Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/8D1QvMjC0LkC7zqiT1_955AS_8w.roa
File: 8D1QvMjC0LkC7zqiT1_955AS_8w.roa (raw, json)
Hash identifier: e3cIGp1osQhLzVQWjCpqAbTDS71lcbPIpMEP/QLu4EA=
Subject key identifier: F0:3D:50:BC:C8:C2:D0:B9:02:EF:3A:A2:4F:5F:FD:E7:90:12:FF:CC
Certificate issuer: /CN=0a48c04816aa61f935e14a64c3ebba910ba651f4
Certificate serial: 0192BD85D270B1F8B0CFD79CB258F9215349
Authority key identifier: 0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/8D1QvMjC0LkC7zqiT1_955AS_8w.roa
Signing time: Thu 24 Oct 2024 07:55:16 +0000
ROA not before: Thu 24 Oct 2024 07:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214743
IP address blocks: 91.198.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:85:d2:70:b1:f8:b0:cf:d7:9c:b2:58:f9:21:53:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a48c04816aa61f935e14a64c3ebba910ba651f4
Validity
Not Before: Oct 24 07:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f03d50bcc8c2d0b902ef3aa24f5ffde79012ffcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fb:08:85:68:b3:41:f3:fc:f8:bb:03:35:b9:
1b:3d:e0:7d:13:63:a7:b9:4d:0e:ef:d8:77:a5:08:
c0:a5:98:bf:46:2c:b6:26:aa:39:3f:70:a9:73:e2:
9c:d2:a3:d3:66:1b:5e:c4:61:c7:5d:59:30:f5:cc:
e2:d9:c7:fa:6a:aa:79:80:f3:2c:22:b2:0d:33:41:
90:c3:3d:3e:12:7c:b6:85:39:bb:72:3d:6b:68:e4:
de:9f:26:24:40:8d:a4:0a:cc:9f:e7:54:2a:81:a5:
e5:78:eb:77:89:2a:8a:a1:98:dc:39:7b:fa:3a:e0:
64:5a:cf:df:be:8c:ee:d1:3f:2b:7f:94:a0:b7:78:
af:e2:6e:ae:f1:22:b1:2f:3b:c0:6f:4b:12:59:ef:
a8:ee:41:fb:83:9f:12:97:2f:1a:77:14:a9:a5:ec:
30:ce:04:8f:37:2c:cf:c7:1a:3f:a1:dc:b7:e0:4b:
3c:d9:fe:de:7a:d6:e8:9f:83:6f:6b:73:21:51:a2:
1c:ec:c4:7f:e1:15:10:b2:f8:a3:12:66:7c:f2:11:
84:55:98:fc:a1:a7:63:6d:3d:d9:4e:ba:60:7e:54:
ff:c6:14:6a:1e:cb:9b:e1:69:33:6b:92:30:33:d9:
ac:21:03:d1:3b:ee:b1:15:c8:8a:14:c9:99:3c:25:
fd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3D:50:BC:C8:C2:D0:B9:02:EF:3A:A2:4F:5F:FD:E7:90:12:FF:CC
X509v3 Authority Key Identifier:
keyid:0A:48:C0:48:16:AA:61:F9:35:E1:4A:64:C3:EB:BA:91:0B:A6:51:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkjASBaqYfk14Upkw-u6kQumUfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/8D1QvMjC0LkC7zqiT1_955AS_8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/069eab-f80d-4953-abc1-31aec07e945a/1/CkjASBaqYfk14Upkw-u6kQumUfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.23.0/24
