Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/ep4JQ8qKMs_yRqBMO7-7l8vN-YI.roa
File: ep4JQ8qKMs_yRqBMO7-7l8vN-YI.roa (raw, json)
Hash identifier: K/dwqfp1Hv75NzXJnF+g+5BlX2BNZ7NFRoKfRkzguMc=
Subject key identifier: 7A:9E:09:43:CA:8A:32:CF:F2:46:A0:4C:3B:BF:BB:97:CB:CD:F9:82
Certificate issuer: /CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Certificate serial: 018CC500148E0F8B5F8F718E73E24EC8D733
Authority key identifier: 5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/ep4JQ8qKMs_yRqBMO7-7l8vN-YI.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198606
IP address blocks: 91.237.96.0/24 maxlen: 24
2001:67c:28c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:14:8e:0f:8b:5f:8f:71:8e:73:e2:4e:c8:d7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa4e5710a46536bef2af36bf63f1940bc37bd42
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a9e0943ca8a32cff246a04c3bbfbb97cbcdf982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0a:c1:a2:09:be:44:a9:a2:cc:3e:e3:c0:27:
ba:28:2a:b8:a4:ae:fc:25:eb:07:b1:4d:7b:06:2e:
c3:eb:59:ae:32:96:7c:35:ef:47:58:05:9e:93:12:
17:7d:80:58:f7:20:0e:59:9c:b3:42:e6:a1:a7:e4:
2f:17:09:b3:97:20:d7:c1:6f:6e:49:a8:5d:8d:96:
8c:ba:71:06:7e:f9:de:2c:25:7d:38:31:5b:a3:fa:
a7:a3:57:7c:50:db:77:43:1e:8a:eb:31:a3:19:12:
e8:3a:c7:f5:a0:a0:c4:01:20:28:77:90:ed:e2:41:
48:eb:61:9f:08:b0:81:77:49:1b:5d:a3:53:c0:38:
64:01:1b:81:64:25:10:18:22:ea:d3:46:32:26:ff:
25:89:8e:16:ea:fd:0c:5f:01:ca:5c:e1:29:5e:7b:
73:77:72:f8:e9:b0:69:a2:09:b8:2d:04:8c:da:fb:
0d:c4:d3:9b:4d:03:2f:f9:74:db:4c:db:4a:68:78:
e7:4b:df:e2:d4:cc:2b:16:96:0f:d3:13:6c:0a:9d:
a3:66:d2:ee:a3:c7:35:20:16:40:72:62:d2:32:48:
ec:dc:28:0a:a3:b0:96:22:da:08:e4:f2:f4:03:38:
db:d3:e2:cb:13:f8:4c:70:1b:4b:71:ec:60:b4:5d:
8e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9E:09:43:CA:8A:32:CF:F2:46:A0:4C:3B:BF:BB:97:CB:CD:F9:82
X509v3 Authority Key Identifier:
keyid:5A:A4:E5:71:0A:46:53:6B:EF:2A:F3:6B:F6:3F:19:40:BC:37:BD:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/ep4JQ8qKMs_yRqBMO7-7l8vN-YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/1dd81c-665e-4b76-91fb-44dc52a19ce5/1/WqTlcQpGU2vvKvNr9j8ZQLw3vUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.96.0/24
IPv6:
2001:67c:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
21:c9:7c:3f:77:31:44:9b:83:42:63:ea:b8:c5:b2:7f:7b:ce:
79:c8:69:95:ee:79:2f:84:3f:36:5a:3a:fc:f4:41:e8:3d:3d:
6f:3b:de:0f:52:f9:4e:46:33:98:55:80:c9:41:74:cb:e0:dc:
56:5e:35:dc:7f:b2:de:92:b0:b7:5c:bc:aa:ef:14:64:4c:d8:
1d:93:df:aa:cc:df:ca:15:6e:27:64:e0:e7:a4:5c:21:ac:21:
a2:d8:fb:41:78:37:8a:54:56:5c:2d:b6:94:de:ba:35:07:a8:
5e:8b:ae:16:84:a9:07:1f:dd:f2:0c:e9:d3:4a:f0:ae:c6:13:
ad:22:b1:f1:77:d3:91:e3:27:5d:07:46:be:ce:0a:a0:c7:bb:
93:8f:01:92:bb:48:55:7e:cf:8d:d7:34:95:8c:fe:27:51:cc:
4e:a6:85:29:9e:48:15:32:2f:ca:94:0b:8a:04:4a:e6:f1:0d:
32:af:3d:70:47:30:10:08:1f:a5:89:5c:2e:31:0b:c6:dc:7b:
0b:3f:84:83:0f:bf:e2:64:18:02:09:dc:a8:7d:46:a7:07:ee:
3b:13:e4:13:da:e7:f7:34:87:2d:f6:8b:eb:94:b7:49:90:4e:
ee:07:c9:f1:7d:c6:38:b3:ed:f6:d5:63:1f:59:48:bd:ea:f2:
fe:4b:61:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFABSOD4tfj3GOc+JOyNczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTRlNTcxMGE0NjUzNmJlZjJhZjM2YmY2M2YxOTQwYmMz
N2JkNDIwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTllMDk0M2NhOGEzMmNmZjI0NmEwNGMzYmJmYmI5N2NiY2RmOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoArBogm+RKmizD7jwCe6KCq4pK78
JesHsU17Bi7D61muMpZ8Ne9HWAWekxIXfYBY9yAOWZyzQuahp+QvFwmzlyDXwW9u
SahdjZaMunEGfvneLCV9ODFbo/qno1d8UNt3Qx6K6zGjGRLoOsf1oKDEASAod5Dt
4kFI62GfCLCBd0kbXaNTwDhkARuBZCUQGCLq00YyJv8liY4W6v0MXwHKXOEpXntz
d3L46bBpogm4LQSM2vsNxNObTQMv+XTbTNtKaHjnS9/i1MwrFpYP0xNsCp2jZtLu
o8c1IBZAcmLSMkjs3CgKo7CWItoI5PL0Azjb0+LLE/hMcBtLcexgtF2OsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHqeCUPKijLP8kagTDu/u5fLzfmCMB8GA1UdIwQY
MBaAFFqk5XEKRlNr7yrza/Y/GUC8N71CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmIt
NDRkYzUyYTE5Y2U1LzEvZXA0SlE4cUtNc195UnFCTU83LTdsOHZOLVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xZGQ4MWMtNjY1ZS00Yjc2LTkxZmItNDRkYzUyYTE5Y2U1
LzEvV3FUbGNRcEdVMnZ2S3ZOcjlqOFpRTHczdlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+1gMA8E
AgACMAkDBwAgAQZ8KMAwDQYJKoZIhvcNAQELBQADggEBACHJfD93MUSbg0Jj6rjF
sn97znnIaZXueS+EPzZaOvz0Qeg9PW873g9S+U5GM5hVgMlBdMvg3FZeNdx/st6S
sLdcvKrvFGRM2B2T36rM38oVbidk4OekXCGsIaLY+0F4N4pUVlwttpTeujUHqF6L
rhaEqQcf3fIM6dNK8K7GE60isfF305HjJ10HRr7OCqDHu5OPAZK7SFV+z43XNJWM
/idRzE6mhSmeSBUyL8qUC4oESubxDTKvPXBHMBAIH6WJXC4xC8bcews/hIMPv+Jk
GAIJ3Kh9RqcH7jsT5BPa5/c0hy32i+uUt0mQTu4HyfF9xjiz7fbVYx9ZSL3q8v5L
YaY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:22 2025 by rpki-client