Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/crAuW_809aXsrKI5IpTFiw2UxO8.roa
File: crAuW_809aXsrKI5IpTFiw2UxO8.roa (raw, json)
Hash identifier: Bfm6nLdOeMF+ymm9UyshIDTLad6eyjzcFE8Prd1uyvI=
Subject key identifier: 72:B0:2E:5B:FF:34:F5:A5:EC:AC:A2:39:22:94:C5:8B:0D:94:C4:EF
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 018CC2DB58ED509E78542DF4B3F463405AAB
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/crAuW_809aXsrKI5IpTFiw2UxO8.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20769
IP address blocks: 91.208.87.0/24 maxlen: 32
2a04:a500::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:ed:50:9e:78:54:2d:f4:b3:f4:63:40:5a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b02e5bff34f5a5ecaca2392294c58b0d94c4ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a1:8c:b0:f2:05:69:c2:cb:82:58:3b:f4:b7:
e9:02:e8:7e:e2:46:70:51:ce:6f:93:a8:f8:af:39:
fb:bd:b5:da:6c:de:37:bc:78:56:b1:0a:82:c4:32:
c1:63:b0:99:0e:9a:5e:01:b6:d3:63:98:f1:88:fb:
a6:84:b2:a4:3c:8e:f9:40:98:c5:1a:b6:a7:d2:67:
e2:2d:22:ea:e4:af:79:0c:a7:cb:a9:52:1b:10:03:
64:1a:ef:0a:81:d4:94:55:2c:5c:af:fb:81:1d:ef:
47:56:99:cc:66:f8:18:3b:4e:d3:65:0c:f9:d8:dd:
e3:8f:6d:f3:30:63:1b:f9:5f:d9:0d:37:3f:8c:a5:
61:68:6a:fa:9e:f1:57:b6:72:68:53:aa:cb:51:d1:
25:fd:cf:43:f9:f5:6e:ef:27:1e:89:fd:95:37:46:
80:ed:ab:28:26:a3:2b:ed:f6:2b:a6:23:71:3a:48:
2f:87:cb:8d:ca:9c:07:eb:4b:68:bb:24:30:56:cd:
e0:c6:60:2f:5f:bc:f8:1b:6f:31:bd:a6:9a:65:8d:
14:66:38:82:eb:94:47:42:b7:a9:05:ce:ea:10:02:
c5:c7:34:92:91:70:d8:67:1c:7b:19:81:47:c4:97:
8f:4e:e3:a0:b0:c0:2a:c6:6c:3e:25:5a:a1:5e:60:
70:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:2E:5B:FF:34:F5:A5:EC:AC:A2:39:22:94:C5:8B:0D:94:C4:EF
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/crAuW_809aXsrKI5IpTFiw2UxO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.87.0/24
IPv6:
2a04:a500::/29
Signature Algorithm: sha256WithRSAEncryption
0e:01:5d:0e:72:b3:ce:f8:dd:1b:ed:f0:bd:57:9e:a3:ac:bd:
be:ff:25:e8:62:9c:14:70:a7:da:b9:d6:71:fb:ce:e4:49:e6:
ee:43:24:79:3a:14:af:aa:34:79:dd:92:34:36:66:de:b3:81:
7c:dd:4e:13:4a:52:dd:d2:cf:fb:a8:65:74:20:4d:fd:bb:36:
70:4f:69:6f:42:58:a1:a7:ac:7b:33:e9:23:32:54:2f:8e:59:
aa:61:97:c4:68:2c:0b:68:80:69:95:8f:28:be:ce:e2:aa:1a:
fd:42:ff:07:b4:c7:77:0c:04:75:e4:ea:df:b9:c2:b3:52:e4:
a9:f8:a3:80:48:70:e9:13:1c:9c:3d:73:81:aa:32:6e:91:e1:
bb:22:d3:16:f0:c8:3c:34:11:78:ea:d2:6d:47:bb:f5:84:90:
4d:37:57:d6:ed:c4:49:96:37:75:99:df:ac:f6:28:f5:a4:98:
b2:93:49:da:65:01:b8:b3:3f:4c:97:79:ee:22:42:1d:6d:c3:
f4:01:1c:f1:a5:61:f8:ea:d3:ae:2d:a4:fa:8c:20:b6:6c:b2:
76:0f:b0:35:dd:d4:c3:e6:c0:f6:7c:9e:72:33:38:82:af:c3:
e8:19:48:7e:dd:25:19:f6:c9:f2:c8:15:2f:a2:44:02:d5:07:
f5:f6:b4:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC21jtUJ54VC30s/RjQFqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTgyNmRlMTA3MGQ5ZDc5ZGFhOWU0MTVmYzQzMjYxM2Nj
NTdlNTcwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIwMmU1YmZmMzRmNWE1ZWNhY2EyMzkyMjk0YzU4YjBkOTRjNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6GMsPIFacLLglg79LfpAuh+4kZw
Uc5vk6j4rzn7vbXabN43vHhWsQqCxDLBY7CZDppeAbbTY5jxiPumhLKkPI75QJjF
Gran0mfiLSLq5K95DKfLqVIbEANkGu8KgdSUVSxcr/uBHe9HVpnMZvgYO07TZQz5
2N3jj23zMGMb+V/ZDTc/jKVhaGr6nvFXtnJoU6rLUdEl/c9D+fVu7yceif2VN0aA
7asoJqMr7fYrpiNxOkgvh8uNypwH60touyQwVs3gxmAvX7z4G28xvaaaZY0UZjiC
65RHQrepBc7qEALFxzSSkXDYZxx7GYFHxJePTuOgsMAqxmw+JVqhXmBwpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHKwLlv/NPWl7KyiOSKUxYsNlMTvMB8GA1UdIwQY
MBaAFPjoJt4QcNnXnaqeQV/EMmE8xX5XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PZ20zaEJ3MmRlZHFwNUJYOFF5WVR6RmZsYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4
LWVhZWRiNzA5ZWZiZi8xL2NyQXVXXzgwOWFYc3JLSTVJcFRGaXcyVXhPOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4LWVhZWRiNzA5ZWZi
Zi8xLzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABb0Fcw
DQQCAAIwBwMFAyoEpQAwDQYJKoZIhvcNAQELBQADggEBAA4BXQ5ys8743Rvt8L1X
nqOsvb7/JehinBRwp9q51nH7zuRJ5u5DJHk6FK+qNHndkjQ2Zt6zgXzdThNKUt3S
z/uoZXQgTf27NnBPaW9CWKGnrHsz6SMyVC+OWaphl8RoLAtogGmVjyi+zuKqGv1C
/we0x3cMBHXk6t+5wrNS5Kn4o4BIcOkTHJw9c4GqMm6R4bsi0xbwyDw0EXjq0m1H
u/WEkE03V9btxEmWN3WZ36z2KPWkmLKTSdplAbizP0yXee4iQh1tw/QBHPGlYfjq
064tpPqMILZssnYPsDXd1MPmwPZ8nnIzOIKvw+gZSH7dJRn2yfLIFS+iRALVB/X2
tMs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:37 2025 by rpki-client