Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/r-gl5EE5IDM0I0py7QH_FPIAp4c.roa
File: r-gl5EE5IDM0I0py7QH_FPIAp4c.roa (raw, json)
Hash identifier: Gb2nmNm1YpHiI4H5L8h6JConx8fhjVg1Q4oM2d7/JcI=
Subject key identifier: AF:E8:25:E4:41:39:20:33:34:23:4A:72:ED:01:FF:14:F2:00:A7:87
Certificate issuer: /CN=e0689340283794489e41ac86aafa4414f8a4d6be
Certificate serial: 018CC56E00720FE1A2F28BA5FD5BC904FF2B
Authority key identifier: E0:68:93:40:28:37:94:48:9E:41:AC:86:AA:FA:44:14:F8:A4:D6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4GiTQCg3lEieQayGqvpEFPik1r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/r-gl5EE5IDM0I0py7QH_FPIAp4c.roa
Signing time: Mon 01 Jan 2024 14:29:29 +0000
ROA not before: Mon 01 Jan 2024 14:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57600
IP address blocks: 91.233.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 17:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:00:72:0f:e1:a2:f2:8b:a5:fd:5b:c9:04:ff:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0689340283794489e41ac86aafa4414f8a4d6be
Validity
Not Before: Jan 1 14:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afe825e44139203334234a72ed01ff14f200a787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:08:0d:24:fe:27:ba:38:cf:99:3a:17:b0:d4:
80:f1:1e:49:e0:6a:a9:06:d5:47:a0:6e:eb:9c:41:
ab:d8:9b:02:88:a5:72:02:a1:80:6d:ec:ff:42:2c:
99:e4:70:e5:37:c2:3a:03:33:1e:14:2a:f8:04:b9:
b1:9c:b3:a4:7f:5b:3f:4e:31:bc:8e:e1:ab:b9:b2:
43:3a:61:25:eb:16:1b:a4:77:80:9d:01:cf:33:fb:
c4:65:a6:44:59:8a:5c:d0:61:5c:87:2f:d5:0e:22:
cc:db:5b:a6:ec:4f:4b:93:ba:54:ed:95:7f:f5:4f:
a8:a7:ab:87:79:f4:1d:b3:d5:5f:71:47:14:2f:13:
1f:27:6d:6b:6b:3f:0a:81:e1:50:15:e1:13:a7:28:
e9:dc:6d:50:42:4f:5e:2d:20:f1:89:2a:54:50:5e:
6d:f5:c7:f1:ff:9b:d0:8b:81:c3:da:b1:d6:07:45:
1d:ef:1c:6c:c9:3f:f3:d7:4b:db:50:40:08:81:6c:
8e:33:3f:27:bc:f5:40:00:a7:de:61:f6:8e:10:0e:
79:23:0d:bd:ab:3f:ec:15:81:16:20:93:be:e0:44:
0e:e4:a1:7d:d6:51:b7:6a:f1:02:cc:73:7d:07:4b:
da:af:01:00:96:18:f6:d7:52:7e:d3:60:c5:03:27:
a2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E8:25:E4:41:39:20:33:34:23:4A:72:ED:01:FF:14:F2:00:A7:87
X509v3 Authority Key Identifier:
keyid:E0:68:93:40:28:37:94:48:9E:41:AC:86:AA:FA:44:14:F8:A4:D6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4GiTQCg3lEieQayGqvpEFPik1r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/r-gl5EE5IDM0I0py7QH_FPIAp4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/05ab60-dea6-43a3-87ef-7bfaeb195445/1/4GiTQCg3lEieQayGqvpEFPik1r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.80.0/24
