Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/IscRX77BIU-TIBJvu7LhTXcbbK8.roa
File: IscRX77BIU-TIBJvu7LhTXcbbK8.roa (raw, json)
Hash identifier: aS9FdAKbF7K/Ln1C8cgMLMcYXEX+xvxrZNddd3l0oxA=
Subject key identifier: 22:C7:11:5F:BE:C1:21:4F:93:20:12:6F:BB:B2:E1:4D:77:1B:6C:AF
Certificate issuer: /CN=e5e7b034b4e7ca86d716b1140fca5b590f3e78c0
Certificate serial: 018CC349237CBAA6B01FA1A61F1FBA654C39
Authority key identifier: E5:E7:B0:34:B4:E7:CA:86:D7:16:B1:14:0F:CA:5B:59:0F:3E:78:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5eewNLTnyobXFrEUD8pbWQ8-eMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/IscRX77BIU-TIBJvu7LhTXcbbK8.roa
Signing time: Mon 01 Jan 2024 04:29:59 +0000
ROA not before: Mon 01 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38927
IP address blocks: 91.213.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:23:7c:ba:a6:b0:1f:a1:a6:1f:1f:ba:65:4c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5e7b034b4e7ca86d716b1140fca5b590f3e78c0
Validity
Not Before: Jan 1 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22c7115fbec1214f9320126fbbb2e14d771b6caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:04:5b:17:26:ed:67:3d:95:84:c7:65:3e:86:
e0:f4:3a:c5:f1:7c:c2:72:3a:87:3e:3f:bd:17:27:
7a:50:65:45:47:8f:f4:b6:43:95:97:b5:5a:3c:a6:
2a:01:0f:e3:5b:c1:ff:e7:cc:0a:a0:59:61:c5:02:
7c:95:d2:b1:5d:cc:78:f8:3a:6f:5f:40:1c:d3:1a:
c0:60:6e:ec:40:15:8b:7b:88:c9:fc:a1:3e:66:87:
c4:ed:86:2b:9e:9e:dd:c6:83:a9:f7:ab:c5:9c:4f:
58:dd:59:24:0a:90:0b:17:81:56:c0:dd:7c:a2:7e:
08:6e:d6:0e:15:9b:c9:15:4d:73:d8:c3:86:01:77:
2f:0b:f9:16:b0:8e:b3:ea:b8:9a:18:a5:e9:f1:10:
30:f5:07:ea:83:c0:84:69:4b:53:ed:ab:5a:43:67:
83:aa:89:d0:35:81:29:d6:21:de:23:e8:55:8d:fd:
e4:31:bf:fc:ba:aa:71:af:27:4d:ee:35:a8:55:09:
e5:62:bb:25:52:26:66:11:6d:32:65:c9:27:d0:f6:
9e:ad:b1:53:a9:f6:76:26:30:dd:45:88:f3:c6:b3:
08:3f:0f:fd:9d:ff:07:47:7c:84:49:c9:6f:c6:41:
02:c5:7b:1d:d0:53:3e:6e:8c:07:eb:d2:a4:ab:d7:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C7:11:5F:BE:C1:21:4F:93:20:12:6F:BB:B2:E1:4D:77:1B:6C:AF
X509v3 Authority Key Identifier:
keyid:E5:E7:B0:34:B4:E7:CA:86:D7:16:B1:14:0F:CA:5B:59:0F:3E:78:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5eewNLTnyobXFrEUD8pbWQ8-eMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/IscRX77BIU-TIBJvu7LhTXcbbK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/5eewNLTnyobXFrEUD8pbWQ8-eMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.232.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:b5:81:53:6c:e2:63:40:fc:72:28:2d:ee:29:c6:ea:e3:f8:
