Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/282ac6-72c6-4b2c-9df9-8f1f2c914f04/1/U_zJ2ohl8pwluFdM2POLYKyQkR8.roa
File: U_zJ2ohl8pwluFdM2POLYKyQkR8.roa (raw, json)
Hash identifier: Nw/I8usu+doC+nJyBJ1Uj6K2Gh4ZnH4SZOGP5Qt3pBc=
Subject key identifier: 53:FC:C9:DA:88:65:F2:9C:25:B8:57:4C:D8:F3:8B:60:AC:90:91:1F
Certificate issuer: /CN=e08142b42e39480048d1fcea587a3693da4c0b8a
Certificate serial: 0190BC2539CCC41F76E41379E1338F09D544
Authority key identifier: E0:81:42:B4:2E:39:48:00:48:D1:FC:EA:58:7A:36:93:DA:4C:0B:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IFCtC45SABI0fzqWHo2k9pMC4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/282ac6-72c6-4b2c-9df9-8f1f2c914f04/1/U_zJ2ohl8pwluFdM2POLYKyQkR8.roa
Signing time: Tue 16 Jul 2024 15:24:34 +0000
ROA not before: Tue 16 Jul 2024 15:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56754
IP address blocks: 91.227.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:25:39:cc:c4:1f:76:e4:13:79:e1:33:8f:09:d5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08142b42e39480048d1fcea587a3693da4c0b8a
Validity
Not Before: Jul 16 15:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53fcc9da8865f29c25b8574cd8f38b60ac90911f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:34:aa:4b:f6:0d:40:0b:99:a4:88:a1:f0:2e:
e3:93:9d:0c:89:26:8b:29:43:47:64:b4:39:38:3d:
75:e5:22:fe:be:db:1a:f8:d5:51:c3:91:10:c8:69:
ba:24:e1:76:c4:97:67:0f:65:bb:cf:5b:9d:c0:47:
9a:1d:b5:26:77:e3:fc:b4:b9:21:4a:3d:99:f4:8c:
cc:25:1e:b2:76:2a:64:52:56:50:04:a7:69:5d:71:
ed:a8:3f:d7:fe:2c:81:2a:1a:43:b0:f4:85:9e:dc:
76:8e:b9:5c:aa:0a:2b:fc:f9:70:0f:69:60:e3:39:
06:8f:4d:89:0c:6e:a9:4b:d4:33:04:9c:92:54:ea:
ee:7f:bc:b4:6f:0e:a5:c5:74:10:3f:bc:ab:d0:6c:
da:36:77:40:63:f6:80:54:c1:96:a6:3d:48:6b:6a:
73:29:a7:fd:88:07:b2:74:79:75:bc:62:23:ce:97:
d1:5d:02:e0:85:8d:94:91:79:38:90:08:77:29:b4:
2b:06:d6:63:e3:6a:f1:60:85:9d:47:10:ad:d4:48:
5f:83:75:58:4b:ad:d3:96:33:b5:9c:41:6d:fc:fb:
4d:0c:06:b2:29:38:8d:05:0e:d5:50:61:93:0b:8a:
97:80:6a:7e:b2:f7:5d:a9:f5:96:a5:79:64:3e:88:
28:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FC:C9:DA:88:65:F2:9C:25:B8:57:4C:D8:F3:8B:60:AC:90:91:1F
X509v3 Authority Key Identifier:
keyid:E0:81:42:B4:2E:39:48:00:48:D1:FC:EA:58:7A:36:93:DA:4C:0B:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IFCtC45SABI0fzqWHo2k9pMC4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/282ac6-72c6-4b2c-9df9-8f1f2c914f04/1/U_zJ2ohl8pwluFdM2POLYKyQkR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/282ac6-72c6-4b2c-9df9-8f1f2c914f04/1/4IFCtC45SABI0fzqWHo2k9pMC4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.109.0/24
