Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/a2209b-a918-4074-ba97-a792a88baf10/1/gxWe88m-sqMaVqP5i_ezHwwkWmg.roa
File: gxWe88m-sqMaVqP5i_ezHwwkWmg.roa (raw, json)
Hash identifier: Zx/L6Sv8KnRTALD2LqAudYO0MXLQnU7YSSAOPYvglV8=
Subject key identifier: 83:15:9E:F3:C9:BE:B2:A3:1A:56:A3:F9:8B:F7:B3:1F:0C:24:5A:68
Certificate issuer: /CN=8cd56fb1d679473b1ae1c57b0fc2a323caf1709a
Certificate serial: 019131E48205F1A7700D1268555AB81A19B4
Authority key identifier: 8C:D5:6F:B1:D6:79:47:3B:1A:E1:C5:7B:0F:C2:A3:23:CA:F1:70:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNVvsdZ5Rzsa4cV7D8KjI8rxcJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/a2209b-a918-4074-ba97-a792a88baf10/1/gxWe88m-sqMaVqP5i_ezHwwkWmg.roa
Signing time: Thu 08 Aug 2024 12:09:04 +0000
ROA not before: Thu 08 Aug 2024 12:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206002
IP address blocks: 91.199.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:e4:82:05:f1:a7:70:0d:12:68:55:5a:b8:1a:19:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd56fb1d679473b1ae1c57b0fc2a323caf1709a
Validity
Not Before: Aug 8 12:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83159ef3c9beb2a31a56a3f98bf7b31f0c245a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:a5:d1:55:0c:b9:df:fe:6f:a1:eb:09:6c:
d9:db:ee:78:6d:98:a2:e2:9b:67:2b:92:cf:17:04:
53:b6:1a:4d:f4:2d:1e:2a:62:a0:1c:c8:04:dc:d2:
2a:05:1a:54:11:6f:63:42:a4:11:b2:5e:01:09:63:
6c:27:5e:19:47:f7:17:7d:51:9a:b7:02:7f:3e:c8:
2a:d9:88:8c:e3:98:10:e0:92:cd:a9:d7:b2:ae:be:
00:8a:c1:be:ca:38:43:20:e8:db:5b:de:e4:9d:02:
9c:0a:da:9e:2c:0c:52:29:ed:2e:05:ef:b1:c6:67:
b3:78:41:a5:6a:42:ce:d0:92:dd:e8:a2:b7:96:83:
83:83:2e:39:db:d8:24:93:e6:31:c7:89:f9:9b:90:
b4:f2:48:f6:3b:58:89:c5:73:6f:e3:2b:33:0f:1c:
90:f7:c5:f3:ac:47:28:13:8a:a8:2b:17:e7:6f:f0:
ae:de:ba:64:6f:28:98:af:a6:3e:44:c0:65:a1:7a:
04:de:a3:a5:f5:f5:34:04:f8:73:62:4b:05:9d:2f:
12:4a:02:53:68:5b:e9:ab:28:b0:84:43:3a:6f:17:
5f:c9:27:8f:db:ae:bf:7c:5b:8a:f8:0f:5b:21:6e:
69:f9:56:82:97:82:66:e8:5e:06:e9:9e:4f:67:9b:
ef:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:15:9E:F3:C9:BE:B2:A3:1A:56:A3:F9:8B:F7:B3:1F:0C:24:5A:68
X509v3 Authority Key Identifier:
keyid:8C:D5:6F:B1:D6:79:47:3B:1A:E1:C5:7B:0F:C2:A3:23:CA:F1:70:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNVvsdZ5Rzsa4cV7D8KjI8rxcJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/a2209b-a918-4074-ba97-a792a88baf10/1/gxWe88m-sqMaVqP5i_ezHwwkWmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/a2209b-a918-4074-ba97-a792a88baf10/1/jNVvsdZ5Rzsa4cV7D8KjI8rxcJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.103.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:2f:6b:b2:e4:f5:2a:c3:e9:84:20:60:b4:74:fc:1a:95:7d:
