Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/dPYYFBzIWyW2KIpxWuj8wQCi8aM.roa
File: dPYYFBzIWyW2KIpxWuj8wQCi8aM.roa (raw, json)
Hash identifier: LIRjfZJQAZEdzpy8tUn9ZtNkK7AcyDyBHSFGPo9apgA=
Subject key identifier: 74:F6:18:14:1C:C8:5B:25:B6:28:8A:71:5A:E8:FC:C1:00:A2:F1:A3
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 019272CCB7F96A978E293F4C5B24A87EA173
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/dPYYFBzIWyW2KIpxWuj8wQCi8aM.roa
Signing time: Wed 09 Oct 2024 19:41:11 +0000
ROA not before: Wed 09 Oct 2024 19:41:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 91.196.160.0/24 maxlen: 24
91.196.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 09:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:cc:b7:f9:6a:97:8e:29:3f:4c:5b:24:a8:7e:a1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Oct 9 19:41:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74f618141cc85b25b6288a715ae8fcc100a2f1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cc:af:b9:78:1e:fd:78:f9:ee:e0:15:52:a2:
b0:99:ce:ac:8a:11:fb:ce:51:f7:c3:50:35:e6:1a:
d1:6f:cb:f8:f9:75:b8:81:92:49:3f:d8:ef:43:9e:
6b:7a:84:7e:c2:08:33:40:6b:6c:b8:b6:0e:a8:23:
68:d3:cf:44:48:f3:96:e4:d4:c9:05:a4:50:62:3a:
f2:1b:7f:33:9e:9c:28:e0:b5:91:9c:e5:3e:90:c8:
ac:b5:fd:ad:ec:6c:00:66:41:7c:3a:73:0b:cc:40:
88:17:28:af:3a:b0:bd:07:ff:8e:bc:1e:ab:2b:65:
a7:01:09:54:47:24:34:b8:07:c3:c4:66:ca:91:f7:
1a:53:23:2a:f1:ff:d2:9b:4a:13:73:4e:68:4c:c3:
d3:ba:74:22:2e:91:dd:99:03:59:91:35:90:87:51:
a5:d2:1a:16:e1:59:8c:e5:1c:aa:0d:27:6d:af:30:
47:fe:7d:32:d6:7c:5c:0c:de:41:4f:5a:28:a1:18:
04:38:54:24:6a:8d:1d:90:15:dd:7f:d4:2a:67:67:
cd:ff:64:81:cc:92:d9:47:05:86:e4:21:32:a9:a8:
24:4b:f0:31:72:4c:19:a3:8b:e2:18:67:bf:ae:f7:
da:85:ad:ec:82:51:35:f8:75:a1:32:c6:65:af:07:
d2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F6:18:14:1C:C8:5B:25:B6:28:8A:71:5A:E8:FC:C1:00:A2:F1:A3
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/dPYYFBzIWyW2KIpxWuj8wQCi8aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/23
Signature Algorithm: sha256WithRSAEncryption
10:b9:fb:2f:be:fd:79:d4:9f:cb:bf:2b:7c:8f:ef:5d:8e:03:
7e:88:5a:8b:1e:36:75:f0:16:31:55:d0:e3:ab:2d:43:c1:49:
5a:67:68:d4:c5:47:71:4d:3c:86:fa:15:82:ec:6d:a3:0e:69:
16:4a:b4:96:53:17:34:86:da:ac:93:47:03:bc:7f:b1:53:23:
2e:58:0f:70:d4:57:33:f0:2b:85:1c:bf:72:ec:8a:17:fa:4e:
e8:01:d9:77:ae:ff:44:da:2c:82:40:3d:d6:06:18:ec:b5:7b:
ce:13:b8:d1:3c:e5:df:dc:67:cf:0a:b0:87:8c:53:c4:ee:f3:
65:cf:05:a4:37:87:dd:64:34:97:83:1e:da:d4:f9:cb:cc:d4:
ad:4a:21:fb:52:b5:08:ec:f5:15:60:7b:f2:ca:15:fc:ca:9d:
02:9f:0b:44:c7:cc:51:e0:b8:85:fd:26:40:ce:76:e6:5f:8f:
5d:61:1d:2d:c4:5a:6f:18:a1:bf:57:27:8c:53:9f:0c:46:99:
ed:1c:be:2a:3f:b4:5a:7b:e3:6c:b8:57:5d:f5:e6:a9:2a:b3:
97:89:d2:bd:a2:77:d3:28:90:67:34:7a:7b:de:3b:e7:40:a6:
b3:95:da:f1:f1:91:c5:e4:15:b1:64:b4:53:8d:83:cf:1f:24:
76:a6:19:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJyzLf5apeOKT9MWySofqFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQxMDA5MTk0MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY2MTgxNDFjYzg1YjI1YjYyODhhNzE1YWU4ZmNjMTAwYTJmMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsyvuXge/Xj57uAVUqKwmc6sihH7
zlH3w1A15hrRb8v4+XW4gZJJP9jvQ55reoR+wggzQGtsuLYOqCNo089ESPOW5NTJ
BaRQYjryG38znpwo4LWRnOU+kMistf2t7GwAZkF8OnMLzECIFyivOrC9B/+OvB6r
K2WnAQlURyQ0uAfDxGbKkfcaUyMq8f/Sm0oTc05oTMPTunQiLpHdmQNZkTWQh1Gl
0hoW4VmM5RyqDSdtrzBH/n0y1nxcDN5BT1oooRgEOFQkao0dkBXdf9QqZ2fN/2SB
zJLZRwWG5CEyqagkS/AxckwZo4viGGe/rvfaha3sglE1+HWhMsZlrwfS1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHT2GBQcyFsltiiKcVro/MEAovGjMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvZFBZWUZCeklXeVcyS0lweFd1ajh3UUNpOGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQAQufsvvv151J/Lvyt8j+9djgN+iFqLHjZ18BYxVdDj
qy1DwUlaZ2jUxUdxTTyG+hWC7G2jDmkWSrSWUxc0htqsk0cDvH+xUyMuWA9w1Fcz
8CuFHL9y7IoX+k7oAdl3rv9E2iyCQD3WBhjstXvOE7jRPOXf3GfPCrCHjFPE7vNl
zwWkN4fdZDSXgx7a1PnLzNStSiH7UrUI7PUVYHvyyhX8yp0CnwtEx8xR4LiF/SZA
znbmX49dYR0txFpvGKG/VyeMU58MRpntHL4qP7Rae+NsuFdd9eapKrOXidK9onfT
KJBnNHp73jvnQKazldrx8ZHF5BWxZLRTjYPPHyR2phly
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:19 2025 by rpki-client