Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/yac7UF4fHwTSouo7mUcZSVo1dQU.roa
File: yac7UF4fHwTSouo7mUcZSVo1dQU.roa (raw, json)
Hash identifier: G0L5wkLuQQD9vhz6lHYR7dH1YZnOHEj5fJfPJW/TjzM=
Subject key identifier: C9:A7:3B:50:5E:1F:1F:04:D2:A2:EA:3B:99:47:19:49:5A:35:75:05
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 0193FA4AB02509D8AB5265C6B1FBCA56158B
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/yac7UF4fHwTSouo7mUcZSVo1dQU.roa
Signing time: Tue 24 Dec 2024 20:10:18 +0000
ROA not before: Tue 24 Dec 2024 20:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39900
IP address blocks: 91.196.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fa:4a:b0:25:09:d8:ab:52:65:c6:b1:fb:ca:56:15:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Dec 24 20:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a73b505e1f1f04d2a2ea3b994719495a357505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b5:cf:81:0d:21:56:73:10:1c:50:f3:0f:58:
68:e9:ac:7d:f0:f6:e6:63:9c:94:70:39:50:7c:de:
f8:90:54:0f:ca:a5:77:08:eb:d3:08:4c:69:c9:cc:
57:6b:a6:44:1f:c9:3f:07:1a:b2:aa:b1:c8:46:a0:
25:ba:b6:2b:48:df:23:6f:7e:b7:bc:44:6a:65:66:
bc:fd:e3:05:93:26:ef:60:ef:84:e2:bb:90:6a:f0:
75:b5:52:7c:23:f4:70:03:8a:6a:c3:d8:f4:21:2c:
25:45:64:b8:25:0e:a9:96:97:22:bd:11:8f:bc:a7:
df:80:06:cf:22:43:b8:08:66:62:46:5f:d3:21:e7:
9a:0a:8d:7e:87:f1:dd:2a:40:ca:0e:03:fa:08:2a:
49:4f:cb:dc:33:0d:38:11:f7:56:34:84:17:f9:10:
57:07:44:dd:76:56:41:3d:e9:e8:92:53:12:1c:e4:
01:6a:a5:54:81:e7:a4:71:c3:44:33:ef:c4:80:56:
72:5e:74:1c:dd:9c:75:64:fe:67:c7:02:6e:06:ed:
95:1f:ad:81:2b:62:46:05:d5:3c:fd:23:bc:b9:b3:
e0:72:8c:32:f2:fd:e4:ae:bd:a5:72:07:59:81:36:
38:24:f7:c9:0c:8e:8a:eb:fa:02:fc:f3:db:dd:a3:
72:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A7:3B:50:5E:1F:1F:04:D2:A2:EA:3B:99:47:19:49:5A:35:75:05
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/yac7UF4fHwTSouo7mUcZSVo1dQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:58:bc:38:15:04:06:ac:1d:0a:f9:12:e5:d6:37:b5:44:a3:
0b:e3:e7:d4:ab:89:f0:d3:d8:b6:f6:15:16:20:1d:7f:65:5b:
81:45:41:9c:5d:ef:34:5c:e9:c1:10:bf:c0:4d:3e:3e:ae:b6:
f2:39:3f:c8:af:cf:79:2d:78:da:27:38:6d:1e:5b:a9:54:5b:
1f:88:5c:7d:d5:a9:f7:2c:d2:49:f3:c6:8a:87:f1:d3:f5:18:
41:ae:7c:80:0a:9f:41:51:bf:f6:fb:3c:0a:11:ef:ea:80:f3:
a8:b8:06:79:84:7b:0f:32:d9:60:43:ce:ee:d8:5f:f6:cb:01:
82:4e:39:e3:21:c6:99:ab:6c:4c:89:3c:35:8d:d0:c2:83:17:
41:37:d2:c7:44:ce:ae:bc:0b:b7:37:22:ca:19:08:ec:34:f4:
74:c9:f9:6d:51:cb:ff:b6:05:b8:ed:66:2e:ce:8f:a1:7a:cb:
a8:5a:a6:46:35:24:56:db:15:99:c1:89:9a:31:d3:a1:29:ff:
4a:37:e2:d1:a5:7f:51:1d:55:36:61:ce:c0:13:cf:8c:f3:3f:
49:79:32:e9:4b:74:ed:0e:a3:06:59:ef:bb:51:55:3e:39:87:
84:dd:be:ff:80:7c:42:59:8e:c2:f8:a6:d1:88:ad:bb:02:2e:
98:05:be:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP6SrAlCdirUmXGsfvKVhWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQxMjI0MjAxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE3M2I1MDVlMWYxZjA0ZDJhMmVhM2I5OTQ3MTk0OTVhMzU3NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybXPgQ0hVnMQHFDzD1ho6ax98Pbm
Y5yUcDlQfN74kFQPyqV3COvTCExpycxXa6ZEH8k/BxqyqrHIRqAlurYrSN8jb363
vERqZWa8/eMFkybvYO+E4ruQavB1tVJ8I/RwA4pqw9j0ISwlRWS4JQ6plpcivRGP
vKffgAbPIkO4CGZiRl/TIeeaCo1+h/HdKkDKDgP6CCpJT8vcMw04EfdWNIQX+RBX
B0TddlZBPenoklMSHOQBaqVUgeekccNEM+/EgFZyXnQc3Zx1ZP5nxwJuBu2VH62B
K2JGBdU8/SO8ubPgcowy8v3krr2lcgdZgTY4JPfJDI6K6/oC/PPb3aNy+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmnO1BeHx8E0qLqO5lHGUlaNXUFMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEveWFjN1VGNGZId1RTb3VvN21VY1pTVm8xZFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQCiWLw4FQQGrB0K+RLl1je1RKML4+fUq4nw09i29hUW
IB1/ZVuBRUGcXe80XOnBEL/ATT4+rrbyOT/Ir895LXjaJzhtHlupVFsfiFx91an3
LNJJ88aKh/HT9RhBrnyACp9BUb/2+zwKEe/qgPOouAZ5hHsPMtlgQ87u2F/2ywGC
TjnjIcaZq2xMiTw1jdDCgxdBN9LHRM6uvAu3NyLKGQjsNPR0yfltUcv/tgW47WYu
zo+hesuoWqZGNSRW2xWZwYmaMdOhKf9KN+LRpX9RHVU2Yc7AE8+M8z9JeTLpS3Tt
DqMGWe+7UVU+OYeE3b7/gHxCWY7C+KbRiK27Ai6YBb7c
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:43:22 2025 by rpki-client