Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2f10ee-7531-4f22-b1a8-d323fbdbb687/1/nv7UngFz5jdDP8VTJKh-qVojstQ.roa
File: nv7UngFz5jdDP8VTJKh-qVojstQ.roa (raw, json)
Hash identifier: QGoaD/GxS712cxoi5tezt1xHx6PvHRsea1z7337wzIg=
Subject key identifier: 9E:FE:D4:9E:01:73:E6:37:43:3F:C5:53:24:A8:7E:A9:5A:23:B2:D4
Certificate issuer: /CN=1530a6eb523969da92c8844c0dfb40ed820bd6c4
Certificate serial: 018CC4250AEE159E1331687ACB3A67AFB138
Authority key identifier: 15:30:A6:EB:52:39:69:DA:92:C8:84:4C:0D:FB:40:ED:82:0B:D6:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTCm61I5adqSyIRMDftA7YIL1sQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2f10ee-7531-4f22-b1a8-d323fbdbb687/1/nv7UngFz5jdDP8VTJKh-qVojstQ.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47903
IP address blocks: 91.208.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0a:ee:15:9e:13:31:68:7a:cb:3a:67:af:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1530a6eb523969da92c8844c0dfb40ed820bd6c4
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9efed49e0173e637433fc55324a87ea95a23b2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:74:01:6d:2c:f0:cd:66:97:a2:93:40:de:fc:
ed:f5:b6:2f:13:fc:3b:00:0b:77:f7:cc:d9:86:91:
b2:82:c3:9e:de:7f:a8:1b:0c:ef:6b:1d:23:01:37:
37:c3:8c:53:df:4b:e2:bd:2c:73:80:6f:91:18:0e:
e5:d7:c7:32:8c:c1:6d:4d:de:15:b9:7a:6b:a9:cf:
76:23:87:61:b9:1d:a0:f9:64:b6:30:d3:cc:94:9f:
90:cc:c0:2c:18:23:90:42:0e:99:98:27:e7:26:d8:
bb:a3:e4:22:75:9e:b0:5d:de:63:21:b5:4d:a2:41:
fa:7b:8b:c2:e5:8f:2e:a7:da:ea:17:07:f5:54:ef:
47:4a:48:70:0a:69:29:ff:29:bf:48:cb:7c:3b:b1:
20:f6:03:6c:39:83:60:85:ae:1c:23:07:15:89:e5:
f3:ac:0c:31:41:65:05:b1:2a:41:86:fd:50:fb:00:
71:55:65:6f:2b:98:46:b1:6b:40:69:97:4b:dd:d3:
a6:30:12:cd:37:39:f1:e5:a0:a3:79:b8:dc:c5:ae:
56:da:ef:08:fe:59:e9:0c:4d:38:e0:79:51:d8:0b:
30:21:5a:f6:34:f2:a9:18:33:0b:fe:90:84:21:e3:
51:56:85:77:1e:fb:f4:33:a7:e9:df:80:c0:8a:8c:
c2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FE:D4:9E:01:73:E6:37:43:3F:C5:53:24:A8:7E:A9:5A:23:B2:D4
X509v3 Authority Key Identifier:
keyid:15:30:A6:EB:52:39:69:DA:92:C8:84:4C:0D:FB:40:ED:82:0B:D6:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTCm61I5adqSyIRMDftA7YIL1sQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2f10ee-7531-4f22-b1a8-d323fbdbb687/1/nv7UngFz5jdDP8VTJKh-qVojstQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2f10ee-7531-4f22-b1a8-d323fbdbb687/1/FTCm61I5adqSyIRMDftA7YIL1sQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.200.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e2:6f:04:f8:d1:7d:20:93:e4:ea:86:59:36:52:08:57:20:
