Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/RUup6ZAYEB0NU4Ezdzj7YZPHSFQ.roa
File: RUup6ZAYEB0NU4Ezdzj7YZPHSFQ.roa (raw, json)
Hash identifier: EcWja9P/r40KDFV6S56pWkNEWfNgYdWfx1gNKqYfAKs=
Subject key identifier: 45:4B:A9:E9:90:18:10:1D:0D:53:81:33:77:38:FB:61:93:C7:48:54
Certificate issuer: /CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Certificate serial: 018CC795665CE43938D9C96E1764A8CEB134
Authority key identifier: F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/RUup6ZAYEB0NU4Ezdzj7YZPHSFQ.roa
Signing time: Tue 02 Jan 2024 00:31:46 +0000
ROA not before: Tue 02 Jan 2024 00:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207869
IP address blocks: 91.230.134.0/24 maxlen: 24
91.230.143.0/24 maxlen: 24
91.230.147.0/24 maxlen: 24
91.230.82.0/24 maxlen: 24
2a0f:70c0:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:66:5c:e4:39:38:d9:c9:6e:17:64:a8:ce:b1:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Validity
Not Before: Jan 2 00:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=454ba9e99018101d0d5381337738fb6193c74854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:21:57:05:25:be:dd:95:f4:b6:fb:42:10:d8:
36:69:40:8d:08:1e:2e:88:eb:da:61:1d:b0:52:a9:
74:9c:47:b5:d1:76:ad:cf:9b:84:ad:68:6d:26:e6:
12:b8:b5:ab:e4:22:8f:c4:41:c8:3b:e8:58:2b:ed:
f3:32:ce:b5:3d:d9:0e:57:3a:e3:5f:0c:ca:43:b6:
db:32:41:b8:08:88:6b:8d:2f:0a:64:eb:fa:d6:0e:
bf:cd:e4:d4:f4:cd:2a:ab:6a:0e:04:ab:d9:66:f7:
77:d1:ce:97:fa:4b:b7:ef:de:b5:21:46:79:7a:06:
07:1a:49:1b:24:de:63:29:11:4d:ac:88:6b:9d:62:
67:3b:e3:f3:e0:31:37:56:b9:66:20:3a:71:19:e0:
99:9b:8f:07:20:b4:ab:7d:c8:42:63:b5:d1:4f:c4:
e0:a1:d4:46:16:7a:74:4e:45:0e:7c:97:df:e1:a4:
e8:7e:09:46:83:de:e4:c3:ef:96:6a:e2:ff:9a:9d:
ca:ce:21:a0:d5:b0:2c:bc:d2:cd:74:0c:51:0c:e1:
0a:46:39:97:61:fa:f3:b4:31:18:77:5b:b9:c4:75:
4a:a7:d3:0b:48:39:a0:c4:ce:c6:17:c6:8b:24:9a:
b9:c7:85:ca:0a:9a:96:40:2d:43:c9:b6:dc:4f:45:
7d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4B:A9:E9:90:18:10:1D:0D:53:81:33:77:38:FB:61:93:C7:48:54
X509v3 Authority Key Identifier:
keyid:F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/RUup6ZAYEB0NU4Ezdzj7YZPHSFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/1-DzK75yREg7G-xT_TExXRaAjm3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.82.0/24
91.230.134.0/24
91.230.143.0/24
91.230.147.0/24
IPv6:
2a0f:70c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
7f:a4:22:f4:74:b2:26:0e:cb:c8:5e:3d:40:90:9a:df:0d:af:
