Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/XyIzWZq8_K8_I1Ds8SDCTRA0MdA.roa
File: XyIzWZq8_K8_I1Ds8SDCTRA0MdA.roa (raw, json)
Hash identifier: 86Gf2QfOOd1QJHEt+q+hnkiI1H1H2wehYDetTF1Z0DI=
Subject key identifier: 5F:22:33:59:9A:BC:FC:AF:3F:23:50:EC:F1:20:C2:4D:10:34:31:D0
Certificate issuer: /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial: 01934234B3252D97791FF879CF8DA1D18B39
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/XyIzWZq8_K8_I1Ds8SDCTRA0MdA.roa
Signing time: Tue 19 Nov 2024 02:16:10 +0000
ROA not before: Tue 19 Nov 2024 02:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 91.235.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:42:34:b3:25:2d:97:79:1f:f8:79:cf:8d:a1:d1:8b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Validity
Not Before: Nov 19 02:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f2233599abcfcaf3f2350ecf120c24d103431d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cc:c1:35:82:d9:9d:5a:d1:ce:a9:80:15:36:
07:60:25:37:fa:db:96:4c:41:ea:77:5e:1f:8c:4f:
73:54:c0:e7:38:5c:93:02:86:03:32:2b:ba:71:11:
36:7c:66:6d:84:2c:50:1a:8b:07:86:56:5b:c3:1b:
84:0f:90:b4:71:ac:f3:78:37:02:5a:9e:74:de:dd:
e3:3e:df:16:41:c7:04:e0:71:ce:d8:77:54:98:b2:
b4:46:3d:3d:ea:2f:5c:b3:5d:b2:e9:eb:2b:a1:73:
8c:dc:28:75:a4:d2:eb:11:0c:4c:e5:37:49:e8:5d:
e8:6f:68:6b:c9:4a:20:2c:0e:23:8d:29:0f:e4:e9:
61:5c:02:04:0a:82:71:2c:e2:a3:7a:da:0c:f6:41:
d1:93:a8:92:d6:6e:ee:1f:4f:ba:c7:31:4a:84:f8:
ee:91:d4:4f:c8:66:8a:51:ef:29:24:4b:fa:88:15:
f6:08:9a:b3:98:a9:d5:28:6e:cc:a3:f6:e8:95:fb:
72:12:4c:a5:d3:19:94:6b:3d:36:4b:74:46:ff:f9:
e7:e8:cb:43:00:62:d9:67:b8:f1:42:c0:21:51:f1:
58:b7:be:c5:e9:50:be:b8:62:96:0a:99:b4:75:80:
b7:b2:94:bc:57:94:66:0c:5c:1a:b3:0a:0f:38:8f:
b3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:22:33:59:9A:BC:FC:AF:3F:23:50:EC:F1:20:C2:4D:10:34:31:D0
X509v3 Authority Key Identifier:
keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/XyIzWZq8_K8_I1Ds8SDCTRA0MdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.2.0/24
Signature Algorithm: sha256WithRSAEncryption
60:08:d3:7f:02:76:f1:44:79:25:cd:e6:dc:77:a4:bb:c0:79:
4c:7f:12:69:fc:47:c1:85:8d:5e:cc:ce:52:ad:59:b0:d7:fa:
b1:bc:42:ce:c7:8f:97:de:f8:ea:c0:c1:65:0f:e7:3a:31:b6:
eb:8e:3f:8b:f7:a5:8c:f2:75:f7:54:0f:78:d8:50:75:e4:72:
e3:1c:40:0f:76:86:76:79:1a:52:2c:c4:02:44:87:ee:7b:d5:
15:cc:1c:e5:47:1c:b9:fd:4e:ca:66:3d:2a:81:88:4b:2f:4e:
be:bc:9f:ba:4b:c6:ff:2c:74:fb:1c:8e:7f:b3:14:98:ca:5f:
57:0f:10:ff:e9:cb:de:55:c5:fc:f8:1d:a6:3e:ea:bf:f0:64:
8d:f6:fe:15:f5:9f:45:0a:4b:4f:74:25:e8:d8:32:7c:20:fd:
b9:7f:62:e1:23:38:79:d1:60:9e:12:59:52:a8:12:40:c1:c4:
b4:09:2a:d2:bb:96:e6:ef:85:c4:55:10:ae:c9:4d:92:83:05:
b7:df:84:d3:2e:07:c2:91:c4:ef:af:01:15:91:34:ae:8c:60:
73:02:4f:79:df:d2:4a:0c:aa:3f:94:f4:a8:cc:a2:47:18:e4:
fa:30:ab:f4:65:65:dc:3f:64:5e:19:e2:3a:91:19:c9:a3:4b:
d6:21:68:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNCNLMlLZd5H/h5z42h0Ys5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjQxMTE5MDIxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIyMzM1OTlhYmNmY2FmM2YyMzUwZWNmMTIwYzI0ZDEwMzQzMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8zBNYLZnVrRzqmAFTYHYCU3+tuW
TEHqd14fjE9zVMDnOFyTAoYDMiu6cRE2fGZthCxQGosHhlZbwxuED5C0cazzeDcC
Wp503t3jPt8WQccE4HHO2HdUmLK0Rj096i9cs12y6esroXOM3Ch1pNLrEQxM5TdJ
6F3ob2hryUogLA4jjSkP5OlhXAIECoJxLOKjetoM9kHRk6iS1m7uH0+6xzFKhPju
kdRPyGaKUe8pJEv6iBX2CJqzmKnVKG7Mo/bolftyEkyl0xmUaz02S3RG//nn6MtD
AGLZZ7jxQsAhUfFYt77F6VC+uGKWCpm0dYC3spS8V5RmDFwaswoPOI+zWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8iM1mavPyvPyNQ7PEgwk0QNDHQMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvWHlJeldacThfSzhfSTFEczhTRENUUkEwTWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+sCMA0G
CSqGSIb3DQEBCwUAA4IBAQBgCNN/AnbxRHklzebcd6S7wHlMfxJp/EfBhY1ezM5S
rVmw1/qxvELOx4+X3vjqwMFlD+c6Mbbrjj+L96WM8nX3VA942FB15HLjHEAPdoZ2
eRpSLMQCRIfue9UVzBzlRxy5/U7KZj0qgYhLL06+vJ+6S8b/LHT7HI5/sxSYyl9X
DxD/6cveVcX8+B2mPuq/8GSN9v4V9Z9FCktPdCXo2DJ8IP25f2LhIzh50WCeEllS
qBJAwcS0CSrSu5bm74XEVRCuyU2SgwW334TTLgfCkcTvrwEVkTSujGBzAk9539JK
DKo/lPSozKJHGOT6MKv0ZWXcP2ReGeI6kRnJo0vWIWgW
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:16 2025 by rpki-client