Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/596791-53cf-4d09-aeec-5e6cf96f70cb/1/9cuDAbCYoUFKrU5bieztEOQDjRE.roa
File: 9cuDAbCYoUFKrU5bieztEOQDjRE.roa (raw, json)
Hash identifier: S5pL5S9Ja/q2O4153Y7jsYRdfj1w4mUNnFFDIMD7oXw=
Subject key identifier: F5:CB:83:01:B0:98:A1:41:4A:AD:4E:5B:89:EC:ED:10:E4:03:8D:11
Certificate issuer: /CN=e8428fc2da5b6563749ccb99775775e820b7733c
Certificate serial: 0192BF0A01FD4AA2AD5CE8E61CF61BEFCE87
Authority key identifier: E8:42:8F:C2:DA:5B:65:63:74:9C:CB:99:77:57:75:E8:20:B7:73:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EKPwtpbZWN0nMuZd1d16CC3czw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/596791-53cf-4d09-aeec-5e6cf96f70cb/1/9cuDAbCYoUFKrU5bieztEOQDjRE.roa
Signing time: Thu 24 Oct 2024 14:59:16 +0000
ROA not before: Thu 24 Oct 2024 14:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198670
IP address blocks: 91.237.252.0/23 maxlen: 23
91.237.252.0/24 maxlen: 24
91.237.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:0a:01:fd:4a:a2:ad:5c:e8:e6:1c:f6:1b:ef:ce:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8428fc2da5b6563749ccb99775775e820b7733c
Validity
Not Before: Oct 24 14:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5cb8301b098a1414aad4e5b89eced10e4038d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:2e:bd:5d:24:57:25:8c:af:30:3d:b0:af:f0:
bf:93:d2:88:42:aa:f5:7d:d4:b0:4d:b4:53:ba:bf:
94:40:a9:ce:e1:33:e7:d9:fe:de:3b:aa:54:7b:aa:
b5:e6:4c:32:bc:5b:09:e3:ed:f9:6c:74:2f:c3:66:
31:e7:de:15:e9:0d:92:9e:0c:6b:fd:41:39:a3:f2:
ea:f6:4f:f0:d1:db:83:55:b4:7f:a3:ac:8c:bf:91:
01:b9:2a:53:89:f5:ae:56:73:5d:7e:ec:3a:d0:e5:
ae:89:04:d1:62:43:c1:dc:19:84:56:de:e5:9d:ce:
ad:20:57:5a:92:3d:ee:48:9e:6e:11:8a:f0:13:c8:
b7:b9:24:a1:a2:4a:34:6d:ee:fd:93:c2:cc:c1:22:
cf:36:44:a2:5d:56:0c:d8:a0:ac:9c:61:38:20:b6:
b0:ca:db:38:2b:90:c8:fd:4c:ee:28:78:be:da:af:
5c:1f:8b:cd:56:e7:c6:4b:64:87:b1:f9:9f:aa:2a:
e6:0c:ef:f3:80:b2:c2:be:c6:05:96:97:77:71:44:
0c:79:78:3e:11:9d:a3:d0:55:2e:12:3c:d0:90:65:
50:7d:b5:bb:8c:b6:ab:4a:26:6c:14:49:63:02:88:
5a:69:70:6e:f0:1f:cc:d3:07:d7:76:a0:d7:54:96:
c2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CB:83:01:B0:98:A1:41:4A:AD:4E:5B:89:EC:ED:10:E4:03:8D:11
X509v3 Authority Key Identifier:
keyid:E8:42:8F:C2:DA:5B:65:63:74:9C:CB:99:77:57:75:E8:20:B7:73:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EKPwtpbZWN0nMuZd1d16CC3czw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/596791-53cf-4d09-aeec-5e6cf96f70cb/1/9cuDAbCYoUFKrU5bieztEOQDjRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/596791-53cf-4d09-aeec-5e6cf96f70cb/1/6EKPwtpbZWN0nMuZd1d16CC3czw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.252.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:7d:d8:3e:a3:80:23:05:55:3e:df:00:94:9a:12:eb:38:80:
