Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/SnK6FZoFbHlfEiK_pD1Rwmlb27Q.roa
File: SnK6FZoFbHlfEiK_pD1Rwmlb27Q.roa (raw, json)
Hash identifier: QpZSlPy1HZzPI6TVS7rSkL21ljunNU4rjD2gjKIxYBA=
Subject key identifier: 4A:72:BA:15:9A:05:6C:79:5F:12:22:BF:A4:3D:51:C2:69:5B:DB:B4
Certificate issuer: /CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Certificate serial: 018CC8DCE7BDB2AD8F1060340428B00A2014
Authority key identifier: 79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/SnK6FZoFbHlfEiK_pD1Rwmlb27Q.roa
Signing time: Tue 02 Jan 2024 06:29:29 +0000
ROA not before: Tue 02 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 91.198.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e7:bd:b2:ad:8f:10:60:34:04:28:b0:0a:20:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79cd4bd3c9bfe20dccfe2b19de23095ca2474835
Validity
Not Before: Jan 2 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a72ba159a056c795f1222bfa43d51c2695bdbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:37:c5:fe:13:39:19:88:52:0d:32:5e:65:c4:
11:b5:6f:7e:40:88:44:22:53:3c:2b:4c:7f:9b:39:
6a:d6:84:33:cb:25:94:0e:1b:b2:69:16:e0:23:73:
e3:10:8a:33:c1:37:05:51:2a:9c:7b:1e:67:6b:00:
62:48:8e:21:44:41:77:ca:dc:d5:9f:00:7d:a7:07:
44:ab:41:b0:9c:7c:e1:2d:b7:0e:7c:45:cf:c8:a2:
7b:43:bd:62:b4:5e:ed:c8:c0:82:fa:16:29:e9:eb:
47:e1:e5:57:98:d3:38:0a:92:5c:61:b9:3a:8a:e9:
cb:bb:f7:8a:f6:80:f7:a7:0c:68:06:eb:35:28:74:
3e:5b:9f:3a:75:1e:9e:56:0e:3b:1e:8b:43:aa:65:
08:01:2b:0f:5f:9c:8e:10:b4:36:57:df:a3:4b:66:
cc:71:e7:97:ec:09:1b:31:43:2e:9c:31:49:bc:dc:
31:63:2c:4e:97:a1:38:b0:56:ef:67:15:18:0f:51:
30:04:d5:1a:7a:ac:f7:b0:d0:83:c7:05:08:50:e8:
1b:07:2f:db:ae:85:b7:52:9a:cb:59:78:77:b7:b6:
d7:6a:69:be:3e:7a:60:e8:e7:0e:03:60:fe:6e:5e:
c0:10:7e:6c:3e:c3:41:68:83:d0:2f:7b:b8:86:5b:
15:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:72:BA:15:9A:05:6C:79:5F:12:22:BF:A4:3D:51:C2:69:5B:DB:B4
X509v3 Authority Key Identifier:
keyid:79:CD:4B:D3:C9:BF:E2:0D:CC:FE:2B:19:DE:23:09:5C:A2:47:48:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec1L08m_4g3M_isZ3iMJXKJHSDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/SnK6FZoFbHlfEiK_pD1Rwmlb27Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ffa949-86c4-4984-8557-2c2c5fbda341/1/ec1L08m_4g3M_isZ3iMJXKJHSDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.72.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c6:2c:b6:73:b8:cd:f1:72:98:d1:24:27:f4:0a:4e:3e:c9:
e0:ad:d8:ac:94:9f:92:7c:3f:d4:a0:7b:51:c3:ee:65:ae:57:
00:0e:82:67:ef:bd:68:ce:78:b1:b8:5d:07:59:af:db:1a:12:
43:6a:6e:36:d8:c3:eb:18:c0:9e:1a:21:f1:77:63:16:88:e6:
e4:28:ec:28:72:7e:a6:71:80:6c:fb:17:e3:85:9f:02:74:55:
64:ca:cd:90:9e:bf:12:51:c6:57:db:70:ba:c0:22:71:46:77:
ce:1a:80:5d:ea:af:c9:8e:52:7e:d6:27:a7:81:d0:b0:35:ab:
18:8b:1a:4e:f7:2d:12:32:0c:c0:ab:6f:d4:bb:df:97:8a:89:
f6:d8:f8:ea:0f:2f:2e:8c:06:22:77:47:f9:3a:a3:0d:3f:78:
8c:86:2c:f5:9d:0f:15:f4:df:16:97:22:f5:14:21:20:e7:eb:
03:e2:2f:9b:5d:fb:6e:bc:da:bb:09:1e:da:62:0e:07:1c:10:
d2:c6:52:d6:9c:cd:2c:be:c9:a8:72:43:b1:8c:89:65:87:50:
e8:07:49:ae:b1:18:d1:4e:54:de:f5:c1:6b:02:bd:f2:1c:03:
a2:c7:f9:82:6d:da:17:9e:82:2e:85:db:65:8d:69:9a:c3:e0:
23:f2:8c:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Oe9sq2PEGA0BCiwCiAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Y2Q0YmQzYzliZmUyMGRjY2ZlMmIxOWRlMjMwOTVjYTI0
NzQ4MzUwHhcNMjQwMTAyMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcyYmExNTlhMDU2Yzc5NWYxMjIyYmZhNDNkNTFjMjY5NWJkYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozfF/hM5GYhSDTJeZcQRtW9+QIhE
IlM8K0x/mzlq1oQzyyWUDhuyaRbgI3PjEIozwTcFUSqcex5nawBiSI4hREF3ytzV
nwB9pwdEq0GwnHzhLbcOfEXPyKJ7Q71itF7tyMCC+hYp6etH4eVXmNM4CpJcYbk6
iunLu/eK9oD3pwxoBus1KHQ+W586dR6eVg47HotDqmUIASsPX5yOELQ2V9+jS2bM
ceeX7AkbMUMunDFJvNwxYyxOl6E4sFbvZxUYD1EwBNUaeqz3sNCDxwUIUOgbBy/b
roW3UprLWXh3t7bXamm+Pnpg6OcOA2D+bl7AEH5sPsNBaIPQL3u4hlsV7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpyuhWaBWx5XxIiv6Q9UcJpW9u0MB8GA1UdIwQY
MBaAFHnNS9PJv+INzP4rGd4jCVyiR0g1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTct
MmMyYzVmYmRhMzQxLzEvU25LNkZab0ZiSGxmRWlLX3BEMVJ3bWxiMjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mZmE5NDktODZjNC00OTg0LTg1NTctMmMyYzVmYmRhMzQx
LzEvZWMxTDA4bV80ZzNNX2lzWjNpTUpYS0pIU0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ZIMA0G
CSqGSIb3DQEBCwUAA4IBAQBlxiy2c7jN8XKY0SQn9ApOPsngrdislJ+SfD/UoHtR
w+5lrlcADoJn771oznixuF0HWa/bGhJDam422MPrGMCeGiHxd2MWiObkKOwocn6m
cYBs+xfjhZ8CdFVkys2Qnr8SUcZX23C6wCJxRnfOGoBd6q/JjlJ+1iengdCwNasY
ixpO9y0SMgzAq2/Uu9+Xion22PjqDy8ujAYid0f5OqMNP3iMhiz1nQ8V9N8WlyL1
FCEg5+sD4i+bXftuvNq7CR7aYg4HHBDSxlLWnM0svsmockOxjIllh1DoB0musRjR
TlTe9cFrAr3yHAOix/mCbdoXnoIuhdtljWmaw+Aj8oxt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:02 2025 by rpki-client