Signature Algorithm: sha256WithRSAEncryption
36:50:37:5f:20:85:46:f8:e4:81:08:f5:4e:76:34:33:bd:f7:
b9:a9:24:85:45:9d:8c:ef:67:5f:6a:b6:a7:dd:4f:51:6b:82:
37:15:37:58:9f:ab:c1:d2:68:65:8b:08:58:fd:a3:17:d2:c6:
fb:ee:7b:8b:0a:58:46:30:d4:61:9d:82:79:52:da:4e:16:52:
a7:ea:55:4b:a3:02:25:38:4e:b4:ed:be:b5:b3:80:90:19:2c:
66:80:55:e5:c0:3d:ae:26:d1:68:6a:68:dd:b6:d9:58:a3:99:
0c:89:61:05:c5:da:f5:5b:a8:78:79:61:1b:32:b4:73:59:9e:
e9:bb:6f:f1:e0:63:24:fc:24:4a:f5:42:58:0d:6c:de:db:25:
20:70:4a:c0:3f:3a:0a:9e:29:ca:f5:3a:61:f4:9a:2c:2d:d6:
83:d6:1d:c9:4b:cd:57:4e:d7:ce:86:34:fb:48:4a:68:7a:f2:
2f:14:61:85:0d:d5:ee:53:7b:a5:03:75:14:ee:56:68:9d:1e:
f7:92:65:a4:8d:50:1a:4a:74:d7:87:6b:ac:13:d1:4e:78:28:
d5:91:d3:cd:0e:b1:44:d7:7a:c2:a9:bf:80:6a:27:81:d0:b9:
76:92:70:82:c1:b7:33:c1:4c:03:12:2c:6c:30:79:1c:3c:e3:
f2:f6:63:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK9hdJwsfiwz9ecslj5IVNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDhjMDQ4MTZhYTYxZjkzNWUxNGE2NGMzZWJiYTkxMGJh
NjUxZjQwHhcNMjQxMDI0MDc1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNkNTBiY2M4YzJkMGI5MDJlZjNhYTI0ZjVmZmRlNzkwMTJmZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofsIhWizQfP8+LsDNbkbPeB9E2On
uU0O79h3pQjApZi/Riy2Jqo5P3Cpc+Kc0qPTZhtexGHHXVkw9czi2cf6aqp5gPMs
IrINM0GQwz0+Eny2hTm7cj1raOTenyYkQI2kCsyf51QqgaXleOt3iSqKoZjcOXv6
OuBkWs/fvozu0T8rf5Sgt3iv4m6u8SKxLzvAb0sSWe+o7kH7g58Sly8adxSppeww
zgSPNyzPxxo/ody34Es82f7eetbon4Nva3MhUaIc7MR/4RUQsvijEmZ88hGEVZj8
oadjbT3ZTrpgflT/xhRqHsub4Wkza5IwM9msIQPRO+6xFciKFMmZPCX9ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPA9ULzIwtC5Au86ok9f/eeQEv/MMB8GA1UdIwQY
MBaAFApIwEgWqmH5NeFKZMPrupELplH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEt
MzFhZWMwN2U5NDVhLzEvOEQxUXZNakMwTGtDN3pxaVQxXzk1NUFTXzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wNjllYWItZjgwZC00OTUzLWFiYzEtMzFhZWMwN2U5NDVh
LzEvQ2tqQVNCYXFZZmsxNFVwa3ctdTZrUXVtVWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8YXMA0G
CSqGSIb3DQEBCwUAA4IBAQA2UDdfIIVG+OSBCPVOdjQzvfe5qSSFRZ2M72dfaran
3U9Ra4I3FTdYn6vB0mhliwhY/aMX0sb77nuLClhGMNRhnYJ5UtpOFlKn6lVLowIl
OE607b61s4CQGSxmgFXlwD2uJtFoamjdttlYo5kMiWEFxdr1W6h4eWEbMrRzWZ7p
u2/x4GMk/CRK9UJYDWze2yUgcErAPzoKninK9Tph9JosLdaD1h3JS81XTtfOhjT7
SEpoevIvFGGFDdXuU3ulA3UU7lZonR73kmWkjVAaSnTXh2usE9FOeCjVkdPNDrFE
13rCqb+AaieB0Ll2knCCwbczwUwDEixsMHkcPOPy9mP+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:44 2025 by rpki-client