Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/D7w91DuJ1lt2Jnu5ZXXEFSG60WM.roa
File: D7w91DuJ1lt2Jnu5ZXXEFSG60WM.roa (raw, json)
Hash identifier: 5PM/QHa92cUeaFKZ5w/1ckGxjeSe1WCD2DN79xtxaiA=
Subject key identifier: 0F:BC:3D:D4:3B:89:D6:5B:76:26:7B:B9:65:75:C4:15:21:BA:D1:63
Certificate issuer: /CN=0eacc662cebfad9fff9c0f87400cf0cf03f547a2
Certificate serial: 01910D123C83C55906B85E6E0AFE3475C9AF
Authority key identifier: 0E:AC:C6:62:CE:BF:AD:9F:FF:9C:0F:87:40:0C:F0:CF:03:F5:47:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DqzGYs6_rZ__nA-HQAzwzwP1R6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/D7w91DuJ1lt2Jnu5ZXXEFSG60WM.roa
Signing time: Thu 01 Aug 2024 08:33:04 +0000
ROA not before: Thu 01 Aug 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52026
IP address blocks: 91.234.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:12:3c:83:c5:59:06:b8:5e:6e:0a:fe:34:75:c9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eacc662cebfad9fff9c0f87400cf0cf03f547a2
Validity
Not Before: Aug 1 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fbc3dd43b89d65b76267bb96575c41521bad163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3f:8b:69:06:ff:9c:06:73:a1:4a:76:6d:f8:
81:2e:c0:51:4a:b9:8f:b2:2c:b0:9c:ee:93:d4:50:
b6:54:9f:48:4e:eb:9a:1c:e3:b1:d1:2a:c0:f1:a6:
b7:2c:bc:3b:56:9e:13:03:48:16:ff:8f:df:cd:9e:
80:de:fe:89:3c:e2:e8:a3:05:48:b2:83:a7:e3:83:
f5:35:8f:9e:17:0e:82:7d:ef:c2:b8:39:32:5f:21:
46:d3:38:f0:f3:e0:0d:7b:00:4d:f6:d0:8c:92:28:
d3:59:7f:58:35:fb:cc:ee:73:59:0a:0f:be:03:c7:
ef:10:53:52:06:d6:64:4e:42:20:d6:e1:07:79:8b:
c0:86:fa:fb:97:08:ec:ac:58:10:11:e2:71:03:b9:
0f:94:39:9f:bf:5a:cc:0c:1d:65:d9:73:0c:7d:df:
2f:a4:a8:dd:f8:f6:1c:00:64:ff:c0:28:93:9d:5d:
97:db:ea:75:38:7e:8e:3e:29:d2:5a:85:01:d4:c9:
97:c5:22:46:28:b7:20:3b:81:ff:d8:8f:b1:36:12:
8e:a6:f6:42:fc:79:05:b8:97:a7:db:11:bd:c7:13:
8d:2e:43:62:fd:f4:d3:72:66:da:c5:49:ac:4a:da:
48:08:55:78:e2:43:f2:f9:7b:2f:b5:02:aa:bf:b7:
19:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BC:3D:D4:3B:89:D6:5B:76:26:7B:B9:65:75:C4:15:21:BA:D1:63
X509v3 Authority Key Identifier:
keyid:0E:AC:C6:62:CE:BF:AD:9F:FF:9C:0F:87:40:0C:F0:CF:03:F5:47:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DqzGYs6_rZ__nA-HQAzwzwP1R6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/D7w91DuJ1lt2Jnu5ZXXEFSG60WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/12cd13-7f7b-4150-92b8-1880e7ef1db4/1/DqzGYs6_rZ__nA-HQAzwzwP1R6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.132.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:fb:50:a5:6a:09:8d:fe:e8:7f:d1:a1:69:da:e5:b5:6b:7e:
