Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/wU28G3tawTJ6GLRlirJoiOEXF78.roa
File: wU28G3tawTJ6GLRlirJoiOEXF78.roa (raw, json)
Hash identifier: xnMyds1gYp8SspQJyQiK0H1e/y9eCK+ELlugawtxHF8=
Subject key identifier: C1:4D:BC:1B:7B:5A:C1:32:7A:18:B4:65:8A:B2:68:88:E1:17:17:BF
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 018E42BE81CCE559A66B9BAD41135ABA932E
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/wU28G3tawTJ6GLRlirJoiOEXF78.roa
Signing time: Fri 15 Mar 2024 15:32:45 +0000
ROA not before: Fri 15 Mar 2024 15:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.196.160.0/23 maxlen: 23
91.196.162.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 09 Oct 2024 19:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:be:81:cc:e5:59:a6:6b:9b:ad:41:13:5a:ba:93:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Mar 15 15:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c14dbc1b7b5ac1327a18b4658ab26888e11717bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5d:eb:ea:40:be:38:b2:f5:b4:04:80:5d:b1:
21:d4:16:d4:ca:bb:ef:ca:91:f1:33:fc:32:f4:ac:
6d:d0:61:d0:cb:be:51:a7:3f:6d:a1:88:5e:ce:62:
46:dc:4a:85:f1:2b:a7:0d:05:42:85:8f:72:b5:fa:
b0:e1:b1:0f:7c:5d:3c:36:47:bf:87:77:e5:b7:15:
c6:b2:44:22:9a:af:e9:6b:e9:74:3b:df:e4:57:77:
6e:68:44:96:4f:c3:2e:7b:cf:38:b3:7f:7b:e1:75:
5a:fb:5c:ec:5a:e2:fa:cd:b0:d8:96:71:c6:67:90:
a6:45:e7:7b:2c:e6:c9:13:d5:91:2d:a4:92:02:57:
99:e5:4b:b2:70:de:12:fc:2e:13:0d:36:24:04:93:
b0:00:b6:95:fb:bc:66:c8:73:ce:f0:00:59:8f:05:
cd:d4:fa:b7:69:21:5e:e8:09:9a:73:f5:97:78:7f:
2d:2e:3e:86:9c:52:fa:8a:db:ae:94:b9:48:71:6d:
36:44:c0:6e:50:31:50:4a:91:8b:d9:e8:0c:ef:b2:
95:45:e3:4a:55:d7:5a:be:8f:43:29:4f:de:e4:93:
ef:36:7d:f7:9e:80:f6:af:5f:7d:08:32:81:fa:b7:
2e:63:da:3a:99:16:60:83:7b:33:94:02:e9:30:b8:
a2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4D:BC:1B:7B:5A:C1:32:7A:18:B4:65:8A:B2:68:88:E1:17:17:BF
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/wU28G3tawTJ6GLRlirJoiOEXF78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:ab:47:e8:0e:e8:82:ac:5a:f4:c0:ab:8c:f2:10:0b:be:49:
14:bc:14:45:4a:b6:73:f5:ca:f7:14:3e:de:17:3e:02:44:ca:
73:d0:83:a9:5b:a2:02:af:c8:89:13:57:8f:06:38:66:68:ac:
53:18:9b:a3:2a:23:c9:d9:c0:75:86:7d:8c:99:5c:4a:d3:aa:
9e:a2:3e:7d:98:ff:f4:4b:d4:e5:cf:07:44:44:09:84:5b:27:
b5:ed:ab:1d:84:7a:95:d1:fb:27:b0:f7:50:aa:67:7e:5f:ae:
0c:6e:a1:6b:d3:4f:78:46:7c:fa:e2:90:c4:9e:2f:e4:e2:d6:
ba:cd:25:9f:6b:e3:97:b0:54:6c:50:01:33:c5:4a:8b:71:73:
b6:b2:1f:58:9e:0f:38:82:ea:46:3e:42:80:e0:1a:5e:38:83:
f9:9b:ed:0e:40:55:d4:cb:e0:9d:32:46:8f:1b:65:15:39:64:
9f:bf:64:9c:66:17:a7:bb:13:96:c8:a6:bf:1b:ed:e7:06:13:
69:70:9e:71:a9:36:81:fe:ef:79:69:2a:cf:87:d3:ae:ce:e0:
a3:7d:40:af:a7:a4:0c:d1:27:d9:4d:13:4f:f6:59:09:13:2a:
cc:13:ee:5a:ae:e9:5b:24:4a:2d:59:5c:f9:73:14:05:f1:c6:
0f:7a:29:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5CvoHM5Vmma5utQRNaupMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQwMzE1MTUzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTRkYmMxYjdiNWFjMTMyN2ExOGI0NjU4YWIyNjg4OGUxMTcxN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul3r6kC+OLL1tASAXbEh1BbUyrvv
ypHxM/wy9Kxt0GHQy75Rpz9toYhezmJG3EqF8SunDQVChY9ytfqw4bEPfF08Nke/
h3fltxXGskQimq/pa+l0O9/kV3duaESWT8Mue884s3974XVa+1zsWuL6zbDYlnHG
Z5CmRed7LObJE9WRLaSSAleZ5UuycN4S/C4TDTYkBJOwALaV+7xmyHPO8ABZjwXN
1Pq3aSFe6Amac/WXeH8tLj6GnFL6ituulLlIcW02RMBuUDFQSpGL2egM77KVReNK
Vddavo9DKU/e5JPvNn33noD2r199CDKB+rcuY9o6mRZgg3szlALpMLiiNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFNvBt7WsEyehi0ZYqyaIjhFxe/MB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvd1UyOEczdGF3VEo2R0xSbGlySm9pT0VYRjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBNq0foDuiCrFr0wKuM8hALvkkUvBRFSrZz9cr3FD7e
Fz4CRMpz0IOpW6ICr8iJE1ePBjhmaKxTGJujKiPJ2cB1hn2MmVxK06qeoj59mP/0
S9TlzwdERAmEWye17asdhHqV0fsnsPdQqmd+X64MbqFr0094Rnz64pDEni/k4ta6
zSWfa+OXsFRsUAEzxUqLcXO2sh9Yng84gupGPkKA4BpeOIP5m+0OQFXUy+CdMkaP
G2UVOWSfv2ScZhenuxOWyKa/G+3nBhNpcJ5xqTaB/u95aSrPh9OuzuCjfUCvp6QM
0SfZTRNP9lkJEyrME+5arulbJEotWVz5cxQF8cYPeilt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:23 2025 by rpki-client