Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/paNhnsMet-nWdY6f0z_gqmlubbY.roa
File: paNhnsMet-nWdY6f0z_gqmlubbY.roa (raw, json)
Hash identifier: bSP5jV7muZeD7060LYN1oEzfb1OOXHvVDQ0Wg5Gz+p4=
Subject key identifier: A5:A3:61:9E:C3:1E:B7:E9:D6:75:8E:9F:D3:3F:E0:AA:69:6E:6D:B6
Certificate issuer: /CN=9f9467efa0994f8a31f3343dc300baa4936a82dc
Certificate serial: 018DA18BAC31D02AD816179D2FFD8B84DA0E
Authority key identifier: 9F:94:67:EF:A0:99:4F:8A:31:F3:34:3D:C3:00:BA:A4:93:6A:82:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/paNhnsMet-nWdY6f0z_gqmlubbY.roa
Signing time: Tue 13 Feb 2024 08:18:21 +0000
ROA not before: Tue 13 Feb 2024 08:18:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8953
IP address blocks: 91.198.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 15:32:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:8b:ac:31:d0:2a:d8:16:17:9d:2f:fd:8b:84:da:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f9467efa0994f8a31f3343dc300baa4936a82dc
Validity
Not Before: Feb 13 08:18:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a3619ec31eb7e9d6758e9fd33fe0aa696e6db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cd:0a:66:23:e8:76:f0:97:de:79:a3:86:ad:
31:61:be:42:ae:28:8c:1f:b5:d0:c6:bd:07:c9:d2:
57:ed:00:b5:7a:9d:5e:ba:57:f2:35:8c:db:c4:ad:
73:34:2a:0f:a3:f1:f5:65:c4:48:28:b1:6d:ee:47:
6d:46:68:2c:4d:68:1f:8e:3a:55:8f:31:52:34:ee:
23:55:7e:78:31:78:fd:a0:0c:6c:72:8c:33:60:72:
b8:84:fd:0a:33:57:7a:e8:64:c1:db:79:70:e1:30:
84:16:4e:52:69:7d:c9:8b:f1:54:5b:7d:b8:d5:d2:
97:34:78:ed:ea:08:54:9e:e8:64:65:6a:20:eb:33:
54:ff:a0:e4:15:89:6a:8b:f6:48:50:36:fc:29:d6:
51:4e:01:b2:fc:3c:dd:03:9e:dc:1a:dd:d7:e2:86:
e3:78:3f:cd:66:29:80:57:66:4d:68:b2:ae:a8:cd:
f4:19:a6:d0:42:49:4f:1a:b1:59:6b:70:31:a2:c6:
8f:9b:d8:ec:6a:1e:41:dd:76:0f:6e:6f:d4:c2:8d:
9d:71:d7:95:4c:54:80:6d:08:f6:f8:c0:09:35:5c:
90:10:12:e8:2a:23:8a:47:ee:eb:63:6b:b8:dd:c1:
3f:00:65:b3:4d:4d:33:f2:04:5e:e0:19:f8:01:f0:
17:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A3:61:9E:C3:1E:B7:E9:D6:75:8E:9F:D3:3F:E0:AA:69:6E:6D:B6
X509v3 Authority Key Identifier:
keyid:9F:94:67:EF:A0:99:4F:8A:31:F3:34:3D:C3:00:BA:A4:93:6A:82:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/paNhnsMet-nWdY6f0z_gqmlubbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b2d274-a951-4397-b99d-c30c7b55c2bc/1/n5Rn76CZT4ox8zQ9wwC6pJNqgtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.162.0/24
Signature Algorithm: sha256WithRSAEncryption
