Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4485be-d779-41f5-a558-e6ac9b6a219e/1/8VzSWQnohyvGkxlt9nkxWovDbLY.roa
File: 8VzSWQnohyvGkxlt9nkxWovDbLY.roa (raw, json)
Hash identifier: HRRQHdpHhTV7I/7inWlIhU78TCcdILjPA8/9kJQtv1o=
Subject key identifier: F1:5C:D2:59:09:E8:87:2B:C6:93:19:6D:F6:79:31:5A:8B:C3:6C:B6
Certificate issuer: /CN=ae17b1bbe78ce40aa1ec6d2778bc1e4ea295167e
Certificate serial: 018570429F5A710681BA798564F1E2CE9C93
Authority key identifier: AE:17:B1:BB:E7:8C:E4:0A:A1:EC:6D:27:78:BC:1E:4E:A2:95:16:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rhexu-eM5Aqh7G0neLweTqKVFn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4485be-d779-41f5-a558-e6ac9b6a219e/1/8VzSWQnohyvGkxlt9nkxWovDbLY.roa
Signing time: Mon 02 Jan 2023 02:14:52 +0000
ROA not before: Mon 02 Jan 2023 02:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44455
IP address blocks: 91.199.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:9f:5a:71:06:81:ba:79:85:64:f1:e2:ce:9c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae17b1bbe78ce40aa1ec6d2778bc1e4ea295167e
Validity
Not Before: Jan 2 02:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f15cd25909e8872bc693196df679315a8bc36cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:13:c8:b7:6e:50:56:db:1f:68:79:f4:a9:
cf:02:d2:85:10:a2:c1:58:0d:d3:6f:60:b6:7d:50:
84:a9:0b:cd:ae:6e:ec:c2:3a:92:6e:13:82:14:76:
ea:58:0d:3c:3a:b3:2d:bf:76:46:2d:8a:a0:b2:bd:
b5:d5:6d:2a:09:00:6e:8c:41:13:4f:ab:92:06:5c:
4a:ed:91:73:5c:cf:dc:08:2b:c1:ec:6e:77:75:32:
94:3f:49:33:86:8e:e5:76:60:09:7a:65:f8:fe:7a:
07:43:d9:f4:32:b5:c8:3e:77:24:2a:e2:7b:1d:2c:
47:0e:08:0b:2e:81:8d:9c:a0:55:f3:6c:df:07:11:
93:6c:b9:22:24:4f:07:c9:1b:37:25:9e:02:37:93:
49:91:c1:db:50:aa:9e:76:80:f6:28:b2:31:1a:20:
3e:5d:1b:3b:bc:1d:13:41:86:64:a9:ad:12:c2:0b:
d0:2d:2e:0b:43:97:56:a1:32:27:48:4a:8b:de:8f:
a1:cb:28:44:aa:7b:54:fc:25:f9:34:6e:88:be:b4:
cb:99:ca:65:34:87:76:04:36:7d:52:c6:77:66:42:
1a:9e:30:5f:e0:25:b4:b1:c9:58:79:49:f7:aa:c8:
f9:ea:11:73:8c:72:87:1f:08:58:52:12:39:1c:50:
80:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5C:D2:59:09:E8:87:2B:C6:93:19:6D:F6:79:31:5A:8B:C3:6C:B6
X509v3 Authority Key Identifier:
keyid:AE:17:B1:BB:E7:8C:E4:0A:A1:EC:6D:27:78:BC:1E:4E:A2:95:16:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rhexu-eM5Aqh7G0neLweTqKVFn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4485be-d779-41f5-a558-e6ac9b6a219e/1/8VzSWQnohyvGkxlt9nkxWovDbLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4485be-d779-41f5-a558-e6ac9b6a219e/1/rhexu-eM5Aqh7G0neLweTqKVFn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.124.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2a:34:a2:ac:8f:4c:53:75:a3:1a:94:4c:67:f4:0e:c2:eb:
