Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/0gh8bAabW9O1VVGGlZkd3NPBbq4.roa
File: 0gh8bAabW9O1VVGGlZkd3NPBbq4.roa (raw, json)
Hash identifier: kzTZe+V+rjaIXF6QxgbYAJ7Ie3vSIYF+ifvPtd8gc7c=
Subject key identifier: D2:08:7C:6C:06:9B:5B:D3:B5:55:51:86:95:99:1D:DC:D3:C1:6E:AE
Certificate issuer: /CN=d462f9b1c0f6fa9ca531764e26d3aed211bfed81
Certificate serial: 018CC726E13C586EF0382AEC69942D54A580
Authority key identifier: D4:62:F9:B1:C0:F6:FA:9C:A5:31:76:4E:26:D3:AE:D2:11:BF:ED:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GL5scD2-pylMXZOJtOu0hG_7YE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/0gh8bAabW9O1VVGGlZkd3NPBbq4.roa
Signing time: Mon 01 Jan 2024 22:31:03 +0000
ROA not before: Mon 01 Jan 2024 22:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198882
IP address blocks: 91.240.35.0/24 maxlen: 24
2001:67c:29d0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e1:3c:58:6e:f0:38:2a:ec:69:94:2d:54:a5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d462f9b1c0f6fa9ca531764e26d3aed211bfed81
Validity
Not Before: Jan 1 22:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2087c6c069b5bd3b555518695991ddcd3c16eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f1:b1:b0:6a:0d:db:ef:ca:2b:d9:c0:14:5d:
90:2b:22:2e:d2:80:72:6c:e1:ce:d8:4f:78:31:5e:
6c:e2:b0:94:b5:ef:6d:b9:1f:fe:a2:63:40:d8:6c:
17:23:e5:6d:05:87:b1:56:c2:34:43:02:21:23:8c:
5d:49:ee:03:7b:58:87:87:75:bb:9d:b0:47:5b:98:
90:ee:ca:db:28:b1:aa:92:a8:34:9b:03:77:73:02:
57:6d:5f:7b:09:48:00:12:8a:b2:3c:a1:a3:88:ff:
38:72:58:15:aa:32:5a:d0:3b:c9:e6:6d:53:cf:26:
65:20:d3:40:cb:07:1d:2d:4c:71:86:8a:49:61:44:
3a:65:71:f4:e7:dd:56:60:04:04:5d:55:73:98:ee:
96:47:db:f7:4e:23:86:82:0c:35:26:3a:e3:31:ac:
71:fb:cf:63:1b:bd:b3:bd:0a:10:4d:c7:22:f7:db:
95:72:ea:a1:d3:f1:8f:2d:a0:68:ca:7f:ed:7b:50:
80:10:89:33:f9:c2:98:10:ed:a2:a1:a1:9d:4e:56:
6d:2e:86:dc:c1:9c:b4:18:32:9d:80:a9:76:65:68:
84:24:5d:3e:dd:f4:ae:ec:39:2f:82:d9:9b:38:16:
ed:b1:4e:e8:02:3f:09:53:b0:3e:2f:b4:dc:7a:f4:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:08:7C:6C:06:9B:5B:D3:B5:55:51:86:95:99:1D:DC:D3:C1:6E:AE
X509v3 Authority Key Identifier:
keyid:D4:62:F9:B1:C0:F6:FA:9C:A5:31:76:4E:26:D3:AE:D2:11:BF:ED:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GL5scD2-pylMXZOJtOu0hG_7YE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/0gh8bAabW9O1VVGGlZkd3NPBbq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.35.0/24
IPv6:
2001:67c:29d0::/48
Signature Algorithm: sha256WithRSAEncryption
