Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/10wDGmJGvVHNSWlYrE98xuViX-o.roa
File: 10wDGmJGvVHNSWlYrE98xuViX-o.roa (raw, json)
Hash identifier: ydGZra/4zJvf03k7IumuiIBIQrXlzpPUShf4ouLC7U4=
Subject key identifier: D7:4C:03:1A:62:46:BD:51:CD:49:69:58:AC:4F:7C:C6:E5:62:5F:EA
Certificate issuer: /CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Certificate serial: 018D551F1FDD1CF9B05F1B58B8D6FBD2F6B6
Authority key identifier: 6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/10wDGmJGvVHNSWlYrE98xuViX-o.roa
Signing time: Mon 29 Jan 2024 12:08:39 +0000
ROA not before: Mon 29 Jan 2024 12:08:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 91.207.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:1f:1f:dd:1c:f9:b0:5f:1b:58:b8:d6:fb:d2:f6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Validity
Not Before: Jan 29 12:08:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d74c031a6246bd51cd496958ac4f7cc6e5625fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b5:d4:48:10:b1:4b:d7:71:f7:24:14:11:1a:
40:2e:2d:4d:1a:3e:f2:28:de:f8:71:04:12:e1:08:
ff:6c:df:c8:b9:3c:0c:68:aa:7f:8a:30:4b:54:fc:
e1:6f:bb:6b:ce:65:08:a0:4f:ce:60:ce:29:38:fc:
b8:0d:4e:33:34:03:0f:7f:ca:46:ab:8e:b0:68:39:
6f:2c:1b:31:96:fb:3f:e0:69:5b:30:c4:d5:96:56:
97:46:0f:1d:21:4e:7e:42:f1:20:61:49:aa:eb:aa:
4f:99:54:06:b2:c7:38:e6:c3:e6:1f:23:32:2f:9f:
ba:5b:9c:70:7b:8e:fd:48:09:31:45:b3:82:ef:40:
34:89:2b:14:7a:2e:24:48:68:1f:ea:51:76:bc:c2:
c7:86:2f:c5:21:bb:36:8e:a3:c1:8d:6c:b0:5a:54:
e6:8a:43:a0:81:7a:f0:dc:26:37:c0:79:65:c7:48:
ff:36:65:14:59:9a:e3:1c:b9:75:60:86:c6:54:80:
39:c1:a4:96:5c:2e:1a:0f:0d:81:81:65:61:3e:57:
e1:fd:64:3a:58:ff:24:e4:77:99:bc:7e:5b:d7:e1:
fb:f6:50:3f:37:84:ca:21:1e:8c:50:1e:8c:05:44:
c9:e5:ca:a3:ad:a1:2a:21:46:90:db:75:ea:5c:7a:
69:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4C:03:1A:62:46:BD:51:CD:49:69:58:AC:4F:7C:C6:E5:62:5F:EA
X509v3 Authority Key Identifier:
keyid:6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/10wDGmJGvVHNSWlYrE98xuViX-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/baDun_CcfPx-6XYfGjyPMO-sWEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.19.0/24
Signature Algorithm: sha256WithRSAEncryption
41:de:51:be:5f:50:62:84:09:80:13:a2:e2:65:00:a7:18:18:
01:b7:67:9f:8b:95:b3:54:c6:66:d5:d4:8d:55:4e:1e:46:11:
89:41:2b:3a:4d:cd:ae:41:d3:44:88:9c:83:6e:72:be:45:89:
ab:8d:83:29:64:fc:90:68:64:72:69:ff:db:28:42:cf:e0:7b:
67:a1:46:7a:6b:97:9c:1e:6b:4d:9d:73:50:42:c2:7a:0c:6a:
f2:e9:85:b4:f7:bd:85:e2:e9:d9:1a:81:29:b6:3d:99:ce:c6:
6d:0f:88:30:07:f4:3e:4e:b2:b8:cd:13:62:45:18:25:f1:fe:
d1:c7:de:80:9d:62:09:62:e1:9d:b4:39:3e:6c:c8:8a:52:d7:
13:aa:e7:11:c5:f9:ba:77:89:1b:4a:2d:64:10:c1:fa:d9:80:
c1:74:58:6e:c5:59:bb:9c:df:8d:bb:c4:3f:e8:b5:af:2f:c3:
9a:48:4c:96:e7:ec:61:09:f2:54:d3:91:de:f0:ee:c0:cb:45:
5c:af:d2:8d:8a:b2:1b:1c:50:98:b8:d5:4f:37:33:e9:67:8b:
2d:98:3a:af:15:b2:5b:96:e2:27:7f:d7:64:5f:dc:eb:2a:df:
51:44:bd:9c:fd:b5:51:c3:2c:4e:b1:a2:b3:17:55:94:9f:6d:
1f:b0:59:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1VHx/dHPmwXxtYuNb70va2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYTBlZTlmZjA5YzdjZmM3ZWU5NzYxZjFhM2M4ZjMwZWZh
YzU4NDgwHhcNMjQwMTI5MTIwODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzRjMDMxYTYyNDZiZDUxY2Q0OTY5NThhYzRmN2NjNmU1NjI1ZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7XUSBCxS9dx9yQUERpALi1NGj7y
KN74cQQS4Qj/bN/IuTwMaKp/ijBLVPzhb7trzmUIoE/OYM4pOPy4DU4zNAMPf8pG
q46waDlvLBsxlvs/4GlbMMTVllaXRg8dIU5+QvEgYUmq66pPmVQGssc45sPmHyMy
L5+6W5xwe479SAkxRbOC70A0iSsUei4kSGgf6lF2vMLHhi/FIbs2jqPBjWywWlTm
ikOggXrw3CY3wHllx0j/NmUUWZrjHLl1YIbGVIA5waSWXC4aDw2BgWVhPlfh/WQ6
WP8k5HeZvH5b1+H79lA/N4TKIR6MUB6MBUTJ5cqjraEqIUaQ23XqXHpp3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdMAxpiRr1RzUlpWKxPfMblYl/qMB8GA1UdIwQY
MBaAFG2g7p/wnHz8ful2Hxo8jzDvrFhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDkt
YTRkOWRjNzZjMmI4LzEvMTB3REdtSkd2VkhOU1dsWXJFOTh4dVZpWC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDktYTRkOWRjNzZjMmI4
LzEvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW88TMA0G
CSqGSIb3DQEBCwUAA4IBAQBB3lG+X1BihAmAE6LiZQCnGBgBt2efi5WzVMZm1dSN
VU4eRhGJQSs6Tc2uQdNEiJyDbnK+RYmrjYMpZPyQaGRyaf/bKELP4HtnoUZ6a5ec
HmtNnXNQQsJ6DGry6YW0972F4unZGoEptj2ZzsZtD4gwB/Q+TrK4zRNiRRgl8f7R
x96AnWIJYuGdtDk+bMiKUtcTqucRxfm6d4kbSi1kEMH62YDBdFhuxVm7nN+Nu8Q/
6LWvL8OaSEyW5+xhCfJU05He8O7Ay0Vcr9KNirIbHFCYuNVPNzPpZ4stmDqvFbJb
luInf9dkX9zrKt9RRL2c/bVRwyxOsaKzF1WUn20fsFn0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:59 2025 by rpki-client