Signature Algorithm: sha256WithRSAEncryption
81:0d:17:15:06:d8:15:bd:c6:0a:cc:0f:5a:73:40:d4:ee:8d:
c4:5e:3b:57:f0:b0:33:e1:3d:9f:85:7d:ca:21:83:97:36:dd:
4a:d1:b5:1b:41:01:3c:c9:2a:63:ed:0f:67:ae:ac:c9:59:fa:
bd:c7:fe:31:53:6b:b7:3e:cc:3a:88:b3:fd:61:d1:02:df:bd:
9f:fc:33:23:9f:ad:e8:f4:ef:61:74:d1:a5:bd:d3:7b:b0:b6:
10:d3:c6:1f:c1:23:d1:8f:41:55:75:28:f4:15:a8:bd:dc:58:
5d:72:77:5d:f3:f3:7c:50:80:ef:93:8e:11:ff:99:2f:ee:ad:
fc:6d:ae:06:3e:e6:0b:d5:b0:ec:99:69:81:79:94:a2:d1:66:
f8:17:41:f1:bd:c1:bf:d6:50:f7:05:31:a2:28:0a:38:7f:36:
75:99:40:1e:66:c0:cf:39:01:64:2c:b2:33:4e:b8:1a:60:82:
55:58:f0:72:35:6e:38:b6:31:7d:c0:54:11:b4:7a:9d:6a:6d:
88:84:e4:ea:5c:a5:65:d1:23:d9:01:cd:9e:06:df:0a:a6:50:
59:43:49:66:6e:56:ca:f4:85:6e:b8:8b:3f:b5:7e:a0:f5:cc:
84:94:bd:80:e6:10:aa:91:59:d6:d5:44:9f:73:45:a5:4b:06:
ce:bd:69:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbgByD+Gi8oul/VvJBP8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjg5MzQwMjgzNzk0NDg5ZTQxYWM4NmFhZmE0NDE0Zjhh
NGQ2YmUwHhcNMjQwMTAxMTQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmU4MjVlNDQxMzkyMDMzMzQyMzRhNzJlZDAxZmYxNGYyMDBhNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzggNJP4nujjPmToXsNSA8R5J4Gqp
BtVHoG7rnEGr2JsCiKVyAqGAbez/QiyZ5HDlN8I6AzMeFCr4BLmxnLOkf1s/TjG8
juGrubJDOmEl6xYbpHeAnQHPM/vEZaZEWYpc0GFchy/VDiLM21um7E9Lk7pU7ZV/
9U+op6uHefQds9VfcUcULxMfJ21raz8KgeFQFeETpyjp3G1QQk9eLSDxiSpUUF5t
9cfx/5vQi4HD2rHWB0Ud7xxsyT/z10vbUEAIgWyOMz8nvPVAAKfeYfaOEA55Iw29
qz/sFYEWIJO+4EQO5KF91lG3avECzHN9B0varwEAlhj211J+02DFAyeirQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK/oJeRBOSAzNCNKcu0B/xTyAKeHMB8GA1UdIwQY
MBaAFOBok0AoN5RInkGshqr6RBT4pNa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdpVFFDZzNsRWllUWF5R3F2cEVGUGlrMXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wNWFiNjAtZGVhNi00M2EzLTg3ZWYt
N2JmYWViMTk1NDQ1LzEvci1nbDVFRTVJRE0wSTBweTdRSF9GUElBcDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wNWFiNjAtZGVhNi00M2EzLTg3ZWYtN2JmYWViMTk1NDQ1
LzEvNEdpVFFDZzNsRWllUWF5R3F2cEVGUGlrMXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+lQMA0G
CSqGSIb3DQEBCwUAA4IBAQCBDRcVBtgVvcYKzA9ac0DU7o3EXjtX8LAz4T2fhX3K
IYOXNt1K0bUbQQE8ySpj7Q9nrqzJWfq9x/4xU2u3Psw6iLP9YdEC372f/DMjn63o
9O9hdNGlvdN7sLYQ08YfwSPRj0FVdSj0Fai93Fhdcndd8/N8UIDvk44R/5kv7q38
ba4GPuYL1bDsmWmBeZSi0Wb4F0HxvcG/1lD3BTGiKAo4fzZ1mUAeZsDPOQFkLLIz
TrgaYIJVWPByNW44tjF9wFQRtHqdam2IhOTqXKVl0SPZAc2eBt8KplBZQ0lmblbK
9IVuuIs/tX6g9cyElL2A5hCqkVnW1USfc0WlSwbOvWl2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:26 2025 by rpki-client