Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/OIP-tO5GIAI-cW8CyLLl9bTbTBc.roa
File: OIP-tO5GIAI-cW8CyLLl9bTbTBc.roa (raw, json)
Hash identifier: kH48iSJvy6nvjiochm6r0rw2Nb3n6dyDze+0sq8fVE4=
Subject key identifier: 38:83:FE:B4:EE:46:20:02:3E:71:6F:02:C8:B2:E5:F5:B4:DB:4C:17
Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928
Certificate serial: 018F907DA62AA77B744364CA2CE815867EBE
Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/OIP-tO5GIAI-cW8CyLLl9bTbTBc.roa
Signing time: Sun 19 May 2024 10:55:04 +0000
ROA not before: Sun 19 May 2024 10:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 91.208.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:90:7d:a6:2a:a7:7b:74:43:64:ca:2c:e8:15:86:7e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a20cc67154b403145d139469886127ab629eb928
Validity
Not Before: May 19 10:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3883feb4ee4620023e716f02c8b2e5f5b4db4c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:47:02:a8:50:6f:67:26:e4:35:fd:0e:1e:a2:
53:62:d2:82:2d:ca:87:ca:5d:65:ce:3c:2c:ea:13:
73:b6:79:17:c3:97:3c:ea:32:2d:d6:49:0d:fe:85:
43:8d:b8:e6:bc:1d:85:30:84:0e:83:83:b9:59:42:
42:25:67:6d:90:36:2c:18:74:d8:22:82:92:33:c8:
34:8a:98:63:d0:0e:20:2c:c5:da:64:df:ff:30:34:
ed:d4:62:e3:6b:cd:c2:0b:ef:98:6e:cd:72:cf:4f:
30:be:a7:2e:cf:c7:a8:55:4d:17:ef:d5:a4:bd:8c:
59:ab:01:03:a0:99:3c:09:b2:d4:af:b0:6d:23:9e:
87:95:ce:18:16:b5:8a:1d:5a:0c:ee:e9:dc:96:10:
db:df:2b:cd:85:fa:f7:15:da:45:72:07:f8:65:15:
54:94:1e:fe:37:06:54:47:0d:a6:a0:42:58:97:3e:
d6:b1:ce:27:a2:b7:c4:85:eb:d7:35:a3:ec:48:3e:
55:1c:01:fb:53:a7:ca:d4:5f:ee:9d:ca:3f:aa:16:
ad:77:a9:28:2d:37:c8:df:e3:23:25:13:49:04:bf:
bb:ea:38:40:aa:f2:26:dd:ea:ec:c2:2a:5b:51:3c:
e7:b0:0a:0b:61:aa:a6:d8:2f:01:82:71:15:9a:0b:
08:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:83:FE:B4:EE:46:20:02:3E:71:6F:02:C8:B2:E5:F5:B4:DB:4C:17
X509v3 Authority Key Identifier:
keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/OIP-tO5GIAI-cW8CyLLl9bTbTBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.118.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:80:a5:3a:c0:eb:c8:f1:e0:7f:6d:15:49:3c:73:e3:f0:3a:
a9:58:9b:42:69:10:16:7e:0b:61:8f:60:aa:ca:45:4d:2b:5f:
a4:a7:95:20:32:f6:e7:38:ea:3b:96:d1:4d:00:64:57:e1:4c:
78:19:84:f8:d4:6f:87:f0:b6:22:e9:bf:b5:e1:4d:ce:6c:a6:
ce:c8:ca:0b:8b:c9:4a:62:a0:24:04:b8:64:83:12:e7:b0:aa:
bd:b6:bf:7a:6f:01:68:1b:42:74:2e:5d:ca:13:db:ce:ac:8a:
2c:db:a3:18:1a:af:28:04:36:7d:9d:e4:f8:e5:84:73:3d:44:
97:45:9d:c0:1f:db:d6:4d:1a:47:47:38:10:c8:f7:2a:ea:8a:
96:f7:63:ba:95:66:e9:15:14:11:37:62:9d:31:0b:3a:2c:c1:
1d:4d:78:95:b6:4c:4e:df:99:07:e4:ba:be:84:d9:84:e1:7e:
b4:c5:9c:b6:df:c4:3f:c5:08:dd:82:3a:e3:f3:06:4c:ae:73:
44:9b:93:60:f0:1e:72:d7:04:29:45:c1:b1:ea:c4:be:b9:06:
db:60:10:c5:08:9c:c2:b1:7c:ea:66:aa:12:5a:27:9f:05:68:
7d:7e:d5:b6:bf:4e:f6:ca:0b:e2:64:09:d4:f0:79:98:02:2f:
8f:3f:d2:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+QfaYqp3t0Q2TKLOgVhn6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5
ZWI5MjgwHhcNMjQwNTE5MTA1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODgzZmViNGVlNDYyMDAyM2U3MTZmMDJjOGIyZTVmNWI0ZGI0YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0cCqFBvZybkNf0OHqJTYtKCLcqH
yl1lzjws6hNztnkXw5c86jIt1kkN/oVDjbjmvB2FMIQOg4O5WUJCJWdtkDYsGHTY
IoKSM8g0iphj0A4gLMXaZN//MDTt1GLja83CC++Ybs1yz08wvqcuz8eoVU0X79Wk
vYxZqwEDoJk8CbLUr7BtI56Hlc4YFrWKHVoM7unclhDb3yvNhfr3FdpFcgf4ZRVU
lB7+NwZURw2moEJYlz7Wsc4norfEhevXNaPsSD5VHAH7U6fK1F/unco/qhatd6ko
LTfI3+MjJRNJBL+76jhAqvIm3erswipbUTznsAoLYaqm2C8BgnEVmgsIIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiD/rTuRiACPnFvAsiy5fW020wXMB8GA1UdIwQY
MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt
OGZjMzM3MzdjZWFiLzEvT0lQLXRPNUdJQUktY1c4Q3lMTGw5YlRiVEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi
LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9B2MA0G
CSqGSIb3DQEBCwUAA4IBAQCpgKU6wOvI8eB/bRVJPHPj8DqpWJtCaRAWfgthj2Cq
ykVNK1+kp5UgMvbnOOo7ltFNAGRX4Ux4GYT41G+H8LYi6b+14U3ObKbOyMoLi8lK
YqAkBLhkgxLnsKq9tr96bwFoG0J0Ll3KE9vOrIos26MYGq8oBDZ9neT45YRzPUSX
RZ3AH9vWTRpHRzgQyPcq6oqW92O6lWbpFRQRN2KdMQs6LMEdTXiVtkxO35kH5Lq+
hNmE4X60xZy238Q/xQjdgjrj8wZMrnNEm5Ng8B5y1wQpRcGx6sS+uQbbYBDFCJzC
sXzqZqoSWiefBWh9ftW2v072ygviZAnU8HmYAi+PP9Jh
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:38 2025 by rpki-client