46:af:90:ff:34:44:a6:c9:e0:01:76:dd:fd:25:bb:e7:eb:5c:
b0:72:6d:6b:49:e6:03:d3:d5:16:9d:3a:25:f2:07:5b:86:ed:
80:39:e4:52:36:c3:0e:58:c6:ee:42:e0:4c:ee:4c:a7:fe:2e:
a2:c7:3d:9a:ce:23:24:22:4f:20:2f:14:22:bb:43:10:b9:93:
b8:56:b7:f4:ae:00:e9:20:37:cd:f1:33:06:35:73:d5:6f:b0:
41:a5:fd:1a:15:e3:8f:d6:b2:45:22:b4:ce:2f:7c:0e:a0:0f:
3d:da:22:8f:f3:92:89:f1:c4:b1:ef:a7:9b:bb:1c:36:08:7a:
0a:19:f9:c0:2c:e5:7a:ae:ef:0d:9c:55:20:39:22:b0:4b:a1:
f3:6d:c5:85:76:f6:20:08:8d:69:05:5b:26:ae:0c:8d:cc:ac:
58:4a:46:11:7f:e2:32:69:66:cd:12:4e:03:aa:fc:89:68:2b:
0d:eb:ac:5d:01:2a:f4:cd:3d:d2:e8:1b:f4:49:b2:e5:cf:06:
60:6d:ee:54:58:f9:26:63:df:b6:2d:e2:c6:8c:1d:7f:40:bf:
f4:19:33:12:85:8a:cc:55:2a:12:91:4c:5a:3f:17:22:9d:02:
c2:59:49:26:f9:b5:e2:88:e1:f5:43:39:b5:31:98:71:c4:88:
70:cc:95:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2hi6wx0CrYFhedL/2LhNoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOTQ2N2VmYTA5OTRmOGEzMWYzMzQzZGMzMDBiYWE0OTM2
YTgyZGMwHhcNMjQwMjEzMDgxODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWEzNjE5ZWMzMWViN2U5ZDY3NThlOWZkMzNmZTBhYTY5NmU2ZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s0KZiPodvCX3nmjhq0xYb5CriiM
H7XQxr0HydJX7QC1ep1eulfyNYzbxK1zNCoPo/H1ZcRIKLFt7kdtRmgsTWgfjjpV
jzFSNO4jVX54MXj9oAxscowzYHK4hP0KM1d66GTB23lw4TCEFk5SaX3Ji/FUW324
1dKXNHjt6ghUnuhkZWog6zNU/6DkFYlqi/ZIUDb8KdZRTgGy/DzdA57cGt3X4obj
eD/NZimAV2ZNaLKuqM30GabQQklPGrFZa3AxosaPm9jsah5B3XYPbm/Uwo2dcdeV
TFSAbQj2+MAJNVyQEBLoKiOKR+7rY2u43cE/AGWzTU0z8gRe4Bn4AfAXiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWjYZ7DHrfp1nWOn9M/4Kppbm22MB8GA1UdIwQY
MBaAFJ+UZ++gmU+KMfM0PcMAuqSTaoLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjVSbjc2Q1pUNG94OHpROXd3QzZwSk5xZ3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iMmQyNzQtYTk1MS00Mzk3LWI5OWQt
YzMwYzdiNTVjMmJjLzEvcGFOaG5zTWV0LW5XZFk2ZjB6X2dxbWx1YmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iMmQyNzQtYTk1MS00Mzk3LWI5OWQtYzMwYzdiNTVjMmJj
LzEvbjVSbjc2Q1pUNG94OHpROXd3QzZwSk5xZ3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8aiMA0G
CSqGSIb3DQEBCwUAA4IBAQBGr5D/NESmyeABdt39Jbvn61ywcm1rSeYD09UWnTol
8gdbhu2AOeRSNsMOWMbuQuBM7kyn/i6ixz2aziMkIk8gLxQiu0MQuZO4Vrf0rgDp
IDfN8TMGNXPVb7BBpf0aFeOP1rJFIrTOL3wOoA892iKP85KJ8cSx76ebuxw2CHoK
GfnALOV6ru8NnFUgOSKwS6HzbcWFdvYgCI1pBVsmrgyNzKxYSkYRf+IyaWbNEk4D
qvyJaCsN66xdASr0zT3S6Bv0SbLlzwZgbe5UWPkmY9+2LeLGjB1/QL/0GTMShYrM
VSoSkUxaPxcinQLCWUkm+bXiiOH1Qzm1MZhxxIhwzJV+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:31 2025 by rpki-client