Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/D4LJcSR3mtJdD1Mhm_uD1CBXS38.roa
File: D4LJcSR3mtJdD1Mhm_uD1CBXS38.roa (raw, json)
Hash identifier: KgIGPhcj+Gp0+fyaPlbdanAxViVdpcOQ+6p8Wcr4e6o=
Subject key identifier: 0F:82:C9:71:24:77:9A:D2:5D:0F:53:21:9B:FB:83:D4:20:57:4B:7F
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 019272C90E4D592E7320E4F212BF743ACE43
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/D4LJcSR3mtJdD1Mhm_uD1CBXS38.roa
Signing time: Wed 09 Oct 2024 19:37:11 +0000
ROA not before: Wed 09 Oct 2024 19:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 91.196.162.0/24 maxlen: 24
91.196.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 09:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:c9:0e:4d:59:2e:73:20:e4:f2:12:bf:74:3a:ce:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Oct 9 19:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f82c97124779ad25d0f53219bfb83d420574b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:b4:72:ce:dc:01:9e:0a:bb:83:12:72:7c:
32:8c:ed:21:35:b0:c0:b1:61:7d:92:35:8a:10:80:
7a:fc:cd:e6:1f:2c:0d:9c:8f:17:f1:37:c2:f1:8a:
87:9e:ac:88:52:d6:3d:21:6a:22:c7:e0:d2:a0:8a:
0b:dc:a5:be:e6:ce:cc:9e:69:39:70:2c:af:ea:f5:
6a:8a:ef:ed:48:d7:17:c2:4d:87:88:79:da:1c:97:
19:bd:f7:2a:32:cb:6b:ab:9a:dd:80:c4:70:8f:39:
f4:f7:55:a1:d5:f3:e6:f2:aa:14:23:54:d8:57:3f:
99:5a:98:4d:f0:95:68:82:b2:67:d9:4e:ed:30:f7:
ef:d8:d8:74:a9:b4:86:be:12:49:47:c3:b3:f1:12:
10:02:f1:1f:ff:cb:25:3b:96:26:d3:1b:60:fa:02:
11:12:f7:c1:04:00:e1:e3:07:39:79:95:22:e7:65:
1e:a6:4f:3e:86:a5:06:3d:37:05:b0:2a:bd:39:cf:
d0:26:ce:4f:ff:da:01:ea:82:84:3f:e0:e0:b1:ae:
a2:01:da:88:4c:1c:e2:d8:4e:fd:76:0e:85:d7:ba:
d5:28:98:8c:98:ce:95:4a:b7:e2:28:1d:f6:d3:37:
f1:d4:d2:c0:2d:fc:f7:5f:fc:67:b2:25:9b:a4:bd:
93:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:82:C9:71:24:77:9A:D2:5D:0F:53:21:9B:FB:83:D4:20:57:4B:7F
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/D4LJcSR3mtJdD1Mhm_uD1CBXS38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.162.0/23
Signature Algorithm: sha256WithRSAEncryption
96:61:41:8f:74:1b:e0:32:4e:9f:00:c9:b3:d3:ef:57:2b:77:
ce:d6:37:63:b6:5b:ae:4f:94:3f:58:74:ed:8a:fe:3a:d5:24:
3b:99:11:1b:94:42:02:bc:55:d3:18:c1:14:fa:59:34:56:1c:
83:f2:c6:ab:28:f4:62:13:4a:ca:69:d1:f3:34:c0:f9:59:bf:
c4:1b:e6:3d:97:ad:6d:ab:a2:49:4c:23:b8:53:f7:d4:56:87:
81:c5:9f:21:1e:4e:e2:78:ab:9b:22:86:e1:f5:b3:9a:4d:93:
2f:da:b7:f2:f2:36:9e:e9:f5:81:14:eb:f3:8f:61:ed:bc:82:
91:5e:91:27:ec:21:e2:21:f2:80:e5:fa:30:d6:8b:75:a0:af:
ee:41:91:ac:b6:66:6e:01:74:f1:e9:e1:da:66:67:ec:0e:04:
94:11:16:52:6e:da:a7:4c:fa:e8:3f:c8:77:48:3d:97:cb:5d:
3e:39:40:80:b6:c5:d3:35:42:cf:6a:27:9d:0d:20:a9:2b:af:
61:23:50:ad:3d:df:90:76:48:30:99:78:04:f6:78:a6:de:b7:
31:44:0a:08:90:42:4a:f8:87:64:51:bc:ba:8d:bc:7a:46:80:
2a:31:86:8b:0d:76:09:60:7e:07:d3:59:fe:c7:57:7c:1e:03:
40:56:de:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJyyQ5NWS5zIOTyEr90Os5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQxMDA5MTkzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjgyYzk3MTI0Nzc5YWQyNWQwZjUzMjE5YmZiODNkNDIwNTc0YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE20cs7cAZ4Ku4MScnwyjO0hNbDA
sWF9kjWKEIB6/M3mHywNnI8X8TfC8YqHnqyIUtY9IWoix+DSoIoL3KW+5s7Mnmk5
cCyv6vVqiu/tSNcXwk2HiHnaHJcZvfcqMstrq5rdgMRwjzn091Wh1fPm8qoUI1TY
Vz+ZWphN8JVogrJn2U7tMPfv2Nh0qbSGvhJJR8Oz8RIQAvEf/8slO5Ym0xtg+gIR
EvfBBADh4wc5eZUi52Uepk8+hqUGPTcFsCq9Oc/QJs5P/9oB6oKEP+Dgsa6iAdqI
TBzi2E79dg6F17rVKJiMmM6VSrfiKB320zfx1NLALfz3X/xnsiWbpL2TgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+CyXEkd5rSXQ9TIZv7g9QgV0t/MB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvRDRMSmNTUjNtdEpkRDFNaG1fdUQxQ0JYUzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8SiMA0G
CSqGSIb3DQEBCwUAA4IBAQCWYUGPdBvgMk6fAMmz0+9XK3fO1jdjtluuT5Q/WHTt
iv461SQ7mREblEICvFXTGMEU+lk0VhyD8sarKPRiE0rKadHzNMD5Wb/EG+Y9l61t
q6JJTCO4U/fUVoeBxZ8hHk7ieKubIobh9bOaTZMv2rfy8jae6fWBFOvzj2HtvIKR
XpEn7CHiIfKA5fow1ot1oK/uQZGstmZuAXTx6eHaZmfsDgSUERZSbtqnTProP8h3
SD2Xy10+OUCAtsXTNULPaiedDSCpK69hI1CtPd+QdkgwmXgE9nim3rcxRAoIkEJK
+IdkUby6jbx6RoAqMYaLDXYJYH4H01n+x1d8HgNAVt6x
-----END CERTIFICATE-----
Generated at Fri Oct 18 12:04:42 2024 by rpki-client on console-fra.rpki-client.org