Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/eZSwCviOMuvd2zoZGrlCdvogepw.roa
File: eZSwCviOMuvd2zoZGrlCdvogepw.roa (raw, json)
Hash identifier: qdrXKfA5tfAN+eyM+T9+1yftim/iEA7uiHyrWj3czlU=
Subject key identifier: 79:94:B0:0A:F8:8E:32:EB:DD:DB:3A:19:1A:B9:42:76:FA:20:7A:9C
Certificate issuer: /CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Certificate serial: 01936D36FC79E6D11B92791A44A47DA317A1
Authority key identifier: 8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/eZSwCviOMuvd2zoZGrlCdvogepw.roa
Signing time: Wed 27 Nov 2024 10:42:20 +0000
ROA not before: Wed 27 Nov 2024 10:42:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.208.28.0/24 maxlen: 24
193.105.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:36:fc:79:e6:d1:1b:92:79:1a:44:a4:7d:a3:17:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Validity
Not Before: Nov 27 10:42:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7994b00af88e32ebdddb3a191ab94276fa207a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:ae:ad:75:8a:91:85:92:ff:b5:10:97:82:
42:e9:dc:76:4b:63:0e:5d:0d:74:58:5f:4c:8b:47:
09:e6:ee:73:97:7d:bb:99:04:77:6b:a1:e5:a4:3c:
52:f0:bb:7b:39:47:b1:84:a4:45:b6:14:ce:31:2f:
4d:06:89:07:1b:79:f3:c7:eb:66:be:fd:45:bb:f0:
c4:14:52:b1:5e:2f:4b:c8:09:7a:e7:2c:d1:b8:67:
f2:f5:79:31:04:9e:c9:14:98:18:bd:95:ff:e5:5e:
83:d2:ed:36:cb:ba:f7:1c:09:22:d5:d7:7e:d6:f3:
15:b0:b4:77:97:27:f8:06:f9:da:5f:34:43:e3:fe:
a2:25:fa:22:62:9b:3a:1b:4d:90:08:ec:16:fa:5f:
16:d8:98:37:29:12:97:ec:44:fc:f9:3b:24:bb:d6:
c9:bd:e4:01:25:38:81:7c:fb:be:6f:ee:62:dc:e1:
6d:20:cd:9c:e9:72:55:97:32:79:6d:77:1a:6e:5d:
ee:fc:3b:83:9e:99:be:15:48:c2:d9:d4:59:48:95:
32:01:2d:fc:ea:1f:23:90:8b:6f:49:28:31:b0:2d:
d9:20:03:28:06:a7:24:1b:53:b9:98:1b:3a:9b:51:
18:89:dc:2b:d9:7d:87:18:9e:62:cd:89:af:23:2b:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:94:B0:0A:F8:8E:32:EB:DD:DB:3A:19:1A:B9:42:76:FA:20:7A:9C
X509v3 Authority Key Identifier:
keyid:8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/eZSwCviOMuvd2zoZGrlCdvogepw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/irPpZch0fi-l3dEoV2c_BgQu-kM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.28.0/24
193.105.47.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d9:db:31:51:39:ea:2b:a6:8e:a9:fc:da:a5:b3:dd:f3:04:
a8:94:02:59:0e:92:be:b6:d4:c9:6d:22:b6:88:06:73:d7:6a:
0c:71:55:b9:77:f3:fa:c3:1b:01:bb:c0:34:ac:0a:99:d6:d2:
61:3d:41:08:e8:f3:9c:34:61:57:6f:e7:f7:09:2d:17:32:ad:
54:15:32:1e:de:12:69:12:dd:7a:26:3b:04:48:9e:7f:3b:2d:
97:5e:9f:56:f1:ce:30:8b:39:0a:5b:d1:86:93:3e:ba:22:a4:
ef:10:c8:54:92:c5:be:4b:d6:47:34:15:63:29:a8:41:8a:38:
11:b1:59:f0:48:30:52:f3:94:10:9a:d3:27:cf:fe:3e:d9:f4:
95:d9:2d:9b:18:d4:7b:09:e7:c8:0d:f0:22:e8:7e:7d:c3:0e:
37:49:42:88:0e:6c:f7:39:02:66:a0:0f:7e:9a:95:f2:c8:21:
cd:fe:71:ec:af:95:7f:70:76:81:16:e9:34:a3:ea:30:d2:8c:
fc:bb:68:50:50:40:f1:4b:6f:19:d0:51:15:be:c0:eb:8b:f7:
04:e2:aa:1e:19:d0:9a:29:b0:f2:84:39:60:1b:a5:66:4a:7f:
31:3f:4a:b7:ee:29:25:78:44:df:53:bc:77:27:8e:d4:9e:16:
11:ba:bf:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNtNvx55tEbknkaRKR9oxehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjNlOTY1Yzg3NDdlMmZhNWRkZDEyODU3NjczZjA2MDQy
ZWZhNDMwHhcNMjQxMTI3MTA0MjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTk0YjAwYWY4OGUzMmViZGRkYjNhMTkxYWI5NDI3NmZhMjA3YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhGurXWKkYWS/7UQl4JC6dx2S2MO
XQ10WF9Mi0cJ5u5zl327mQR3a6HlpDxS8Lt7OUexhKRFthTOMS9NBokHG3nzx+tm
vv1Fu/DEFFKxXi9LyAl65yzRuGfy9XkxBJ7JFJgYvZX/5V6D0u02y7r3HAki1dd+
1vMVsLR3lyf4BvnaXzRD4/6iJfoiYps6G02QCOwW+l8W2Jg3KRKX7ET8+Tsku9bJ
veQBJTiBfPu+b+5i3OFtIM2c6XJVlzJ5bXcabl3u/DuDnpm+FUjC2dRZSJUyAS38
6h8jkItvSSgxsC3ZIAMoBqckG1O5mBs6m1EYidwr2X2HGJ5izYmvIyudzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHmUsAr4jjLr3ds6GRq5Qnb6IHqcMB8GA1UdIwQY
MBaAFIqz6WXIdH4vpd3RKFdnPwYELvpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzIt
MDQ0MjdhOTlmMWM1LzEvZVpTd0N2aU9NdXZkMnpvWkdybENkdm9nZXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzItMDQ0MjdhOTlmMWM1
LzEvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9AcAwQA
wWkvMA0GCSqGSIb3DQEBCwUAA4IBAQBy2dsxUTnqK6aOqfzapbPd8wSolAJZDpK+
ttTJbSK2iAZz12oMcVW5d/P6wxsBu8A0rAqZ1tJhPUEI6POcNGFXb+f3CS0XMq1U
FTIe3hJpEt16JjsESJ5/Oy2XXp9W8c4wizkKW9GGkz66IqTvEMhUksW+S9ZHNBVj
KahBijgRsVnwSDBS85QQmtMnz/4+2fSV2S2bGNR7CefIDfAi6H59ww43SUKIDmz3
OQJmoA9+mpXyyCHN/nHsr5V/cHaBFuk0o+ow0oz8u2hQUEDxS28Z0FEVvsDri/cE
4qoeGdCaKbDyhDlgG6VmSn8xP0q37ikleETfU7x3J47UnhYRur//
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:52:36 2025 by rpki-client