0c:dc:70:76:3a:99:04:29:9d:70:37:e3:f2:4c:92:f4:2f:50:
1d:05:57:3e:5d:f8:8e:11:9c:37:a1:c4:74:6e:c6:20:6a:53:
ac:ab:47:d1:03:87:39:21:0d:6c:e3:b4:54:87:6c:b6:49:1c:
e1:0c:e5:2c:23:d1:0c:a7:5a:71:73:0c:17:e4:cf:c4:2a:7a:
eb:0b:a3:8b:db:fa:71:f6:d3:d8:61:19:c4:88:36:43:99:57:
c5:a9:ae:48:47:f0:9e:fa:40:74:d1:c5:dc:07:48:d7:67:b0:
6b:f3:ec:d7:e7:be:f5:b9:7e:e9:52:2b:8a:28:c1:ca:fa:12:
0c:18:c7:02:57:9d:1f:7b:7e:94:0f:11:ea:6c:cf:63:43:98:
0a:24:0e:8e:12:27:b3:6a:45:e1:91:72:65:7e:1a:a3:c1:bc:
93:7c:0b:24:22:3f:dc:b0:9b:8c:1b:fc:97:d5:0f:3a:c0:ec:
f4:51:9f:27:47:01:a5:f8:83:06:34:17:f2:f9:b4:bf:b7:18:
77:ff:62:43:ed:75:71:9a:5c:85:84:c3:9d:fa:97:86:8a:50:
37:9a:72:b6:f6:07:44:76:43:6a:98:ce:8d:0f:fc:5b:0c:45:
c4:9c:de:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQp9acQaBunmFZPHizpyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMTdiMWJiZTc4Y2U0MGFhMWVjNmQyNzc4YmMxZTRlYTI5
NTE2N2UwHhcNMjMwMTAyMDIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTVjZDI1OTA5ZTg4NzJiYzY5MzE5NmRmNjc5MzE1YThiYzM2Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqQTyLduUFbbH2h59KnPAtKFEKLB
WA3Tb2C2fVCEqQvNrm7swjqSbhOCFHbqWA08OrMtv3ZGLYqgsr211W0qCQBujEET
T6uSBlxK7ZFzXM/cCCvB7G53dTKUP0kzho7ldmAJemX4/noHQ9n0MrXIPnckKuJ7
HSxHDggLLoGNnKBV82zfBxGTbLkiJE8HyRs3JZ4CN5NJkcHbUKqedoD2KLIxGiA+
XRs7vB0TQYZkqa0SwgvQLS4LQ5dWoTInSEqL3o+hyyhEqntU/CX5NG6IvrTLmcpl
NId2BDZ9UsZ3ZkIanjBf4CW0sclYeUn3qsj56hFzjHKHHwhYUhI5HFCAHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFc0lkJ6IcrxpMZbfZ5MVqLw2y2MB8GA1UdIwQY
MBaAFK4XsbvnjOQKoextJ3i8Hk6ilRZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmhleHUtZU01QXFoN0cwbmVMd2VUcUtWRm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80NDg1YmUtZDc3OS00MWY1LWE1NTgt
ZTZhYzliNmEyMTllLzEvOFZ6U1dRbm9oeXZHa3hsdDlua3hXb3ZEYkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80NDg1YmUtZDc3OS00MWY1LWE1NTgtZTZhYzliNmEyMTll
LzEvcmhleHUtZU01QXFoN0cwbmVMd2VUcUtWRm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8d8MA0G
CSqGSIb3DQEBCwUAA4IBAQCMKjSirI9MU3WjGpRMZ/QOwusM3HB2OpkEKZ1wN+Py
TJL0L1AdBVc+XfiOEZw3ocR0bsYgalOsq0fRA4c5IQ1s47RUh2y2SRzhDOUsI9EM
p1pxcwwX5M/EKnrrC6OL2/px9tPYYRnEiDZDmVfFqa5IR/Ce+kB00cXcB0jXZ7Br
8+zX5771uX7pUiuKKMHK+hIMGMcCV50fe36UDxHqbM9jQ5gKJA6OEiezakXhkXJl
fhqjwbyTfAskIj/csJuMG/yX1Q86wOz0UZ8nRwGl+IMGNBfy+bS/txh3/2JD7XVx
mlyFhMOd+peGilA3mnK29gdEdkNqmM6ND/xbDEXEnN7s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:05 2024 by rpki-client on console-fra.rpki-client.org