39:e1:e9:6f:6a:17:c7:53:09:75:5b:46:c3:01:b0:bb:e1:0f:
d1:20:d9:e7:fb:8d:d7:b8:8e:0c:9a:9c:d8:df:29:fb:b9:99:
0a:cc:95:60:d7:4f:45:fb:58:c2:ac:6d:2f:13:f8:fb:02:85:
fc:9f:88:fd:ab:97:4d:53:64:3a:5a:92:c4:f4:b5:88:c0:fc:
77:19:9a:04:80:52:24:52:5b:7b:ad:28:e7:f6:72:cb:64:38:
71:31:17:9d:04:c4:de:22:59:46:63:7e:fd:b9:73:25:c1:1a:
9d:55:cd:1f:bb:54:64:fe:01:53:df:b5:83:4d:6a:ff:2d:b7:
d6:4f:44:76:d6:92:1d:ba:13:3e:5b:21:8f:e7:19:43:3c:b5:
ea:1f:c3:ce:1d:cf:35:6b:6a:34:6f:23:ad:f4:ae:83:85:67:
ea:3c:fc:30:ab:77:ea:fa:c3:dc:e6:af:a6:0d:a0:38:0b:54:
f0:c1:70:77:0a:82:78:48:13:96:c1:c9:b7:f0:fe:55:fc:f9:
7e:2d:8a:dd:d9:67:70:b0:e4:01:eb:6c:56:12:b6:e2:1e:65:
87:34:cd:81:29:8b:06:ec:1c:68:48:72:91:96:a5:39:43:b4:
8c:91:3b:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZENEjyDxVkGuF5uCv40dcmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYWNjNjYyY2ViZmFkOWZmZjljMGY4NzQwMGNmMGNmMDNm
NTQ3YTIwHhcNMjQwODAxMDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJjM2RkNDNiODlkNjViNzYyNjdiYjk2NTc1YzQxNTIxYmFkMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j+LaQb/nAZzoUp2bfiBLsBRSrmP
siywnO6T1FC2VJ9ITuuaHOOx0SrA8aa3LLw7Vp4TA0gW/4/fzZ6A3v6JPOLoowVI
soOn44P1NY+eFw6Cfe/CuDkyXyFG0zjw8+ANewBN9tCMkijTWX9YNfvM7nNZCg++
A8fvEFNSBtZkTkIg1uEHeYvAhvr7lwjsrFgQEeJxA7kPlDmfv1rMDB1l2XMMfd8v
pKjd+PYcAGT/wCiTnV2X2+p1OH6OPinSWoUB1MmXxSJGKLcgO4H/2I+xNhKOpvZC
/HkFuJen2xG9xxONLkNi/fTTcmbaxUmsStpICFV44kPy+XsvtQKqv7cZYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+8PdQ7idZbdiZ7uWV1xBUhutFjMB8GA1UdIwQY
MBaAFA6sxmLOv62f/5wPh0AM8M8D9UeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHF6R1lzNl9yWl9fbkEtSFFBend6d1AxUjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xMmNkMTMtN2Y3Yi00MTUwLTkyYjgt
MTg4MGU3ZWYxZGI0LzEvRDd3OTFEdUoxbHQySm51NVpYWEVGU0c2MFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xMmNkMTMtN2Y3Yi00MTUwLTkyYjgtMTg4MGU3ZWYxZGI0
LzEvRHF6R1lzNl9yWl9fbkEtSFFBend6d1AxUjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+qEMA0G
CSqGSIb3DQEBCwUAA4IBAQCL+1ClagmN/uh/0aFp2uW1a3454elvahfHUwl1W0bD
AbC74Q/RINnn+43XuI4MmpzY3yn7uZkKzJVg109F+1jCrG0vE/j7AoX8n4j9q5dN
U2Q6WpLE9LWIwPx3GZoEgFIkUlt7rSjn9nLLZDhxMRedBMTeIllGY379uXMlwRqd
Vc0fu1Rk/gFT37WDTWr/LbfWT0R21pIduhM+WyGP5xlDPLXqH8POHc81a2o0byOt
9K6DhWfqPPwwq3fq+sPc5q+mDaA4C1TwwXB3CoJ4SBOWwcm38P5V/Pl+LYrd2Wdw
sOQB62xWErbiHmWHNM2BKYsG7BxoSHKRlqU5Q7SMkTv1
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:12 2025 by rpki-client