Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/yYqX2rLdrNt39QzbLkBhJtWE_P4.roa
File: yYqX2rLdrNt39QzbLkBhJtWE_P4.roa (raw, json)
Hash identifier: 4MMCLr7gv8Nl74DC6IkacmcTefNj6rdAfnVfjFo8e4s=
Subject key identifier: C9:8A:97:DA:B2:DD:AC:DB:77:F5:0C:DB:2E:40:61:26:D5:84:FC:FE
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0191C18371EA49819B7F492D7D518AF56C55
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/yYqX2rLdrNt39QzbLkBhJtWE_P4.roa
Signing time: Thu 05 Sep 2024 09:28:22 +0000
ROA not before: Thu 05 Sep 2024 09:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 91.234.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:83:71:ea:49:81:9b:7f:49:2d:7d:51:8a:f5:6c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Sep 5 09:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c98a97dab2ddacdb77f50cdb2e406126d584fcfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:61:7b:ac:27:99:b3:3c:9e:67:47:9e:bc:18:
86:47:ed:3c:58:a9:64:d3:ad:cd:5c:6b:43:68:3c:
81:b3:5d:88:f2:64:11:ed:71:43:ac:8f:69:72:38:
63:7d:5b:bb:a1:ef:64:a0:55:97:9b:c3:f2:44:d5:
08:e0:79:52:5b:fb:96:08:0e:6d:17:4b:8e:de:80:
cf:0b:47:8a:35:08:95:9d:d8:4c:9b:fb:4a:60:fe:
23:71:e7:5d:56:f3:3a:0b:94:91:e2:09:07:23:62:
78:fb:2b:ef:2e:ad:21:01:4f:f8:5d:1c:78:5b:11:
ee:1c:4d:f0:49:87:aa:11:ef:8b:19:22:41:a6:80:
ab:74:6e:f4:40:dd:a8:22:ed:83:ef:f1:d4:1e:f3:
cb:ce:53:b8:6c:3d:a3:08:e5:e7:a3:45:fa:f8:79:
2c:42:69:32:e8:ee:b1:33:fd:0a:a3:b3:3d:79:6b:
51:fa:b1:97:ad:ae:6d:6a:1b:73:23:e9:8e:82:17:
f2:83:b0:21:6d:22:6d:9d:45:eb:d9:4d:37:8f:c6:
55:b6:4a:13:bb:3a:e8:93:13:b0:ab:04:74:8f:2f:
72:64:c8:50:6f:ef:48:18:c2:5f:42:fd:ba:35:23:
2b:b7:1a:09:fb:65:f5:ff:18:02:6b:f7:19:ad:bc:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8A:97:DA:B2:DD:AC:DB:77:F5:0C:DB:2E:40:61:26:D5:84:FC:FE
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/yYqX2rLdrNt39QzbLkBhJtWE_P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.255.0/24
Signature Algorithm: sha256WithRSAEncryption
40:4c:50:b4:9f:bc:6e:f7:87:f7:53:e1:5a:4b:ef:e5:85:09:
04:06:86:12:19:39:47:ce:a8:4a:e9:d3:fa:fb:cb:ed:e6:6f:
7c:09:4b:e7:bb:1e:4c:62:c3:0e:ec:12:4c:9b:8f:9f:c2:1f:
93:35:71:9c:59:77:75:12:8e:67:e3:1a:31:77:d1:06:41:04:
62:f8:36:e8:99:fb:a5:1f:6b:0f:5f:ff:fd:5e:e5:fa:df:ec:
d3:55:d4:0f:f9:23:29:64:9d:a2:8e:b3:a2:ce:e1:94:dd:fd:
99:53:e1:1a:c0:3f:d1:9c:82:79:dc:8a:0f:65:e2:c4:d5:b2:
95:2f:5d:3a:52:85:d9:a3:2f:20:f1:85:59:e0:bd:38:35:96:
f3:0b:e0:99:bf:7d:df:0d:9e:77:ba:53:3e:1a:cf:3e:b8:9f:
25:1c:20:29:f2:53:69:58:d6:23:63:e2:3f:fc:f3:8d:d3:e0:
e7:1b:63:a4:b8:19:8b:7a:a6:bc:9a:61:e3:cf:53:1f:26:fd:
1a:dc:b9:d0:31:09:2f:4e:3f:55:d5:b1:a8:26:ed:57:0b:e9:
60:2d:40:43:10:63:6f:70:b7:64:99:26:3c:49:04:69:96:a5:
3c:9a:fb:2b:84:a3:3a:a8:a9:2a:fa:98:19:bc:49:4d:b6:5f:
c3:63:ec:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHBg3HqSYGbf0ktfVGK9WxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwOTA1MDkyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThhOTdkYWIyZGRhY2RiNzdmNTBjZGIyZTQwNjEyNmQ1ODRmY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWF7rCeZszyeZ0eevBiGR+08WKlk
063NXGtDaDyBs12I8mQR7XFDrI9pcjhjfVu7oe9koFWXm8PyRNUI4HlSW/uWCA5t
F0uO3oDPC0eKNQiVndhMm/tKYP4jceddVvM6C5SR4gkHI2J4+yvvLq0hAU/4XRx4
WxHuHE3wSYeqEe+LGSJBpoCrdG70QN2oIu2D7/HUHvPLzlO4bD2jCOXno0X6+Hks
Qmky6O6xM/0Ko7M9eWtR+rGXra5tahtzI+mOghfyg7AhbSJtnUXr2U03j8ZVtkoT
uzrokxOwqwR0jy9yZMhQb+9IGMJfQv26NSMrtxoJ+2X1/xgCa/cZrbzB2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmKl9qy3azbd/UM2y5AYSbVhPz+MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEveVlxWDJyTGRyTnQzOVF6YkxrQmhKdFdFX1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+r/MA0G
CSqGSIb3DQEBCwUAA4IBAQBATFC0n7xu94f3U+FaS+/lhQkEBoYSGTlHzqhK6dP6
+8vt5m98CUvnux5MYsMO7BJMm4+fwh+TNXGcWXd1Eo5n4xoxd9EGQQRi+Dbomful
H2sPX//9XuX63+zTVdQP+SMpZJ2ijrOizuGU3f2ZU+EawD/RnIJ53IoPZeLE1bKV
L106UoXZoy8g8YVZ4L04NZbzC+CZv33fDZ53ulM+Gs8+uJ8lHCAp8lNpWNYjY+I/
/PON0+DnG2OkuBmLeqa8mmHjz1MfJv0a3LnQMQkvTj9V1bGoJu1XC+lgLUBDEGNv
cLdkmSY8SQRplqU8mvsrhKM6qKkq+pgZvElNtl/DY+yh
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:23 2025 by rpki-client