Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/x05BDDKFf2E4LOCuhf1onbKujT8.roa
File: x05BDDKFf2E4LOCuhf1onbKujT8.roa (raw, json)
Hash identifier: DLbJFukw25YlkjM4PHdFR6iLTFbC8PECqkA7lYa/Ffo=
Subject key identifier: C7:4E:41:0C:32:85:7F:61:38:2C:E0:AE:85:FD:68:9D:B2:AE:8D:3F
Certificate issuer: /CN=346474a33c051d17152b21322ccf4ff3808b4270
Certificate serial: 018EEB9F3F5CEEEA8F2E5852B88DAE541619
Authority key identifier: 34:64:74:A3:3C:05:1D:17:15:2B:21:32:2C:CF:4F:F3:80:8B:42:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NGR0ozwFHRcVKyEyLM9P84CLQnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/x05BDDKFf2E4LOCuhf1onbKujT8.roa
Signing time: Wed 17 Apr 2024 10:34:25 +0000
ROA not before: Wed 17 Apr 2024 10:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215307
IP address blocks: 91.234.11.0/24 maxlen: 24
2a14:1f40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:9f:3f:5c:ee:ea:8f:2e:58:52:b8:8d:ae:54:16:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=346474a33c051d17152b21322ccf4ff3808b4270
Validity
Not Before: Apr 17 10:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c74e410c32857f61382ce0ae85fd689db2ae8d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:31:35:7a:ff:9c:d4:20:5c:4a:e7:6e:b8:
ca:f8:22:1d:e8:2a:18:ff:9f:3f:5e:bc:aa:ba:c4:
38:c8:f2:c2:46:4a:3d:f3:b8:33:0e:46:24:4a:8b:
99:4d:a4:4e:49:24:18:ee:22:fe:dd:78:52:0e:bc:
96:97:69:96:d0:77:14:39:79:85:cb:b8:c2:98:ac:
e8:5c:74:dc:96:c9:b7:5e:3c:75:72:10:36:23:ec:
b6:7a:06:bb:58:47:53:4b:82:3b:12:4c:8c:0c:90:
a8:f8:f6:f7:33:18:8b:e7:df:55:93:82:7d:b1:fc:
00:5f:1a:0a:67:5d:48:8d:f3:e4:5d:e4:0d:b5:56:
7a:43:46:3e:00:aa:3c:af:8c:3e:19:69:80:11:ee:
32:98:11:53:fa:a7:98:74:06:88:83:82:1c:e7:07:
9c:0c:c5:bf:86:72:9f:f0:2b:8a:a2:2a:ce:bc:5d:
d0:de:e4:63:bd:d2:5b:e8:d2:6d:61:c6:2b:af:82:
0c:fe:d1:95:a1:53:e9:5e:53:ba:d9:30:2f:5a:00:
5b:e5:10:ab:b7:11:96:ac:d9:e4:23:a2:ab:26:71:
74:c4:93:05:76:cf:92:db:96:fe:84:4e:4b:d8:6d:
6a:f9:97:e8:de:6e:6b:03:fa:e8:4e:bb:45:77:4b:
16:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4E:41:0C:32:85:7F:61:38:2C:E0:AE:85:FD:68:9D:B2:AE:8D:3F
X509v3 Authority Key Identifier:
keyid:34:64:74:A3:3C:05:1D:17:15:2B:21:32:2C:CF:4F:F3:80:8B:42:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGR0ozwFHRcVKyEyLM9P84CLQnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/x05BDDKFf2E4LOCuhf1onbKujT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2b9a72-6186-4154-ae3b-01521e658e99/1/NGR0ozwFHRcVKyEyLM9P84CLQnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.11.0/24
IPv6:
2a14:1f40::/32
Signature Algorithm: sha256WithRSAEncryption
31:24:2b:c7:81:1d:f2:63:04:3d:5d:9f:fd:39:5a:13:e6:fc:
cd:2a:7e:16:3c:81:4a:16:63:d2:1f:0a:7b:06:5b:da:3d:9e:
4d:da:bb:89:9a:3c:fe:28:66:4b:20:09:14:37:f7:7e:b6:79:
06:ff:7a:cf:d5:0f:39:72:a1:3b:da:5c:e2:19:20:d0:75:38:
5f:54:3f:d4:51:85:ea:4d:c2:e2:f6:e3:57:aa:e4:12:e4:68:
a1:ec:ec:60:05:e6:34:0d:4e:fe:6e:b4:e6:ea:8f:8b:03:98:
ac:3a:ec:53:d4:16:18:64:c4:c4:40:2a:66:eb:df:c8:3c:5e:
ab:1b:76:7e:3d:7a:72:58:d0:ae:b3:31:63:d0:d3:e8:cb:1e:
57:1b:35:9a:36:98:42:5c:47:14:12:b0:24:d8:7c:61:47:4a:
58:3b:83:1a:18:c7:54:29:ca:74:93:d3:e1:75:18:1b:6b:8a:
3e:e7:69:41:15:8e:ab:ce:47:15:39:0f:7f:30:44:2c:ae:73:
ed:be:33:7a:b3:45:0c:cc:4f:b7:6c:31:fc:b3:17:3f:7e:dd:
b3:1a:fc:5b:ff:0b:00:ab:95:4f:cd:09:3c:d7:85:80:81:fc:
80:60:9d:85:53:5b:b5:1d:91:f7:cf:df:b7:d4:09:36:3c:58:
15:2c:8c:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7rnz9c7uqPLlhSuI2uVBYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjQ3NGEzM2MwNTFkMTcxNTJiMjEzMjJjY2Y0ZmYzODA4
YjQyNzAwHhcNMjQwNDE3MTAzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzRlNDEwYzMyODU3ZjYxMzgyY2UwYWU4NWZkNjg5ZGIyYWU4ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMUxNXr/nNQgXErnbrjK+CId6CoY
/58/XryqusQ4yPLCRko987gzDkYkSouZTaROSSQY7iL+3XhSDryWl2mW0HcUOXmF
y7jCmKzoXHTclsm3Xjx1chA2I+y2ega7WEdTS4I7EkyMDJCo+Pb3MxiL599Vk4J9
sfwAXxoKZ11IjfPkXeQNtVZ6Q0Y+AKo8r4w+GWmAEe4ymBFT+qeYdAaIg4Ic5wec
DMW/hnKf8CuKoirOvF3Q3uRjvdJb6NJtYcYrr4IM/tGVoVPpXlO62TAvWgBb5RCr
txGWrNnkI6KrJnF0xJMFds+S25b+hE5L2G1q+Zfo3m5rA/roTrtFd0sWgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMdOQQwyhX9hOCzgroX9aJ2yro0/MB8GA1UdIwQY
MBaAFDRkdKM8BR0XFSshMizPT/OAi0JwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdSMG96d0ZIUmNWS3lFeUxNOVA4NENMUW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8yYjlhNzItNjE4Ni00MTU0LWFlM2It
MDE1MjFlNjU4ZTk5LzEveDA1QkRES0ZmMkU0TE9DdWhmMW9uYkt1alQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8yYjlhNzItNjE4Ni00MTU0LWFlM2ItMDE1MjFlNjU4ZTk5
LzEvTkdSMG96d0ZIUmNWS3lFeUxNOVA4NENMUW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+oLMA0E
AgACMAcDBQAqFB9AMA0GCSqGSIb3DQEBCwUAA4IBAQAxJCvHgR3yYwQ9XZ/9OVoT
5vzNKn4WPIFKFmPSHwp7BlvaPZ5N2ruJmjz+KGZLIAkUN/d+tnkG/3rP1Q85cqE7
2lziGSDQdThfVD/UUYXqTcLi9uNXquQS5Gih7OxgBeY0DU7+brTm6o+LA5isOuxT
1BYYZMTEQCpm69/IPF6rG3Z+PXpyWNCuszFj0NPoyx5XGzWaNphCXEcUErAk2Hxh
R0pYO4MaGMdUKcp0k9PhdRgba4o+52lBFY6rzkcVOQ9/MEQsrnPtvjN6s0UMzE+3
bDH8sxc/ft2zGvxb/wsAq5VPzQk814WAgfyAYJ2FU1u1HZH3z9+31Ak2PFgVLIxP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:01 2025 by rpki-client