Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R64JHzLcaOQ2IP5P3cOHPb9loUU.roa
File: R64JHzLcaOQ2IP5P3cOHPb9loUU.roa (raw, json)
Hash identifier: LM7bFXvaYlcnPHm1NzEfUoXBeegz/P/32frKZdpc8vk=
Subject key identifier: 47:AE:09:1F:32:DC:68:E4:36:20:FE:4F:DD:C3:87:3D:BF:65:A1:45
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018E6DD2F2E8CB0F8ADCA0C20A57F1A86E2A
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R64JHzLcaOQ2IP5P3cOHPb9loUU.roa
Signing time: Sun 24 Mar 2024 00:18:45 +0000
ROA not before: Sun 24 Mar 2024 00:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 91.108.226.0/24 maxlen: 24
91.108.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 11:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6d:d2:f2:e8:cb:0f:8a:dc:a0:c2:0a:57:f1:a8:6e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Mar 24 00:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ae091f32dc68e43620fe4fddc3873dbf65a145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:13:48:61:76:3b:97:7f:ad:8a:ff:b9:ee:6d:
be:71:5f:db:94:55:74:43:b2:d3:ad:bf:d7:f9:f0:
0b:82:78:36:49:8d:93:1d:7e:32:b1:52:67:c6:e8:
49:a4:aa:02:20:ea:8b:ea:6c:7c:82:94:fa:d0:69:
41:50:10:a3:7b:3d:4c:aa:55:88:fe:13:34:72:9e:
ec:d8:0b:8a:5d:43:46:bb:ff:6f:32:d8:f3:22:ef:
c7:c3:df:a0:9a:05:8c:79:8e:f8:c5:42:c8:82:0a:
73:4f:da:2a:81:f5:7c:06:a1:97:14:1d:47:1b:41:
bf:6b:2c:04:87:e0:32:25:5a:9a:0c:4d:16:89:7e:
aa:b9:6f:0f:75:36:8f:65:02:7e:36:99:91:a6:13:
21:24:f4:86:3f:8d:50:4c:5d:b0:84:4f:a9:eb:68:
3d:3b:d3:2c:2c:55:67:ef:db:99:3a:bc:04:fa:8f:
46:d2:b4:03:97:66:45:b9:b6:4d:f3:e0:c0:d1:e0:
08:8f:0e:43:a4:01:fa:eb:ce:3e:65:43:a0:ac:fb:
1f:e3:92:3d:04:e9:85:d1:4e:b7:44:0f:67:55:b3:
00:42:f0:c4:5d:72:fc:51:0c:1d:ba:db:d6:88:d9:
0d:cf:26:45:2a:7d:f5:76:08:5b:4f:18:4f:cb:b5:
2b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AE:09:1F:32:DC:68:E4:36:20:FE:4F:DD:C3:87:3D:BF:65:A1:45
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/R64JHzLcaOQ2IP5P3cOHPb9loUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.226.0/23
Signature Algorithm: sha256WithRSAEncryption
83:aa:5e:2e:f8:88:f4:84:91:2c:9b:a8:f3:86:e5:70:bb:b8:
a3:9d:9f:2c:76:f6:6a:33:13:0b:d8:7d:e3:73:51:f9:f2:26:
29:5d:c2:9f:e1:38:a0:2f:05:e8:48:b0:b6:3c:7f:2d:a4:0d:
97:6d:02:38:0c:7a:7d:d5:7b:2f:ec:6f:47:82:1e:ec:74:4e:
39:b8:94:81:87:0f:d3:74:42:11:ae:74:c6:97:7c:d3:b4:19:
61:31:69:0f:5e:7b:e7:23:3e:f9:3f:b8:87:37:8b:80:a6:f5:
30:41:a3:ab:e8:39:b0:e4:ec:50:43:57:68:76:d8:24:96:4f:
f7:08:a1:cb:b8:8d:02:83:2c:7e:1f:5a:72:77:24:be:c0:fa:
57:2d:cf:82:2d:54:b4:92:ee:b5:69:0a:86:a3:41:69:b0:a0:
8d:c8:c6:20:25:13:f5:63:cc:49:8d:88:5e:1b:19:34:4c:4f:
c9:67:66:64:c3:62:3c:83:14:59:16:35:ac:da:a8:51:0e:76:
6c:ac:05:2a:18:12:57:24:3a:9c:3c:1e:e4:f0:63:9c:1a:c7:
f5:9e:77:f8:1b:ac:f4:4c:23:02:07:85:1c:75:10:93:8b:3e:
b6:25:35:de:13:e4:fa:80:5c:39:a2:44:d7:c0:e9:65:51:93:
6d:5a:85:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5t0vLoyw+K3KDCClfxqG4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQwMzI0MDAxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FlMDkxZjMyZGM2OGU0MzYyMGZlNGZkZGMzODczZGJmNjVhMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBNIYXY7l3+tiv+57m2+cV/blFV0
Q7LTrb/X+fALgng2SY2THX4ysVJnxuhJpKoCIOqL6mx8gpT60GlBUBCjez1MqlWI
/hM0cp7s2AuKXUNGu/9vMtjzIu/Hw9+gmgWMeY74xULIggpzT9oqgfV8BqGXFB1H
G0G/aywEh+AyJVqaDE0WiX6quW8PdTaPZQJ+NpmRphMhJPSGP41QTF2whE+p62g9
O9MsLFVn79uZOrwE+o9G0rQDl2ZFubZN8+DA0eAIjw5DpAH6684+ZUOgrPsf45I9
BOmF0U63RA9nVbMAQvDEXXL8UQwdutvWiNkNzyZFKn31dghbTxhPy7UrBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeuCR8y3GjkNiD+T93Dhz2/ZaFFMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvUjY0Skh6TGNhT1EySVA1UDNjT0hQYjlsb1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW2ziMA0G
CSqGSIb3DQEBCwUAA4IBAQCDql4u+Ij0hJEsm6jzhuVwu7ijnZ8sdvZqMxML2H3j
c1H58iYpXcKf4TigLwXoSLC2PH8tpA2XbQI4DHp91Xsv7G9Hgh7sdE45uJSBhw/T
dEIRrnTGl3zTtBlhMWkPXnvnIz75P7iHN4uApvUwQaOr6Dmw5OxQQ1dodtgklk/3
CKHLuI0Cgyx+H1pydyS+wPpXLc+CLVS0ku61aQqGo0FpsKCNyMYgJRP1Y8xJjYhe
Gxk0TE/JZ2Zkw2I8gxRZFjWs2qhRDnZsrAUqGBJXJDqcPB7k8GOcGsf1nnf4G6z0
TCMCB4UcdRCTiz62JTXeE+T6gFw5okTXwOllUZNtWoU2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:03 2025 by rpki-client