Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/0bkzr1XFfgHt07W69nFqtjmZfGI.roa
File: 0bkzr1XFfgHt07W69nFqtjmZfGI.roa (raw, json)
Hash identifier: FjiOtg9WtqCz4JhuypJmWEB16g8fSgCBDgm8lu4oNvc=
Subject key identifier: D1:B9:33:AF:55:C5:7E:01:ED:D3:B5:BA:F6:71:6A:B6:39:99:7C:62
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018F62E6625361C908D18823906140F8BBF5
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/0bkzr1XFfgHt07W69nFqtjmZfGI.roa
Signing time: Fri 10 May 2024 14:26:56 +0000
ROA not before: Fri 10 May 2024 14:26:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 91.108.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 16:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:e6:62:53:61:c9:08:d1:88:23:90:61:40:f8:bb:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: May 10 14:26:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1b933af55c57e01edd3b5baf6716ab639997c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:da:7b:8c:9e:81:c8:ae:79:46:c7:c2:a8:cc:
4c:9d:54:f9:ca:36:43:b5:a4:88:fc:58:66:71:93:
86:9c:d2:ab:b7:7b:03:f2:7f:27:84:60:b5:f0:27:
76:40:51:18:37:17:9e:9a:cf:9e:f2:80:b2:8f:45:
69:7c:98:01:43:6e:2b:76:f3:5a:c9:e3:cb:71:ac:
6b:78:a4:8d:94:73:1d:f9:89:8d:72:98:f1:9b:99:
b7:6f:d3:4b:e3:48:7e:7d:a2:b1:61:42:4b:e8:e6:
7f:45:1a:b9:f2:b6:72:dc:bd:24:f6:4b:d6:eb:41:
52:5c:19:17:0d:9c:25:34:b2:45:1d:9c:3b:66:c8:
67:74:70:85:57:4d:13:24:8c:c3:d9:62:d9:6f:a3:
82:d1:e6:77:75:fd:e4:17:d1:74:45:7b:55:40:3b:
ef:af:70:81:9c:aa:10:42:a3:76:a5:cf:be:54:33:
6b:f5:b7:cf:22:cb:a7:61:15:e8:ef:23:f9:69:d8:
09:ff:e8:b0:75:72:23:77:c7:58:5a:ca:05:cd:1f:
33:fd:16:40:d7:e0:85:1d:e5:7c:a1:fc:80:cf:de:
c9:7a:5b:68:01:df:76:d4:0a:cd:2e:23:db:6c:0c:
ca:f6:ca:7f:52:0b:8e:74:20:e9:90:4b:c6:ed:c5:
c9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B9:33:AF:55:C5:7E:01:ED:D3:B5:BA:F6:71:6A:B6:39:99:7C:62
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/0bkzr1XFfgHt07W69nFqtjmZfGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.243.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:04:6e:03:bb:1b:72:87:b5:23:55:67:81:bf:dd:c7:47:2f:
25:a2:c0:38:83:f6:df:a0:b0:ab:49:a8:ee:f9:c3:bd:68:b4:
a8:cf:cf:49:24:b1:6c:fc:90:44:59:f3:5e:b2:96:7a:53:09:
c9:c1:a6:54:1c:ea:3c:b2:6b:43:a5:14:58:ea:dc:de:54:e3:
89:9b:9c:70:7c:89:7b:2c:02:dd:82:cd:9b:da:75:8a:f1:87:
63:72:36:74:a0:41:05:01:dc:fd:f9:79:d2:cd:df:68:34:6c:
dc:17:63:86:40:bb:c7:86:13:a4:59:fe:7b:ea:97:02:a0:8a:
63:62:cc:8e:2d:bc:c4:99:6e:1f:0d:e9:0a:ae:a4:af:b0:6c:
26:c1:fa:15:e2:69:dd:7c:de:ac:6f:bb:1d:ac:29:fa:73:32:
51:ff:6d:5c:99:e0:75:b4:92:ca:a4:5c:d1:ed:26:59:48:04:
55:1b:19:32:bb:bd:cb:e3:fb:70:25:3f:da:4a:88:cf:cb:b8:
56:b9:9c:af:cb:9a:c9:28:90:9d:29:03:60:8d:eb:4b:23:6b:
90:3a:81:4b:e1:71:e1:01:03:d5:1b:de:67:ed:8d:c9:4e:7a:
76:c2:04:2a:48:d7:87:a4:ee:8c:90:75:7f:74:5e:8a:3b:00:
f8:0c:f2:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9i5mJTYckI0YgjkGFA+Lv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQwNTEwMTQyNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI5MzNhZjU1YzU3ZTAxZWRkM2I1YmFmNjcxNmFiNjM5OTk3YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9p7jJ6ByK55RsfCqMxMnVT5yjZD
taSI/FhmcZOGnNKrt3sD8n8nhGC18Cd2QFEYNxeems+e8oCyj0VpfJgBQ24rdvNa
yePLcaxreKSNlHMd+YmNcpjxm5m3b9NL40h+faKxYUJL6OZ/RRq58rZy3L0k9kvW
60FSXBkXDZwlNLJFHZw7ZshndHCFV00TJIzD2WLZb6OC0eZ3df3kF9F0RXtVQDvv
r3CBnKoQQqN2pc++VDNr9bfPIsunYRXo7yP5adgJ/+iwdXIjd8dYWsoFzR8z/RZA
1+CFHeV8ofyAz97JeltoAd921ArNLiPbbAzK9sp/UguOdCDpkEvG7cXJzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG5M69VxX4B7dO1uvZxarY5mXxiMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvMGJrenIxWEZmZ0h0MDdXNjluRnF0am1aZkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2zzMA0G
CSqGSIb3DQEBCwUAA4IBAQCPBG4Duxtyh7UjVWeBv93HRy8losA4g/bfoLCrSaju
+cO9aLSoz89JJLFs/JBEWfNespZ6UwnJwaZUHOo8smtDpRRY6tzeVOOJm5xwfIl7
LALdgs2b2nWK8YdjcjZ0oEEFAdz9+XnSzd9oNGzcF2OGQLvHhhOkWf576pcCoIpj
YsyOLbzEmW4fDekKrqSvsGwmwfoV4mndfN6sb7sdrCn6czJR/21cmeB1tJLKpFzR
7SZZSARVGxkyu73L4/twJT/aSojPy7hWuZyvy5rJKJCdKQNgjetLI2uQOoFL4XHh
AQPVG95n7Y3JTnp2wgQqSNeHpO6MkHV/dF6KOwD4DPJc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:17 2025 by rpki-client