blocks: 91.228.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 07:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:0a:91:83:c7:61:e3:3c:bc:ea:91:06:49:30:6b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Aug 19 09:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be4111e381aa9780e9d580237ab4f91003bc35bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:07:97:f8:93:64:e9:26:b4:7f:cd:c9:ba:
3d:b0:fe:01:e2:01:9f:42:3c:5a:41:9d:a4:fa:a4:
07:f4:8d:ab:6a:04:04:46:09:fc:69:47:aa:ed:10:
b0:b3:c3:6a:35:1d:da:7b:5e:37:09:d3:05:7f:a0:
c1:e1:69:75:63:97:76:63:60:4d:c3:85:d5:d2:1c:
0e:6b:7f:3e:0e:f8:4b:96:e0:87:9c:ac:50:a5:37:
3e:0e:c8:53:10:cb:87:27:73:b7:96:8b:f4:de:a0:
fc:04:99:cf:ea:00:ed:a4:62:09:84:cc:9b:c3:ac:
f9:55:01:f1:4d:24:db:22:bd:6a:0f:80:cc:45:1d:
27:43:6f:50:ca:ee:5e:31:e2:96:d0:60:4c:ef:af:
41:ef:57:01:e2:c1:4e:0d:cd:72:07:c9:dc:ea:74:
b9:cb:7d:81:33:8b:c2:bc:46:37:2f:48:d3:9f:1b:
91:c4:70:7a:ff:36:18:3a:0f:35:07:05:39:f1:0d:
88:5f:b3:d8:fe:63:98:b9:bd:22:27:ba:9e:08:98:
10:f7:26:04:61:34:c0:13:e0:40:98:a6:31:52:da:
8f:5e:51:06:36:04:b0:54:9b:4d:8a:2f:32:21:5e:
17:05:e4:7e:18:15:e6:93:40:d0:cc:8e:b3:8b:39:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:41:11:E3:81:AA:97:80:E9:D5:80:23:7A:B4:F9:10:03:BC:35:BC
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/vkER44Gql4Dp1YAjerT5EAO8Nbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.23.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d6:00:b7:55:3c:e5:d2:3d:85:a0:3b:2e:72:2a:c4:14:50:
6b:19:05:87:d0:86:50:96:09:20:72:e6:5e:7a:0c:49:05:60:
69:5e:32:e3:eb:d7:cb:32:62:d6:b9:42:72:ec:d4:9f:a8:f8:
0b:c2:da:24:e8:d3:86:5c:7d:20:a6:4c:ad:60:2d:72:19:87:
7d:b1:ff:89:ac:b8:46:61:d9:f7:03:46:ed:21:39:93:cc:29:
b0:13:40:ab:6c:36:9a:28:fe:0d:99:b6:e0:3c:c9:dc:c4:be:
24:65:c1:a4:fe:31:02:bc:07:bd:e0:b3:0f:f6:86:d9:1c:be:
d7:e3:c2:6b:60:c0:68:d7:07:7d:2d:5a:40:8c:ba:d0:d0:ce:
e2:99:ce:5b:77:03:0a:10:b9:0a:f9:fc:e4:f0:ff:8a:db:21:
87:cd:5e:ff:bc:82:44:0b:92:d5:34:de:6f:54:c4:a3:24:d4:
db:e8:2d:55:e7:cf:3b:26:41:93:2c:c5:46:2f:b3:8b:78:16:
77:48:43:20:33:ad:de:83:67:ae:77:e6:f0:f0:a3:db:8a:e4:
51:3f:8f:0e:47:20:ef:ff:c9:85:11:94:5b:b0:36:be:80:d1:
fa:f6:bd:0b:7c:2c:ed:49:1e:9a:46:9c:7d:ca:77:26:ec:29:
69:ee:d0:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFqCpGDx2HjPLzqkQZJMGu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjQwODE5MDk0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQxMTFlMzgxYWE5NzgwZTlkNTgwMjM3YWI0ZjkxMDAzYmMzNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAAHl/iTZOkmtH/Nybo9sP4B4gGf
QjxaQZ2k+qQH9I2ragQERgn8aUeq7RCws8NqNR3ae143CdMFf6DB4Wl1Y5d2Y2BN
w4XV0hwOa38+DvhLluCHnKxQpTc+DshTEMuHJ3O3lov03qD8BJnP6gDtpGIJhMyb
w6z5VQHxTSTbIr1qD4DMRR0nQ29Qyu5eMeKW0GBM769B71cB4sFODc1yB8nc6nS5
y32BM4vCvEY3L0jTnxuRxHB6/zYYOg81BwU58Q2IX7PY/mOYub0iJ7qeCJgQ9yYE
YTTAE+BAmKYxUtqPXlEGNgSwVJtNii8yIV4XBeR+GBXmk0DQzI6zizm0fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5BEeOBqpeA6dWAI3q0+RADvDW8MB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvdmtFUjQ0R3FsNERwMVlBamVyVDVFQU84TmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+QXMA0G
CSqGSIb3DQEBCwUAA4IBAQBb1gC3VTzl0j2FoDsucirEFFBrGQWH0IZQlgkgcuZe
egxJBWBpXjLj69fLMmLWuUJy7NSfqPgLwtok6NOGXH0gpkytYC1yGYd9sf+JrLhG
Ydn3A0btITmTzCmwE0CrbDaaKP4NmbbgPMncxL4kZcGk/jECvAe94LMP9obZHL7X
48JrYMBo1wd9LVpAjLrQ0M7imc5bdwMKELkK+fzk8P+K2yGHzV7/vIJEC5LVNN5v
VMSjJNTb6C1V5887JkGTLMVGL7OLeBZ3SEMgM63eg2eud+bw8KPbiuRRP48ORyDv
/8mFEZRbsDa+gNH69r0LfCztSR6aRpx9yncm7Clp7tAN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:31 2025 by rpki-client