b7:22:dc:ab:90:2a:ad:59:e5:d2:ad:2e:b3:22:1e:16:67:23:
d1:34:e1:d7:51:42:bd:16:1a:ba:74:dc:64:34:fd:14:ab:26:
48:5d:03:7b:75:c7:76:64:a5:f9:c7:69:03:9f:c0:40:fa:3c:
53:18:43:f6:bc:82:d2:87:24:ff:d3:24:33:c4:2e:57:ef:ba:
ac:85:d7:e8:97:85:51:42:ce:98:0e:01:20:0a:4a:cf:83:1a:
2c:da:e0:8e:b0:03:05:66:f2:1e:9a:60:04:3e:23:a4:81:fa:
cf:55:a2:91:51:6b:5c:4f:eb:28:92:52:b7:8e:28:58:2e:e5:
32:02:c7:f7:61:c1:43:13:35:81:bb:70:28:e6:e6:81:0c:1c:
1a:3b:2d:95:bc:72:58:98:e1:35:d0:33:28:96:0a:b5:b7:9d:
0d:4e:bc:d9:05:97:cd:65:c6:53:4f:88:a3:40:f8:bb:1c:b1:
7f:79:0f:be:9b:59:fc:7a:d2:81:c4:81:e2:a3:2d:48:71:2c:
4b:00:0c:f7:13:3a:29:85:c6:02:16:e3:36:9e:45:15:07:cf:
92:34:e0:1a:75:41:f4:fb:7c:d7:63:42:92:b7:1b:8f:ba:3f:
0a:7e:55:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK/CgH9SqKtXOjmHPYb786HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDI4ZmMyZGE1YjY1NjM3NDljY2I5OTc3NTc3NWU4MjBi
NzczM2MwHhcNMjQxMDI0MTQ1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNiODMwMWIwOThhMTQxNGFhZDRlNWI4OWVjZWQxMGU0MDM4ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/i69XSRXJYyvMD2wr/C/k9KIQqr1
fdSwTbRTur+UQKnO4TPn2f7eO6pUe6q15kwyvFsJ4+35bHQvw2Yx594V6Q2Sngxr
/UE5o/Lq9k/w0duDVbR/o6yMv5EBuSpTifWuVnNdfuw60OWuiQTRYkPB3BmEVt7l
nc6tIFdakj3uSJ5uEYrwE8i3uSShoko0be79k8LMwSLPNkSiXVYM2KCsnGE4ILaw
yts4K5DI/UzuKHi+2q9cH4vNVufGS2SHsfmfqirmDO/zgLLCvsYFlpd3cUQMeXg+
EZ2j0FUuEjzQkGVQfbW7jLarSiZsFEljAohaaXBu8B/M0wfXdqDXVJbCMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXLgwGwmKFBSq1OW4ns7RDkA40RMB8GA1UdIwQY
MBaAFOhCj8LaW2VjdJzLmXdXdeggt3M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVLUHd0cGJaV04wbk11WmQxZDE2Q0MzY3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OTY3OTEtNTNjZi00ZDA5LWFlZWMt
NWU2Y2Y5NmY3MGNiLzEvOWN1REFiQ1lvVUZLclU1YmllenRFT1FEalJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OTY3OTEtNTNjZi00ZDA5LWFlZWMtNWU2Y2Y5NmY3MGNi
LzEvNkVLUHd0cGJaV04wbk11WmQxZDE2Q0MzY3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+38MA0G
CSqGSIb3DQEBCwUAA4IBAQA8fdg+o4AjBVU+3wCUmhLrOIC3ItyrkCqtWeXSrS6z
Ih4WZyPRNOHXUUK9Fhq6dNxkNP0UqyZIXQN7dcd2ZKX5x2kDn8BA+jxTGEP2vILS
hyT/0yQzxC5X77qshdfol4VRQs6YDgEgCkrPgxos2uCOsAMFZvIemmAEPiOkgfrP
VaKRUWtcT+soklK3jihYLuUyAsf3YcFDEzWBu3Ao5uaBDBwaOy2VvHJYmOE10DMo
lgq1t50NTrzZBZfNZcZTT4ijQPi7HLF/eQ++m1n8etKBxIHioy1IcSxLAAz3Ezop
hcYCFuM2nkUVB8+SNOAadUH0+3zXY0KStxuPuj8KflWC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:29 2025 by rpki-client