Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/rMe4BVEbuoXGjXCjXSPL_A3Os0U.roa
File: rMe4BVEbuoXGjXCjXSPL_A3Os0U.roa (raw, json)
Hash identifier: SSaAFGzhcQY81RBoRHb1IcBpczlGfHlEBh7LIgC64DU=
Subject key identifier: AC:C7:B8:05:51:1B:BA:85:C6:8D:70:A3:5D:23:CB:FC:0D:CE:B3:45
Certificate issuer: /CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
Certificate serial: 018CC2DAB56EFCEA63401C8AE53B1D296F5A
Authority key identifier: 17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/rMe4BVEbuoXGjXCjXSPL_A3Os0U.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13030
IP address blocks: 91.198.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b5:6e:fc:ea:63:40:1c:8a:e5:3b:1d:29:6f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1741bd7685138dc51d5a6b0cd3780f466b57fd13
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc7b805511bba85c68d70a35d23cbfc0dceb345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:42:6d:e7:5b:4b:c2:1d:6a:79:d7:27:ea:38:
95:a3:c7:be:4b:19:41:e2:c8:21:ca:bc:4a:8d:05:
5e:27:8f:51:17:4a:47:80:c5:af:87:03:aa:b7:2c:
4f:74:e5:25:98:70:cf:e9:ce:3b:5b:a9:30:23:95:
3f:2e:76:e9:5b:25:20:65:d7:56:7c:b5:a3:5e:fc:
88:df:03:e8:9e:f6:5b:b0:d6:7e:83:1c:99:e1:fb:
3f:ab:e9:1f:06:0a:1d:b9:fa:6c:f4:af:91:2e:c5:
27:e6:20:68:28:5c:79:85:96:0f:90:11:6f:d8:1f:
ed:b4:13:17:ae:f2:42:6e:77:08:79:63:7e:36:88:
e8:20:b2:2a:f2:8f:19:59:01:66:6b:d1:39:f8:e5:
1b:40:a9:74:56:d3:8f:d9:68:2a:f1:ba:b0:d3:3b:
f0:c4:51:20:8b:13:3d:45:7d:5e:e3:49:5f:40:80:
ec:9c:ef:cd:0d:af:a4:27:0c:34:87:c1:4a:34:c9:
de:b9:e7:6e:1b:06:96:11:af:42:1d:06:a5:82:f4:
fe:dc:96:66:77:0e:8c:da:60:2b:6f:e3:5f:31:cc:
7a:a7:34:37:b5:41:64:0f:6a:fe:0c:45:fa:d4:52:
0d:7c:83:ce:b1:19:31:f0:ca:d3:db:38:a8:4e:ea:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C7:B8:05:51:1B:BA:85:C6:8D:70:A3:5D:23:CB:FC:0D:CE:B3:45
X509v3 Authority Key Identifier:
keyid:17:41:BD:76:85:13:8D:C5:1D:5A:6B:0C:D3:78:0F:46:6B:57:FD:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0G9doUTjcUdWmsM03gPRmtX_RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/rMe4BVEbuoXGjXCjXSPL_A3Os0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/df292d-959b-4ead-9348-29f09d893ae7/1/F0G9doUTjcUdWmsM03gPRmtX_RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.154.0/24
Signature Algorithm: sha256WithRSAEncryption
20:0f:97:90:a2:c0:9a:81:0a:68:c0:60:4c:0b:cd:33:fc:92:
7d:99:75:21:31:39:7b:0c:4c:fb:11:1c:f9:f6:9f:65:8e:d8:
65:de:3c:6b:f8:15:a8:5a:b7:f4:ab:81:98:af:be:57:8a:ec:
88:28:ca:3c:fe:62:70:fe:0a:c1:b6:b0:bd:5f:9f:3d:95:0a:
66:a2:30:f8:42:f0:57:44:05:33:75:8c:41:24:71:f3:30:18:
54:07:08:54:c6:a5:ef:a3:45:d1:39:59:95:d3:26:96:b8:74:
d7:78:ca:27:93:e2:67:d1:4d:f3:07:ca:c5:f2:e6:35:90:4f:
49:65:ba:84:b3:b8:5c:5a:cb:57:26:f1:ce:3b:e7:38:40:c0:
8a:2f:0b:a3:94:bc:14:39:2f:c7:6a:25:9f:7e:4b:d7:f7:a3:
2f:a2:85:e0:70:78:7e:e3:61:cd:29:ed:36:da:30:4d:f1:f1:
a0:a2:10:46:6e:34:6d:f1:8f:f4:25:b6:43:c2:9d:ce:29:03:
d2:7a:af:70:df:bb:a9:ea:a2:c7:0e:d0:56:e5:9d:68:1c:ae:
a6:c3:0a:2b:70:95:6a:77:6d:81:96:f4:f1:d3:3b:33:a6:6d:
12:b4:3c:42:10:b2:20:81:78:67:bb:7b:37:d5:61:ba:df:53:
ce:91:13:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2rVu/OpjQByK5TsdKW9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDFiZDc2ODUxMzhkYzUxZDVhNmIwY2QzNzgwZjQ2NmI1
N2ZkMTMwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M3YjgwNTUxMWJiYTg1YzY4ZDcwYTM1ZDIzY2JmYzBkY2ViMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUJt51tLwh1qedcn6jiVo8e+SxlB
4sghyrxKjQVeJ49RF0pHgMWvhwOqtyxPdOUlmHDP6c47W6kwI5U/LnbpWyUgZddW
fLWjXvyI3wPonvZbsNZ+gxyZ4fs/q+kfBgodufps9K+RLsUn5iBoKFx5hZYPkBFv
2B/ttBMXrvJCbncIeWN+NojoILIq8o8ZWQFma9E5+OUbQKl0VtOP2Wgq8bqw0zvw
xFEgixM9RX1e40lfQIDsnO/NDa+kJww0h8FKNMneueduGwaWEa9CHQalgvT+3JZm
dw6M2mArb+NfMcx6pzQ3tUFkD2r+DEX61FINfIPOsRkx8MrT2zioTupDbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzHuAVRG7qFxo1wo10jy/wNzrNFMB8GA1UdIwQY
MBaAFBdBvXaFE43FHVprDNN4D0ZrV/0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBHOWRvVVRqY1VkV21zTTAzZ1BSbXRYX1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZjI5MmQtOTU5Yi00ZWFkLTkzNDgt
MjlmMDlkODkzYWU3LzEvck1lNEJWRWJ1b1hHalhDalhTUExfQTNPczBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kZjI5MmQtOTU5Yi00ZWFkLTkzNDgtMjlmMDlkODkzYWU3
LzEvRjBHOWRvVVRqY1VkV21zTTAzZ1BSbXRYX1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8aaMA0G
CSqGSIb3DQEBCwUAA4IBAQAgD5eQosCagQpowGBMC80z/JJ9mXUhMTl7DEz7ERz5
9p9ljthl3jxr+BWoWrf0q4GYr75XiuyIKMo8/mJw/grBtrC9X589lQpmojD4QvBX
RAUzdYxBJHHzMBhUBwhUxqXvo0XROVmV0yaWuHTXeMonk+Jn0U3zB8rF8uY1kE9J
ZbqEs7hcWstXJvHOO+c4QMCKLwujlLwUOS/HaiWffkvX96MvooXgcHh+42HNKe02
2jBN8fGgohBGbjRt8Y/0JbZDwp3OKQPSeq9w37up6qLHDtBW5Z1oHK6mwworcJVq
d22BlvTx0zszpm0StDxCELIggXhnu3s31WG631POkRPI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:06 2025 by rpki-client