1f:54:6a:ca:f1:d9:f6:ab:c9:d6:8e:1e:e2:ba:70:76:07:f5:
ce:62:62:30:92:2b:cf:2a:f2:b5:38:e9:d1:d5:46:da:74:93:
4d:8a:f2:39:77:62:4f:2d:84:b9:79:fc:cc:8f:e4:cb:bf:9d:
7b:2c:76:33:20:5e:a6:23:95:17:10:0f:8a:8a:c6:3d:fb:a0:
2d:93:4f:97:44:8a:09:c2:ed:66:7b:ea:bb:81:fa:00:ea:c0:
7e:15:ff:0b:de:4c:7a:e1:a6:67:45:41:ca:10:59:f3:dd:c7:
42:47:dd:97:d5:fb:75:67:8a:50:c8:40:36:23:c8:3e:c3:e2:
df:ad:bd:04:57:12:08:1b:b1:60:4b:0a:6d:93:2d:53:b6:01:
8f:86:eb:52:76:d4:83:df:2a:93:8c:92:26:b3:1a:8c:1e:d1:
3e:61:35:38:23:53:c3:fd:32:ac:0c:ad:e9:f3:37:21:fe:5f:
d6:37:ea:a2:f2:8c:2a:d5:ac:d7:73:d5:d2:8e:b9:3a:bb:e7:
5e:2d:ae:4d:60:1c:42:0b:ad:6e:d4:8c:71:04:45:3d:8a:46:
b2:ac:42:74:9c:1a:87:f7:3a:29:77:b9:72:a7:3b:03:83:6e:
95:9a:45:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEx5IIF8adwDRJoVVq4Ghm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDU2ZmIxZDY3OTQ3M2IxYWUxYzU3YjBmYzJhMzIzY2Fm
MTcwOWEwHhcNMjQwODA4MTIwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzE1OWVmM2M5YmViMmEzMWE1NmEzZjk4YmY3YjMxZjBjMjQ1YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwql0VUMud/+b6HrCWzZ2+54bZii
4ptnK5LPFwRTthpN9C0eKmKgHMgE3NIqBRpUEW9jQqQRsl4BCWNsJ14ZR/cXfVGa
twJ/Psgq2YiM45gQ4JLNqdeyrr4AisG+yjhDIOjbW97knQKcCtqeLAxSKe0uBe+x
xmezeEGlakLO0JLd6KK3loODgy4529gkk+Yxx4n5m5C08kj2O1iJxXNv4yszDxyQ
98XzrEcoE4qoKxfnb/Cu3rpkbyiYr6Y+RMBloXoE3qOl9fU0BPhzYksFnS8SSgJT
aFvpqyiwhEM6bxdfySeP266/fFuK+A9bIW5p+VaCl4Jm6F4G6Z5PZ5vvVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIMVnvPJvrKjGlaj+Yv3sx8MJFpoMB8GA1UdIwQY
MBaAFIzVb7HWeUc7GuHFew/CoyPK8XCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5WdnNkWjVSenNhNGNWN0Q4S2pJOHJ4Y0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9hMjIwOWItYTkxOC00MDc0LWJhOTct
YTc5MmE4OGJhZjEwLzEvZ3hXZTg4bS1zcU1hVnFQNWlfZXpId3drV21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9hMjIwOWItYTkxOC00MDc0LWJhOTctYTc5MmE4OGJhZjEw
LzEvak5WdnNkWjVSenNhNGNWN0Q4S2pJOHJ4Y0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8dnMA0G
CSqGSIb3DQEBCwUAA4IBAQDDL2uy5PUqw+mEIGC0dPwalX0fVGrK8dn2q8nWjh7i
unB2B/XOYmIwkivPKvK1OOnR1UbadJNNivI5d2JPLYS5efzMj+TLv517LHYzIF6m
I5UXEA+KisY9+6Atk0+XRIoJwu1me+q7gfoA6sB+Ff8L3kx64aZnRUHKEFnz3cdC
R92X1ft1Z4pQyEA2I8g+w+Lfrb0EVxIIG7FgSwptky1TtgGPhutSdtSD3yqTjJIm
sxqMHtE+YTU4I1PD/TKsDK3p8zch/l/WN+qi8owq1azXc9XSjrk6u+deLa5NYBxC
C61u1IxxBEU9ikayrEJ0nBqH9zopd7lypzsDg26VmkVm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:14 2025 by rpki-client