1b:f0:7e:48:7c:53:a2:c8:3e:56:cd:89:20:9a:e6:95:cc:6d:
07:17:9b:8c:64:56:c4:af:63:c2:91:b2:66:83:be:46:fb:5b:
ac:77:e1:01:6c:95:55:07:6d:d7:68:55:bc:d9:6d:f1:ac:7b:
55:85:f2:93:a8:c8:bf:62:48:9e:c8:74:e2:52:80:a1:71:d7:
d8:c4:7c:63:6b:12:d1:d1:05:03:3e:e9:d3:55:b0:13:86:d9:
9f:1c:fc:a2:43:54:64:2a:f7:36:10:14:5b:d1:28:a2:34:14:
af:4e:34:90:49:5b:1d:6b:f6:34:89:5f:87:67:7b:07:f7:9a:
fd:e0:8f:02:c1:dd:8c:43:72:90:7f:0e:41:2a:5a:d4:f5:9c:
58:39:f0:4f:25:3c:8e:89:24:7f:d9:91:4b:28:2d:02:8a:96:
57:73:6a:1f:d2:25:54:ba:a2:cb:3c:3e:17:48:ec:dc:8a:2b:
f0:e3:28:74:63:16:37:ff:87:cf:10:9a:43:b8:c0:26:68:ff:
72:17:ff:08:9e:20:2a:ec:ce:ba:43:93:de:f4:47:f1:9f:82:
bf:12:1a:85:c0:ff:0f:48:9f:4a:1d:89:b1:98:d5:95:5c:c4:
80:d1:25:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSN8uqawH6GmHx+6ZUw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZTdiMDM0YjRlN2NhODZkNzE2YjExNDBmY2E1YjU5MGYz
ZTc4YzAwHhcNMjQwMTAxMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM3MTE1ZmJlYzEyMTRmOTMyMDEyNmZiYmIyZTE0ZDc3MWI2Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsARbFybtZz2VhMdlPobg9DrF8XzC
cjqHPj+9Fyd6UGVFR4/0tkOVl7VaPKYqAQ/jW8H/58wKoFlhxQJ8ldKxXcx4+Dpv
X0Ac0xrAYG7sQBWLe4jJ/KE+ZofE7YYrnp7dxoOp96vFnE9Y3VkkCpALF4FWwN18
on4IbtYOFZvJFU1z2MOGAXcvC/kWsI6z6riaGKXp8RAw9Qfqg8CEaUtT7ataQ2eD
qonQNYEp1iHeI+hVjf3kMb/8uqpxrydN7jWoVQnlYrslUiZmEW0yZckn0PaerbFT
qfZ2JjDdRYjzxrMIPw/9nf8HR3yESclvxkECxXsd0FM+bowH69Kkq9eM4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLHEV++wSFPkyASb7uy4U13G2yvMB8GA1UdIwQY
MBaAFOXnsDS058qG1xaxFA/KW1kPPnjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWVld05MVG55b2JYRnJFVUQ4cGJXUTgtZU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZjRiZjQtZjFhYS00N2U3LTlkZjEt
ODAwNzBhZjBlYjVlLzEvSXNjUlg3N0JJVS1USUJKdnU3TGhUWGNiYks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZjRiZjQtZjFhYS00N2U3LTlkZjEtODAwNzBhZjBlYjVl
LzEvNWVld05MVG55b2JYRnJFVUQ4cGJXUTgtZU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XoMA0G
CSqGSIb3DQEBCwUAA4IBAQCctYFTbOJjQPxyKC3uKcbq4/gb8H5IfFOiyD5WzYkg
muaVzG0HF5uMZFbEr2PCkbJmg75G+1usd+EBbJVVB23XaFW82W3xrHtVhfKTqMi/
YkieyHTiUoChcdfYxHxjaxLR0QUDPunTVbAThtmfHPyiQ1RkKvc2EBRb0SiiNBSv
TjSQSVsda/Y0iV+HZ3sH95r94I8Cwd2MQ3KQfw5BKlrU9ZxYOfBPJTyOiSR/2ZFL
KC0CipZXc2of0iVUuqLLPD4XSOzciivw4yh0YxY3/4fPEJpDuMAmaP9yF/8IniAq
7M66Q5Pe9Efxn4K/EhqFwP8PSJ9KHYmxmNWVXMSA0SXl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:51 2025 by rpki-client