Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/V8nWP9tj3PZ8Y9_LJ4vlX785LB8.roa
File: V8nWP9tj3PZ8Y9_LJ4vlX785LB8.roa (raw, json)
Hash identifier: 9kwvkNza9Ld1zF0bmJVWciFUgmlKZE6HbPlQRLwmrRY=
Subject key identifier: 57:C9:D6:3F:DB:63:DC:F6:7C:63:DF:CB:27:8B:E5:5F:BF:39:2C:1F
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 018EF3AC19B14EEF1618877DF5B1B72D9971
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/V8nWP9tj3PZ8Y9_LJ4vlX785LB8.roa
Signing time: Fri 19 Apr 2024 00:05:26 +0000
ROA not before: Fri 19 Apr 2024 00:05:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52208
IP address blocks: 91.196.161.0/24 maxlen: 24
91.196.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 19:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f3:ac:19:b1:4e:ef:16:18:87:7d:f5:b1:b7:2d:99:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Apr 19 00:05:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57c9d63fdb63dcf67c63dfcb278be55fbf392c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:01:72:00:4c:ff:d4:6f:80:c1:ad:60:44:2d:
c9:35:84:ad:ba:28:51:89:d6:26:84:47:96:09:1d:
83:c2:a1:21:67:f8:98:79:28:6e:2a:95:3e:67:77:
63:3b:98:e0:46:8e:f3:d9:d0:b4:5e:ce:71:7e:99:
af:ec:62:d6:bb:04:58:de:d7:86:00:06:b3:f6:93:
9c:82:d1:71:e5:5c:da:34:a5:e5:2d:46:19:32:18:
e1:2a:d0:61:8f:76:b3:5f:f2:7f:84:14:bf:0d:73:
c9:3d:f1:89:76:81:fd:50:fe:bd:b2:12:37:85:51:
28:52:b6:ce:88:8e:dc:bb:ec:52:b2:61:cc:63:9c:
c6:1a:6c:49:61:3a:fa:f1:ee:ed:64:00:7b:5e:f7:
55:2c:19:1e:1a:86:ff:15:9f:83:62:85:2f:36:28:
b1:6f:21:a0:fa:eb:b6:b1:c9:67:3c:f4:66:cb:28:
2a:7b:df:5a:21:da:2e:54:41:a4:1a:42:9f:b3:bf:
7a:f7:2b:8a:67:a7:6c:70:50:e5:7c:14:50:d9:cb:
56:9e:18:dc:14:f2:5a:e2:b0:eb:5f:d9:a2:7e:8b:
ab:d4:fc:83:69:e3:cd:f7:40:a0:0b:f8:0c:d7:62:
68:f7:bd:93:cc:d9:60:de:e3:26:0a:59:42:98:f3:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C9:D6:3F:DB:63:DC:F6:7C:63:DF:CB:27:8B:E5:5F:BF:39:2C:1F
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/V8nWP9tj3PZ8Y9_LJ4vlX785LB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.161.0/24
91.196.163.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:34:c7:ce:5f:e1:d2:0b:e3:b3:8b:e4:93:88:33:67:35:b7:
ef:0b:10:09:a3:aa:76:4c:14:36:db:33:54:f1:f1:60:80:34:
72:e8:90:c7:de:d7:81:f9:ab:b3:de:f3:4d:60:c4:21:ae:23:
97:53:1f:11:7f:4e:bc:32:a2:1d:9d:0b:19:c1:13:43:24:63:
98:78:32:44:62:36:01:6f:31:45:92:c1:0d:9e:4d:b9:8f:6a:
79:03:59:66:91:4a:de:db:dc:90:47:d3:3f:56:57:37:04:64:
61:fc:1a:29:7d:29:60:65:4d:7c:5e:26:b6:9c:50:d5:62:10:
7f:70:13:91:39:9a:a9:22:68:63:ee:c9:06:7d:bf:38:ce:20:
09:0f:d0:e0:1f:5a:c0:84:24:b2:c8:56:b3:09:0e:40:04:e8:
b3:cb:ab:57:76:3a:67:fd:66:fb:41:d5:38:2b:06:d3:d4:7a:
9a:46:b4:d0:b7:fa:ee:9e:39:ae:a0:03:aa:22:05:6f:0a:18:
d6:68:cd:3d:75:3e:1e:49:8d:64:5a:a4:f7:f8:61:be:bc:fd:
08:c3:68:87:cf:fe:28:4b:2a:be:db:0f:08:e0:f3:38:71:52:
f9:ef:44:e2:40:8e:6a:c1:ed:0a:8f:2b:32:84:e8:e3:b3:ef:
7c:a5:f9:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7zrBmxTu8WGId99bG3LZlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQwNDE5MDAwNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2M5ZDYzZmRiNjNkY2Y2N2M2M2RmY2IyNzhiZTU1ZmJmMzkyYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwFyAEz/1G+Awa1gRC3JNYStuihR
idYmhEeWCR2DwqEhZ/iYeShuKpU+Z3djO5jgRo7z2dC0Xs5xfpmv7GLWuwRY3teG
AAaz9pOcgtFx5VzaNKXlLUYZMhjhKtBhj3azX/J/hBS/DXPJPfGJdoH9UP69shI3
hVEoUrbOiI7cu+xSsmHMY5zGGmxJYTr68e7tZAB7XvdVLBkeGob/FZ+DYoUvNiix
byGg+uu2sclnPPRmyygqe99aIdouVEGkGkKfs7969yuKZ6dscFDlfBRQ2ctWnhjc
FPJa4rDrX9mifour1PyDaePN90CgC/gM12Jo972TzNlg3uMmCllCmPMUfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFfJ1j/bY9z2fGPfyyeL5V+/OSwfMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvVjhuV1A5dGozUFo4WTlfTEo0dmxYNzg1TEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8ShAwQA
W8SjMA0GCSqGSIb3DQEBCwUAA4IBAQAuNMfOX+HSC+Ozi+STiDNnNbfvCxAJo6p2
TBQ22zNU8fFggDRy6JDH3teB+auz3vNNYMQhriOXUx8Rf068MqIdnQsZwRNDJGOY
eDJEYjYBbzFFksENnk25j2p5A1lmkUre29yQR9M/Vlc3BGRh/BopfSlgZU18Xia2
nFDVYhB/cBOROZqpImhj7skGfb84ziAJD9DgH1rAhCSyyFazCQ5ABOizy6tXdjpn
/Wb7QdU4KwbT1HqaRrTQt/runjmuoAOqIgVvChjWaM09dT4eSY1kWqT3+GG+vP0I
w2iHz/4oSyq+2w8I4PM4cVL570TiQI5qwe0KjysyhOjjs+98pfmU
-----END CERTIFICATE-----
Generated at Wed Oct 9 23:14:48 2024 by rpki-client on console-ams.rpki-client.org