7a:6c:49:3b:ec:3b:79:f2:38:a4:c5:29:9d:e3:a7:e5:0c:94:
3f:40:75:26:1e:d5:55:c9:db:8c:88:15:2d:2a:27:d7:18:a2:
c5:c6:80:91:26:6e:8f:05:26:0b:4a:33:5b:b0:d5:66:5f:a1:
ee:ce:be:d3:e4:7c:37:ef:67:38:ed:e2:9d:a4:5f:04:69:29:
6c:02:10:c2:cd:f7:8d:25:cb:11:c2:1e:53:b0:2e:ca:6e:df:
b3:3f:75:6b:2c:6c:b0:ba:18:94:79:24:67:6c:a6:69:30:f5:
58:34:86:a8:6f:a5:44:ef:42:d6:1b:ad:05:e0:b7:8a:27:e4:
ce:93:05:72:5f:a4:ee:8e:16:1e:0f:32:06:68:c4:b9:3f:93:
7a:ae:45:59:90:bd:e1:0b:e4:83:43:2c:dc:fc:c4:b9:07:fe:
7c:e5:0f:95:df:8b:31:23:5b:e5:38:f7:33:ce:26:57:25:e0:
65:f5:1e:b0:fe:eb:87:e7:96:a3:1e:6e:b6:36:ab:f5:fd:25:
eb:ce:91:52:c8:21:34:af:e8:43:d7:64:8d:15:2f:47:c3:d9:
14:1e:b4:02:ab:fb:22:64:e4:ce:4d:5b:bb:bb:35:d9:a0:ff:
57:0e:22:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQruFZ4TMWh6yzpnr7E4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzBhNmViNTIzOTY5ZGE5MmM4ODQ0YzBkZmI0MGVkODIw
YmQ2YzQwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZlZDQ5ZTAxNzNlNjM3NDMzZmM1NTMyNGE4N2VhOTVhMjNiMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3QBbSzwzWaXopNA3vzt9bYvE/w7
AAt398zZhpGygsOe3n+oGwzvax0jATc3w4xT30vivSxzgG+RGA7l18cyjMFtTd4V
uXprqc92I4dhuR2g+WS2MNPMlJ+QzMAsGCOQQg6ZmCfnJti7o+QidZ6wXd5jIbVN
okH6e4vC5Y8up9rqFwf1VO9HSkhwCmkp/ym/SMt8O7Eg9gNsOYNgha4cIwcVieXz
rAwxQWUFsSpBhv1Q+wBxVWVvK5hGsWtAaZdL3dOmMBLNNznx5aCjebjcxa5W2u8I
/lnpDE044HlR2AswIVr2NPKpGDML/pCEIeNRVoV3Hvv0M6fp34DAiozCFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7+1J4Bc+Y3Qz/FUySofqlaI7LUMB8GA1UdIwQY
MBaAFBUwputSOWnaksiETA37QO2CC9bEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRDbTYxSTVhZHFTeUlSTURmdEE3WUlMMXNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yZjEwZWUtNzUzMS00ZjIyLWIxYTgt
ZDMyM2ZiZGJiNjg3LzEvbnY3VW5nRno1amREUDhWVEpLaC1xVm9qc3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yZjEwZWUtNzUzMS00ZjIyLWIxYTgtZDMyM2ZiZGJiNjg3
LzEvRlRDbTYxSTVhZHFTeUlSTURmdEE3WUlMMXNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DIMA0G
CSqGSIb3DQEBCwUAA4IBAQBf4m8E+NF9IJPk6oZZNlIIVyB6bEk77Dt58jikxSmd
46flDJQ/QHUmHtVVyduMiBUtKifXGKLFxoCRJm6PBSYLSjNbsNVmX6Huzr7T5Hw3
72c47eKdpF8EaSlsAhDCzfeNJcsRwh5TsC7Kbt+zP3VrLGywuhiUeSRnbKZpMPVY
NIaob6VE70LWG60F4LeKJ+TOkwVyX6TujhYeDzIGaMS5P5N6rkVZkL3hC+SDQyzc
/MS5B/585Q+V34sxI1vlOPczziZXJeBl9R6w/uuH55ajHm62Nqv1/SXrzpFSyCE0
r+hD12SNFS9Hw9kUHrQCq/siZOTOTVu7uzXZoP9XDiLR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:16 2025 by rpki-client