Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/aa6565-5d97-4a80-9a5d-424c23f50ff3/1/9LfOsmZr40eq7ztYS0r260lPY5E.roa
File: 9LfOsmZr40eq7ztYS0r260lPY5E.roa (raw, json)
Hash identifier: A2FD+r8RqVoB3A0XTTp7tjsPBbsYYYRkFJk1HmRE93k=
Subject key identifier: F4:B7:CE:B2:66:6B:E3:47:AA:EF:3B:58:4B:4A:F6:EB:49:4F:63:91
Certificate issuer: /CN=3eb91f36cffe80efe0dff26123f8f97c15d9763c
Certificate serial: 018CC424643EB599A3018D8C7586E4552FA6
Authority key identifier: 3E:B9:1F:36:CF:FE:80:EF:E0:DF:F2:61:23:F8:F9:7C:15:D9:76:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrkfNs_-gO_g3_JhI_j5fBXZdjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/aa6565-5d97-4a80-9a5d-424c23f50ff3/1/9LfOsmZr40eq7ztYS0r260lPY5E.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43947
IP address blocks: 91.198.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:64:3e:b5:99:a3:01:8d:8c:75:86:e4:55:2f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb91f36cffe80efe0dff26123f8f97c15d9763c
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4b7ceb2666be347aaef3b584b4af6eb494f6391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:16:0a:09:09:fe:19:9d:56:69:f8:8a:4f:03:
97:4f:a6:23:59:c0:eb:b8:0a:7f:c9:f1:99:03:cf:
36:5c:a6:47:48:da:46:42:0e:13:a9:18:d5:5b:27:
5f:4d:a4:db:8e:72:f7:3f:15:de:dc:82:a9:31:98:
29:00:f2:a9:ae:61:9a:eb:33:d1:25:49:07:4f:91:
5c:e7:97:f9:83:f9:95:cf:5d:5d:1a:1b:34:73:90:
dd:44:ac:78:f9:df:47:c9:f9:d8:be:7e:30:9b:c7:
37:4a:f1:ff:3d:b8:92:31:77:87:59:e0:ec:24:77:
1b:fa:37:11:69:33:94:e0:87:84:4e:13:05:78:1d:
46:eb:f0:82:1f:e0:6e:56:b2:fa:29:bc:7e:31:a7:
de:8a:ed:ae:8b:dc:a1:7b:cb:e1:78:fd:d1:83:3c:
b0:4e:3f:1a:27:dc:a8:a2:e4:ac:53:18:51:11:0e:
32:8e:c0:ea:ff:7e:f9:aa:d7:67:fc:e6:cc:f1:20:
c5:cb:9c:ec:07:8e:a4:45:e4:de:4e:52:98:5d:a9:
86:93:90:b4:cf:35:54:7f:0b:7f:62:49:bb:aa:02:
f3:05:a1:c7:ff:99:63:5e:a3:53:81:87:de:0f:63:
58:be:45:53:12:4f:b5:a6:4c:ad:37:d7:2a:ab:24:
eb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B7:CE:B2:66:6B:E3:47:AA:EF:3B:58:4B:4A:F6:EB:49:4F:63:91
X509v3 Authority Key Identifier:
keyid:3E:B9:1F:36:CF:FE:80:EF:E0:DF:F2:61:23:F8:F9:7C:15:D9:76:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrkfNs_-gO_g3_JhI_j5fBXZdjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/aa6565-5d97-4a80-9a5d-424c23f50ff3/1/9LfOsmZr40eq7ztYS0r260lPY5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/aa6565-5d97-4a80-9a5d-424c23f50ff3/1/PrkfNs_-gO_g3_JhI_j5fBXZdjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.219.0/24