60:15:36:c4:a5:45:4d:c1:0c:0e:f6:a2:f7:fc:d3:4f:79:3f:
8b:db:37:bf:7b:7a:95:6c:cb:82:73:61:e0:95:8a:fa:74:eb:
dd:2f:f2:47:44:4d:08:85:b1:8f:f2:65:91:02:8a:9c:f5:8b:
94:f1:3b:92:03:bf:67:d7:0c:ab:69:b0:6b:fc:d8:40:61:be:
88:d4:3d:0e:03:8d:73:d6:be:7c:e4:64:b2:8e:31:60:86:b7:
04:9e:57:36:63:36:8e:bd:84:5b:35:8a:80:60:15:82:ed:f9:
89:6f:62:54:f3:e9:73:4d:1b:36:48:51:f9:41:3e:9a:fb:b8:
b1:42:d7:13:99:68:cd:6e:52:cd:79:dc:e4:92:48:2c:6f:31:
a0:7e:e1:09:15:df:16:3e:53:db:9b:af:68:de:68:cc:d4:60:
df:90:df:67:f5:ed:30:dd:66:8a:63:f9:90:b5:00:03:e2:25:
3a:7b:8d:11:ac:66:86:cb:7b:8e:0e:ce:37:4d:d3:c4:14:c4:
e8:82:41:38:67:b8:6c:ea:54:2e:6a:e1:d7:f8:7f:bd:2e:51:
b9:b8:a3:5b:02:5a:38:0e:ed:8d:ce:ae:d6:ed:b6:f2:a6:85:
6b:02:2c:36:d4:90:be:7f:70:16:35:1a:77:a3:18:eb:8a:75:
47:be:b9:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJuE8WG7wOCrsaZQtVKWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NjJmOWIxYzBmNmZhOWNhNTMxNzY0ZTI2ZDNhZWQyMTFi
ZmVkODEwHhcNMjQwMTAxMjIzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA4N2M2YzA2OWI1YmQzYjU1NTUxODY5NTk5MWRkY2QzYzE2ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/GxsGoN2+/KK9nAFF2QKyIu0oBy
bOHO2E94MV5s4rCUte9tuR/+omNA2GwXI+VtBYexVsI0QwIhI4xdSe4De1iHh3W7
nbBHW5iQ7srbKLGqkqg0mwN3cwJXbV97CUgAEoqyPKGjiP84clgVqjJa0DvJ5m1T
zyZlINNAywcdLUxxhopJYUQ6ZXH0591WYAQEXVVzmO6WR9v3TiOGggw1JjrjMaxx
+89jG72zvQoQTcci99uVcuqh0/GPLaBoyn/te1CAEIkz+cKYEO2ioaGdTlZtLobc
wZy0GDKdgKl2ZWiEJF0+3fSu7DkvgtmbOBbtsU7oAj8JU7A+L7TcevSLrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNIIfGwGm1vTtVVRhpWZHdzTwW6uMB8GA1UdIwQY
MBaAFNRi+bHA9vqcpTF2TibTrtIRv+2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUdMNXNjRDItcHlsTVhaT0p0T3UwaEdfN1lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xMDBjODEtNTZmNS00ZGI2LWE2NmEt
YjEwNDNiNjM1YTFlLzEvMGdoOGJBYWJXOU8xVlZHR2xaa2QzTlBCYnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xMDBjODEtNTZmNS00ZGI2LWE2NmEtYjEwNDNiNjM1YTFl
LzEvMUdMNXNjRDItcHlsTVhaT0p0T3UwaEdfN1lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW/AjMA8E
AgACMAkDBwAgAQZ8KdAwDQYJKoZIhvcNAQELBQADggEBAGAVNsSlRU3BDA72ovf8
0095P4vbN797epVsy4JzYeCVivp0690v8kdETQiFsY/yZZECipz1i5TxO5IDv2fX
DKtpsGv82EBhvojUPQ4DjXPWvnzkZLKOMWCGtwSeVzZjNo69hFs1ioBgFYLt+Ylv
YlTz6XNNGzZIUflBPpr7uLFC1xOZaM1uUs153OSSSCxvMaB+4QkV3xY+U9ubr2je
aMzUYN+Q32f17TDdZopj+ZC1AAPiJTp7jRGsZobLe44OzjdN08QUxOiCQThnuGzq
VC5q4df4f70uUbm4o1sCWjgO7Y3OrtbttvKmhWsCLDbUkL5/cBY1GnejGOuKdUe+
uaA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:19 2025 by rpki-client