Signature Algorithm: sha256WithRSAEncryption
88:34:a7:70:7a:3b:ab:aa:fe:a0:82:14:e6:5c:3b:67:82:52:
32:89:d1:2c:ac:d4:69:78:8a:c9:5b:0a:5a:5b:48:7d:98:f8:
cd:6d:83:14:e6:b7:68:13:2a:ee:84:63:e5:a6:52:63:b2:6f:
6d:ed:9b:9b:83:2b:39:0b:dd:98:5e:6e:e1:5e:83:5b:12:c9:
99:48:dc:67:02:64:0e:b1:38:64:fc:ee:41:18:fe:8f:9a:b4:
82:7b:f0:59:4f:0a:6c:52:2b:4b:ba:bb:0d:f0:76:d5:36:85:
41:ff:87:e4:f2:76:b6:23:ce:47:05:ad:41:3e:3a:22:e8:b5:
e4:e9:c0:cf:b2:e8:c1:70:00:00:90:e9:82:99:d6:83:8d:7b:
4f:01:27:dd:05:bc:33:1d:4b:96:5f:d1:2e:08:14:a1:b6:44:
64:63:45:30:27:f9:50:69:f5:32:34:c0:4f:04:1c:69:6e:99:
3e:01:00:ec:a7:4f:16:6a:0b:93:58:75:40:1e:e0:b7:64:6f:
d1:96:8b:b0:6a:34:61:1b:14:a5:b7:2d:10:9b:9c:3f:cb:34:
16:e3:3e:bc:9a:55:fa:5f:d0:a3:ef:b0:06:0b:a8:1b:01:fb:
db:cf:47:31:78:70:47:94:62:b7:b0:f9:6c:bf:94:3e:d4:19:
e5:e0:d5:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC8JTnMxB925BN54TOPCdVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwODE0MmI0MmUzOTQ4MDA0OGQxZmNlYTU4N2EzNjkzZGE0
YzBiOGEwHhcNMjQwNzE2MTUyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZjYzlkYTg4NjVmMjljMjViODU3NGNkOGYzOGI2MGFjOTA5MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDSqS/YNQAuZpIih8C7jk50MiSaL
KUNHZLQ5OD115SL+vtsa+NVRw5EQyGm6JOF2xJdnD2W7z1udwEeaHbUmd+P8tLkh
Sj2Z9IzMJR6ydipkUlZQBKdpXXHtqD/X/iyBKhpDsPSFntx2jrlcqgor/PlwD2lg
4zkGj02JDG6pS9QzBJySVOruf7y0bw6lxXQQP7yr0GzaNndAY/aAVMGWpj1Ia2pz
Kaf9iAeydHl1vGIjzpfRXQLghY2UkXk4kAh3KbQrBtZj42rxYIWdRxCt1Ehfg3VY
S63TljO1nEFt/PtNDAayKTiNBQ7VUGGTC4qXgGp+svddqfWWpXlkPogotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFP8ydqIZfKcJbhXTNjzi2CskJEfMB8GA1UdIwQY
MBaAFOCBQrQuOUgASNH86lh6NpPaTAuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNElGQ3RDNDVTQUJJMGZ6cVdIbzJrOXBNQzRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yODJhYzYtNzJjNi00YjJjLTlkZjkt
OGYxZjJjOTE0ZjA0LzEvVV96SjJvaGw4cHdsdUZkTTJQT0xZS3lRa1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yODJhYzYtNzJjNi00YjJjLTlkZjktOGYxZjJjOTE0ZjA0
LzEvNElGQ3RDNDVTQUJJMGZ6cVdIbzJrOXBNQzRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+NtMA0G
CSqGSIb3DQEBCwUAA4IBAQCINKdwejurqv6gghTmXDtnglIyidEsrNRpeIrJWwpa
W0h9mPjNbYMU5rdoEyruhGPlplJjsm9t7Zubgys5C92YXm7hXoNbEsmZSNxnAmQO
sThk/O5BGP6PmrSCe/BZTwpsUitLursN8HbVNoVB/4fk8na2I85HBa1BPjoi6LXk
6cDPsujBcAAAkOmCmdaDjXtPASfdBbwzHUuWX9EuCBShtkRkY0UwJ/lQafUyNMBP
BBxpbpk+AQDsp08WaguTWHVAHuC3ZG/RlouwajRhGxSlty0Qm5w/yzQW4z68mlX6
X9Cj77AGC6gbAfvbz0cxeHBHlGK3sPlsv5Q+1Bnl4NVE
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:28 2025 by rpki-client