Signature Algorithm: sha256WithRSAEncryption
19:de:95:43:f2:2e:ed:3b:3d:73:1c:73:1d:56:b9:c8:f6:53:
f1:f8:a9:90:36:aa:df:7e:29:a8:4b:36:8a:0c:99:9e:92:8e:
c8:ff:18:38:f3:f1:95:94:5c:a3:94:ef:67:d0:4f:e1:d0:a3:
4e:b5:80:fe:c9:52:7b:f0:14:f8:42:54:b3:c9:9f:ee:16:aa:
d1:e7:82:3f:99:bf:21:64:99:75:52:0e:82:12:e6:23:1f:7f:
25:40:f7:72:c0:46:0c:15:21:fe:96:33:6c:0e:39:43:0c:96:
98:73:e7:a2:61:fb:22:56:c5:a9:79:5f:81:0d:0c:ef:a8:5b:
f1:51:18:08:1f:b6:fe:19:0f:fc:ab:58:83:e6:9e:f9:c2:a3:
fb:90:8f:6b:54:70:bd:57:9a:e8:0e:dd:1c:b0:b7:9b:c0:ac:
32:cc:99:26:8c:06:f8:db:3e:9b:d4:f5:80:5a:96:3a:cd:77:
68:1f:f8:0d:92:97:7b:45:bd:46:ac:95:26:a9:b3:fd:52:0f:
32:cb:a1:3c:09:cb:c6:fc:9b:e0:8b:40:e2:d5:0f:af:a4:90:
a3:2d:30:71:ba:55:b9:dd:a9:62:56:02:96:1c:b4:e6:de:c4:
d1:72:41:24:d1:57:df:2a:e1:6e:14:84:60:b1:4e:b7:0a:b1:
ae:be:30:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGQ+tZmjAY2MdYbkVS+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjkxZjM2Y2ZmZTgwZWZlMGRmZjI2MTIzZjhmOTdjMTVk
OTc2M2MwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI3Y2ViMjY2NmJlMzQ3YWFlZjNiNTg0YjRhZjZlYjQ5NGY2MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxYKCQn+GZ1WafiKTwOXT6YjWcDr
uAp/yfGZA882XKZHSNpGQg4TqRjVWydfTaTbjnL3PxXe3IKpMZgpAPKprmGa6zPR
JUkHT5Fc55f5g/mVz11dGhs0c5DdRKx4+d9HyfnYvn4wm8c3SvH/PbiSMXeHWeDs
JHcb+jcRaTOU4IeEThMFeB1G6/CCH+BuVrL6Kbx+Mafeiu2ui9yhe8vheP3Rgzyw
Tj8aJ9yoouSsUxhREQ4yjsDq/375qtdn/ObM8SDFy5zsB46kReTeTlKYXamGk5C0
zzVUfwt/Ykm7qgLzBaHH/5ljXqNTgYfeD2NYvkVTEk+1pkytN9cqqyTr8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPS3zrJma+NHqu87WEtK9utJT2ORMB8GA1UdIwQY
MBaAFD65HzbP/oDv4N/yYSP4+XwV2XY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJrZk5zXy1nT19nM19KaElfajVmQlhaZGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hYTY1NjUtNWQ5Ny00YTgwLTlhNWQt
NDI0YzIzZjUwZmYzLzEvOUxmT3NtWnI0MGVxN3p0WVMwcjI2MGxQWTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hYTY1NjUtNWQ5Ny00YTgwLTlhNWQtNDI0YzIzZjUwZmYz
LzEvUHJrZk5zXy1nT19nM19KaElfajVmQlhaZGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bbMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ3pVD8i7tOz1zHHMdVrnI9lPx+KmQNqrffimoSzaK
DJmeko7I/xg48/GVlFyjlO9n0E/h0KNOtYD+yVJ78BT4QlSzyZ/uFqrR54I/mb8h
ZJl1Ug6CEuYjH38lQPdywEYMFSH+ljNsDjlDDJaYc+eiYfsiVsWpeV+BDQzvqFvx
URgIH7b+GQ/8q1iD5p75wqP7kI9rVHC9V5roDt0csLebwKwyzJkmjAb42z6b1PWA
WpY6zXdoH/gNkpd7Rb1GrJUmqbP9Ug8yy6E8CcvG/Jvgi0Di1Q+vpJCjLTBxulW5
3aliVgKWHLTm3sTRckEk0VffKuFuFIRgsU63CrGuvjB1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:20 2025 by rpki-client