Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/42f7f8-7407-432d-bbb5-0d339707cb88/1/_-NFwzI2xGfyJvGLH9WaFm823Dk.roa
File: _-NFwzI2xGfyJvGLH9WaFm823Dk.roa (raw, json)
Hash identifier: RucIHj0PwZdgvfceYQaphYIXSd4VxMjes371/qIo/GU=
Subject key identifier: FF:E3:45:C3:32:36:C4:67:F2:26:F1:8B:1F:D5:9A:16:6F:36:DC:39
Certificate issuer: /CN=a5097a156aef2f82ff13b3c16aff6f7e16db02c8
Certificate serial: 018F14AD7A5F341011D36A51CC2132850628
Authority key identifier: A5:09:7A:15:6A:EF:2F:82:FF:13:B3:C1:6A:FF:6F:7E:16:DB:02:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQl6FWrvL4L_E7PBav9vfhbbAsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/42f7f8-7407-432d-bbb5-0d339707cb88/1/_-NFwzI2xGfyJvGLH9WaFm823Dk.roa
Signing time: Thu 25 Apr 2024 09:54:24 +0000
ROA not before: Thu 25 Apr 2024 09:54:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35421
IP address blocks: 91.209.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:ad:7a:5f:34:10:11:d3:6a:51:cc:21:32:85:06:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5097a156aef2f82ff13b3c16aff6f7e16db02c8
Validity
Not Before: Apr 25 09:54:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffe345c33236c467f226f18b1fd59a166f36dc39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:87:52:68:62:37:13:d7:55:f2:8d:f8:e8:4b:
ec:7b:f1:b7:82:38:dc:f2:73:81:2b:f6:ff:bc:42:
a6:c8:8b:13:15:b4:2c:fa:ce:8b:16:a4:be:ee:11:
9e:5b:15:77:f3:ca:69:40:20:d6:64:4d:0e:76:41:
46:4f:e5:fa:12:34:01:10:48:0f:7a:36:5d:24:5e:
76:4f:13:19:88:38:0f:31:e7:9a:5b:d5:81:a9:92:
12:fa:c2:f3:2e:ca:b6:06:70:0a:09:0e:d7:ef:bb:
b2:90:28:6c:ee:fc:a8:3c:01:ac:80:9d:b4:dd:a4:
7c:cb:69:c5:cf:a8:ea:ac:0d:8e:ba:42:cf:d4:35:
eb:a2:57:e8:4c:51:84:f8:4c:f1:7b:fa:e5:2e:81:
3d:09:0d:9b:23:3a:f9:9d:11:78:f2:5f:62:1a:47:
50:ec:5c:d5:aa:4a:b4:af:b6:b5:dd:af:56:01:1b:
86:2d:2f:65:aa:ad:b4:ec:31:4d:e2:90:4f:e1:fc:
a3:4d:48:8e:3b:41:4c:1b:3c:54:ff:3a:91:c7:00:
4f:38:b9:83:30:2c:45:b7:7c:72:de:64:bb:0b:a9:
18:31:76:27:db:00:b9:59:87:50:e3:f8:e3:52:4b:
4d:0d:2c:2d:b1:02:22:cc:30:b3:54:e2:3c:51:19:
f6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E3:45:C3:32:36:C4:67:F2:26:F1:8B:1F:D5:9A:16:6F:36:DC:39
X509v3 Authority Key Identifier:
keyid:A5:09:7A:15:6A:EF:2F:82:FF:13:B3:C1:6A:FF:6F:7E:16:DB:02:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQl6FWrvL4L_E7PBav9vfhbbAsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/42f7f8-7407-432d-bbb5-0d339707cb88/1/_-NFwzI2xGfyJvGLH9WaFm823Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/42f7f8-7407-432d-bbb5-0d339707cb88/1/pQl6FWrvL4L_E7PBav9vfhbbAsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:0c:de:82:a5:c2:85:43:58:dd:f4:4f:32:dc:68:fc:79:2b:
66:33:1c:7f:d4:95:d4:61:66:a7:95:2f:45:c3:8f:d4:1e:23:
e0:13:19:23:89:f1:1f:11:59:b3:f5:5e:d4:dc:fe:22:37:1f:
4d:46:42:d5:19:a5:21:a7:f2:39:23:1a:8a:1d:7f:60:93:54:
a0:44:32:ed:92:1d:14:fd:a3:fa:78:ff:e2:5e:86:df:63:1f:
35:ef:93:7d:c7:3d:a1:e1:d9:0f:15:e2:f5:e3:7d:7a:79:5e:
a2:6d:3f:00:85:88:bb:8c:f9:30:b6:e1:12:94:b8:74:04:9d:
7b:1a:81:d6:b2:87:6e:02:7b:91:fa:8d:6d:7c:3c:d0:db:83:
ee:4f:8c:c4:4e:a4:6b:c3:c5:89:a9:90:9c:1b:f6:6e:b1:ed:
70:8d:9f:d5:88:ec:bd:fb:4b:8f:6b:48:87:0b:78:e9:33:72:
b6:a2:fb:25:16:05:8e:67:0e:5a:fd:56:52:96:fa:18:ee:25:
24:af:73:d3:90:9d:09:cb:f0:ec:2e:e2:cc:97:31:33:94:f7:
ec:37:84:d6:20:74:b8:8f:46:8f:43:0e:b0:6f:50:c6:cd:ab:
58:19:11:4c:9e:e7:e8:d4:94:43:11:97:fe:f2:59:0d:62:8c:
e3:91:d6:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8UrXpfNBAR02pRzCEyhQYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDk3YTE1NmFlZjJmODJmZjEzYjNjMTZhZmY2ZjdlMTZk
YjAyYzgwHhcNMjQwNDI1MDk1NDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmUzNDVjMzMyMzZjNDY3ZjIyNmYxOGIxZmQ1OWExNjZmMzZkYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0odSaGI3E9dV8o346Evse/G3gjjc
8nOBK/b/vEKmyIsTFbQs+s6LFqS+7hGeWxV388ppQCDWZE0OdkFGT+X6EjQBEEgP
ejZdJF52TxMZiDgPMeeaW9WBqZIS+sLzLsq2BnAKCQ7X77uykChs7vyoPAGsgJ20
3aR8y2nFz6jqrA2OukLP1DXrolfoTFGE+Ezxe/rlLoE9CQ2bIzr5nRF48l9iGkdQ
7FzVqkq0r7a13a9WARuGLS9lqq207DFN4pBP4fyjTUiOO0FMGzxU/zqRxwBPOLmD
MCxFt3xy3mS7C6kYMXYn2wC5WYdQ4/jjUktNDSwtsQIizDCzVOI8URn2vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/jRcMyNsRn8ibxix/VmhZvNtw5MB8GA1UdIwQY
MBaAFKUJehVq7y+C/xOzwWr/b34W2wLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFsNkZXcnZMNExfRTdQQmF2OXZmaGJiQXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi80MmY3ZjgtNzQwNy00MzJkLWJiYjUt
MGQzMzk3MDdjYjg4LzEvXy1ORnd6STJ4R2Z5SnZHTEg5V2FGbTgyM0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi80MmY3ZjgtNzQwNy00MzJkLWJiYjUtMGQzMzk3MDdjYjg4
LzEvcFFsNkZXcnZMNExfRTdQQmF2OXZmaGJiQXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ENMA0G
CSqGSIb3DQEBCwUAA4IBAQAtDN6CpcKFQ1jd9E8y3Gj8eStmMxx/1JXUYWanlS9F
w4/UHiPgExkjifEfEVmz9V7U3P4iNx9NRkLVGaUhp/I5IxqKHX9gk1SgRDLtkh0U
/aP6eP/iXobfYx8175N9xz2h4dkPFeL14316eV6ibT8AhYi7jPkwtuESlLh0BJ17
GoHWsoduAnuR+o1tfDzQ24PuT4zETqRrw8WJqZCcG/Zuse1wjZ/ViOy9+0uPa0iH
C3jpM3K2ovslFgWOZw5a/VZSlvoY7iUkr3PTkJ0Jy/DsLuLMlzEzlPfsN4TWIHS4
j0aPQw6wb1DGzatYGRFMnufo1JRDEZf+8lkNYozjkdZH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:02 2025 by rpki-client