Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jsgLkfgxBptAvj17kkDR4qjAyLk.roa
File: jsgLkfgxBptAvj17kkDR4qjAyLk.roa (raw, json)
Hash identifier: 6lWgM9untHlAdvo2Avy6egquV0IHp63V7w7n9lOYQu0=
Subject key identifier: 8E:C8:0B:91:F8:31:06:9B:40:BE:3D:7B:92:40:D1:E2:A8:C0:C8:B9
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018CCA2BDE83B0C6FD072F97413220521113
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jsgLkfgxBptAvj17kkDR4qjAyLk.roa
Signing time: Tue 02 Jan 2024 12:35:21 +0000
ROA not before: Tue 02 Jan 2024 12:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.193.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:de:83:b0:c6:fd:07:2f:97:41:32:20:52:11:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 12:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ec80b91f831069b40be3d7b9240d1e2a8c0c8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:e5:cc:91:dd:be:33:45:9c:ec:c8:0d:6a:
0a:3c:9d:58:f2:14:bd:ec:b4:95:c9:75:73:d9:ae:
45:36:30:e7:de:fe:5a:27:2b:0d:13:0a:7a:7c:97:
cd:b3:59:f0:9d:80:50:51:69:12:77:2f:69:c8:c4:
43:c1:d9:4f:82:4f:bd:e3:f8:6e:03:d9:e2:57:a9:
32:68:db:dd:00:ae:68:56:d0:95:76:8e:42:9e:2b:
3f:53:40:fc:3a:97:d7:a4:8a:dc:cd:da:b2:fb:fe:
57:80:ca:18:93:2f:d0:08:2c:52:ab:dc:68:29:7e:
8c:ce:c3:4c:31:5d:8c:50:00:84:5e:a0:4d:2f:95:
14:84:c0:00:84:ff:2d:6b:49:3f:91:16:4d:ea:e0:
8f:df:d4:4b:d4:4b:2d:1a:38:3e:ba:78:c2:74:43:
6c:28:1d:e6:de:3f:8d:e9:8a:9b:30:66:90:2f:b1:
8b:4f:5d:f0:ae:e0:7c:b9:64:46:b2:5b:60:47:99:
1e:3f:6a:ef:74:d5:94:18:83:ed:01:6b:e4:7a:62:
c1:d3:c4:39:06:9b:0c:ab:8b:06:41:c9:14:3a:03:
03:9e:f9:dc:19:b0:e9:96:14:ab:5b:01:ea:03:6d:
fa:20:7f:6e:a1:29:00:61:40:15:a0:c5:99:95:34:
dd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C8:0B:91:F8:31:06:9B:40:BE:3D:7B:92:40:D1:E2:A8:C0:C8:B9
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/jsgLkfgxBptAvj17kkDR4qjAyLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0e:99:06:ed:87:ed:16:ff:35:75:5c:6f:c9:fa:ad:aa:f6:
41:e7:37:03:d1:2d:38:60:3e:a1:e1:48:6e:2c:5a:8d:95:b1:
53:64:ef:3b:06:8c:1b:31:59:b1:04:53:92:e1:77:1c:97:08:
c6:68:d4:2f:79:51:6b:8f:14:eb:4e:6f:ca:19:e9:94:36:ad:
37:24:f7:3e:e5:e7:2b:21:87:44:04:ab:71:db:8d:0b:29:b6:
14:91:cc:d7:93:44:30:1e:bf:6c:84:41:46:54:db:f6:8f:ef:
d6:76:49:9b:cf:2c:04:03:94:9f:9c:a4:5f:74:16:33:a9:41:
1c:60:83:d4:8b:1e:65:a5:d5:94:88:8f:4c:05:b3:9c:04:eb:
03:6f:f1:fc:21:71:2e:bd:2b:69:20:32:83:c3:28:a3:c9:3a:
77:5d:36:31:91:cc:f9:69:0c:08:45:16:ee:a2:d6:75:6b:b8:
b4:92:63:28:95:af:37:6b:ad:a9:31:71:93:5d:30:1a:09:74:
e0:05:d8:6e:55:55:3d:eb:37:f3:8f:b5:a3:90:b3:b1:60:1f:
a3:af:b7:6b:96:90:dc:4d:9d:ed:1d:b5:6f:f8:98:75:94:31:
06:9e:00:62:0c:12:d9:6a:e7:4b:0e:0f:bb:9d:aa:57:72:30:
7d:ff:db:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK96DsMb9By+XQTIgUhETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMTAyMTIzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWM4MGI5MWY4MzEwNjliNDBiZTNkN2I5MjQwZDFlMmE4YzBjOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR7lzJHdvjNFnOzIDWoKPJ1Y8hS9
7LSVyXVz2a5FNjDn3v5aJysNEwp6fJfNs1nwnYBQUWkSdy9pyMRDwdlPgk+94/hu
A9niV6kyaNvdAK5oVtCVdo5Cnis/U0D8OpfXpIrczdqy+/5XgMoYky/QCCxSq9xo
KX6MzsNMMV2MUACEXqBNL5UUhMAAhP8ta0k/kRZN6uCP39RL1EstGjg+unjCdENs
KB3m3j+N6YqbMGaQL7GLT13wruB8uWRGsltgR5keP2rvdNWUGIPtAWvkemLB08Q5
BpsMq4sGQckUOgMDnvncGbDplhSrWwHqA236IH9uoSkAYUAVoMWZlTTdkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7IC5H4MQabQL49e5JA0eKowMi5MB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvanNnTGtmZ3hCcHRBdmoxN2trRFI0cWpBeUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8HoMA0G
CSqGSIb3DQEBCwUAA4IBAQAcDpkG7YftFv81dVxvyfqtqvZB5zcD0S04YD6h4Uhu
LFqNlbFTZO87BowbMVmxBFOS4XcclwjGaNQveVFrjxTrTm/KGemUNq03JPc+5ecr
IYdEBKtx240LKbYUkczXk0QwHr9shEFGVNv2j+/WdkmbzywEA5SfnKRfdBYzqUEc
YIPUix5lpdWUiI9MBbOcBOsDb/H8IXEuvStpIDKDwyijyTp3XTYxkcz5aQwIRRbu
otZ1a7i0kmMola83a62pMXGTXTAaCXTgBdhuVVU96zfzj7WjkLOxYB+jr7drlpDc
TZ3tHbVv+Jh1lDEGngBiDBLZaudLDg+7napXcjB9/9s8
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:20:06 2025 by rpki-client