f0:c1:2d:ea:50:fb:a4:70:de:dc:2d:9a:9d:b6:1d:43:2a:80:
49:69:80:bf:00:2e:5b:b9:b3:97:f3:6f:fc:a1:29:11:eb:22:
60:85:24:3f:be:c5:b5:a0:01:55:b6:8a:dd:57:20:4c:54:0f:
5b:83:af:49:9e:3e:72:c9:c2:2a:70:5b:cf:45:d6:1a:5e:5a:
49:7a:b2:eb:cc:e1:04:86:7f:3d:dc:18:bc:40:5b:fe:13:a1:
2d:5d:b2:6f:b9:60:ad:4e:53:dc:16:44:2b:83:be:3e:4b:d5:
f2:76:2b:8d:04:15:17:32:d2:53:3d:74:33:5e:1c:a3:d9:8c:
d5:48:d8:ab:9a:34:d3:1f:cc:e5:a6:da:35:d9:28:f1:87:87:
1a:f6:94:c7:a4:e9:1c:ad:3d:93:d8:3b:62:70:59:d0:27:c5:
73:1c:be:6a:b1:58:c4:e6:9d:ec:5f:4a:36:1d:81:59:74:f1:
37:25:55:6e:ad:2f:5a:47:2e:e1:44:46:4a:df:7d:76:fc:f4:
29:77:34:82:fa:2c:e1:e1:7a:c2:f4:fe:60:82:cd:97:85:bf:
8b:37:63:5c:1c:dd:17:33:d0:1a:1a:79:75:d8:73:a3:23:76:
01:fb:6c:63
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzHlWZc5Dk42cluF2SozrE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2NjYWVmOWM5MTEyMGVjNmZiMTRmZjRjNGM1NzQ1YTAy
MzliNzcwHhcNMjQwMTAyMDAzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRiYTllOTkwMTgxMDFkMGQ1MzgxMzM3NzM4ZmI2MTkzYzc0ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCFXBSW+3ZX0tvtCENg2aUCNCB4u
iOvaYR2wUql0nEe10Xatz5uErWhtJuYSuLWr5CKPxEHIO+hYK+3zMs61PdkOVzrj
XwzKQ7bbMkG4CIhrjS8KZOv61g6/zeTU9M0qq2oOBKvZZvd30c6X+ku37961IUZ5
egYHGkkbJN5jKRFNrIhrnWJnO+Pz4DE3VrlmIDpxGeCZm48HILSrfchCY7XRT8Tg
odRGFnp0TkUOfJff4aTofglGg97kw++WauL/mp3KziGg1bAsvNLNdAxRDOEKRjmX
YfrztDEYd1u5xHVKp9MLSDmgxM7GF8aLJJq5x4XKCpqWQC1DybbcT0V9NwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFEVLqemQGBAdDVOBM3c4+2GTx0hUMB8GA1UdIwQY
MBaAFPg8yu+ckRIOxvsU/0xMV0WgI5t3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Eeks3NXlSRWc3Ry14VF9URXhYUmFBam0zYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3
LTc2OTgyZjAzZWEwYy8xL1JVdXA2WkFZRUIwTlU0RXpkemo3WVpQSFNGUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3LTc2OTgyZjAzZWEw
Yy8xLzEtRHpLNzV5UkVnN0cteFRfVEV4WFJhQWptM2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMB4EAgABMBgDBABb5lID
BABb5oYDBABb5o8DBABb5pMwDwQCAAIwCQMHACoPcMABADANBgkqhkiG9w0BAQsF
AAOCAQEAf6Qi9HSyJg7LyF49QJCa3w2v8MEt6lD7pHDe3C2anbYdQyqASWmAvwAu
W7mzl/Nv/KEpEesiYIUkP77FtaABVbaK3VcgTFQPW4OvSZ4+csnCKnBbz0XWGl5a
SXqy68zhBIZ/PdwYvEBb/hOhLV2yb7lgrU5T3BZEK4O+PkvV8nYrjQQVFzLSUz10
M14co9mM1UjYq5o00x/M5abaNdko8YeHGvaUx6TpHK09k9g7YnBZ0CfFcxy+arFY
xOad7F9KNh2BWXTxNyVVbq0vWkcu4URGSt99dvz0KXc0gvos4eF6wvT+YILNl4W/
izdjXBzdFzPQGhp5ddhzoyN2AftsYw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:37 2025 by rpki-client