Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/wZPE8ZMLzNNcD0IBdPQt7l4qetA.roa
File: wZPE8ZMLzNNcD0IBdPQt7l4qetA.roa (raw, json)
Hash identifier: sAx6AoxvrSeJEYTzygNRcGvz/YaiDzOTe3ex33/h7P4=
Subject key identifier: C1:93:C4:F1:93:0B:CC:D3:5C:0F:42:01:74:F4:2D:EE:5E:2A:7A:D0
Certificate issuer: /CN=af9549176f966d3a221410079097c87f0e1d20b1
Certificate serial: 018CC3B6F36C9218109C1DE29DA5893F98B1
Authority key identifier: AF:95:49:17:6F:96:6D:3A:22:14:10:07:90:97:C8:7F:0E:1D:20:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5VJF2-WbToiFBAHkJfIfw4dILE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/wZPE8ZMLzNNcD0IBdPQt7l4qetA.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44105
IP address blocks: 91.201.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f3:6c:92:18:10:9c:1d:e2:9d:a5:89:3f:98:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9549176f966d3a221410079097c87f0e1d20b1
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c193c4f1930bccd35c0f420174f42dee5e2a7ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:b4:f3:eb:0e:b8:c0:a8:6a:52:ec:e5:c4:
77:f5:c6:75:28:6f:26:ed:bd:7f:ac:21:ae:81:23:
f0:24:6c:a6:52:02:55:42:94:59:9f:4d:3b:62:c3:
9b:5d:1d:e4:bb:29:a6:2c:3e:51:72:19:ec:0d:d6:
6d:06:a8:91:60:37:bf:f9:b6:c8:e9:be:4a:a0:20:
06:84:7f:97:6c:2d:b1:9b:ef:b0:1f:01:b5:cb:f9:
24:3d:1c:a3:96:09:f2:31:af:b7:f6:1d:ba:ac:14:
8b:04:ab:af:c5:8f:1d:46:bf:9a:2c:97:6c:f7:bd:
52:c0:ae:c6:3a:81:1e:b0:dd:9a:f5:a6:64:f1:95:
e2:4f:1d:3b:66:c3:b6:2c:36:3f:8d:4f:ed:b9:31:
be:39:d2:64:cd:c2:fa:cd:1f:70:84:77:4b:9c:31:
f5:83:2f:15:d2:cd:12:29:11:4e:7a:6d:59:ed:ce:
ea:8a:44:4e:3d:24:28:27:ec:93:34:43:58:65:59:
91:88:71:3d:9c:77:30:ee:13:f8:71:a5:4b:e6:54:
d5:e1:28:19:fe:2c:5e:d2:d2:b1:3f:08:12:6b:02:
2a:27:14:64:55:bb:f8:c9:64:50:15:4d:2c:4c:62:
64:1c:0a:a5:e0:a1:5c:ee:98:eb:fc:33:6c:b3:17:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:93:C4:F1:93:0B:CC:D3:5C:0F:42:01:74:F4:2D:EE:5E:2A:7A:D0
X509v3 Authority Key Identifier:
keyid:AF:95:49:17:6F:96:6D:3A:22:14:10:07:90:97:C8:7F:0E:1D:20:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5VJF2-WbToiFBAHkJfIfw4dILE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/wZPE8ZMLzNNcD0IBdPQt7l4qetA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/859170-a974-4ae3-a020-3ea59d96a790/1/r5VJF2-WbToiFBAHkJfIfw4dILE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.12.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ca:ab:63:ff:14:85:76:74:6c:4c:74:94:c1:ee:53:19:6d:
5c:0b:c7:06:89:ea:87:cd:80:db:ef:a7:09:3f:35:de:07:a2:
5d:87:c6:ca:f3:bb:57:90:89:e7:1f:cf:32:ee:35:a1:af:9c:
0d:3d:2d:fe:13:c3:57:c3:59:64:63:4d:92:84:7a:57:23:34:
b0:cf:a2:76:83:3c:8b:4e:cc:21:51:a1:64:4b:c4:dc:e9:c7:
fb:ba:07:a6:7f:5a:02:22:d1:bf:03:f5:f4:f8:57:02:4f:9e:
b4:6d:4a:94:62:12:74:30:8e:61:56:4a:63:a9:a4:91:ed:48:
fb:50:8a:a7:53:7d:9d:88:34:b1:80:c3:6d:1f:d0:cd:22:0a:
0a:d9:82:95:71:35:69:db:3f:10:09:82:8c:cb:16:8c:02:d6:
0a:4f:c1:58:1e:e4:32:89:56:a3:c4:c3:67:3d:38:79:da:9b:
b3:4c:70:2f:28:f8:8a:81:bd:cd:e8:b1:e5:72:38:e0:5f:49:
8c:32:3b:67:79:39:31:09:78:03:7f:e8:a5:ad:c6:75:0b:ee:
cc:03:96:36:fc:5c:09:ba:f3:cd:0f:8b:34:5e:18:7f:b4:b2:
1d:1a:5c:d1:92:89:0c:be:95:06:c7:38:73:31:ba:f8:0c:23:
f9:83:4e:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvNskhgQnB3inaWJP5ixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTU0OTE3NmY5NjZkM2EyMjE0MTAwNzkwOTdjODdmMGUx
ZDIwYjEwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkzYzRmMTkzMGJjY2QzNWMwZjQyMDE3NGY0MmRlZTVlMmE3YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwW08+sOuMCoalLs5cR39cZ1KG8m
7b1/rCGugSPwJGymUgJVQpRZn007YsObXR3kuymmLD5RchnsDdZtBqiRYDe/+bbI
6b5KoCAGhH+XbC2xm++wHwG1y/kkPRyjlgnyMa+39h26rBSLBKuvxY8dRr+aLJds
971SwK7GOoEesN2a9aZk8ZXiTx07ZsO2LDY/jU/tuTG+OdJkzcL6zR9whHdLnDH1
gy8V0s0SKRFOem1Z7c7qikROPSQoJ+yTNENYZVmRiHE9nHcw7hP4caVL5lTV4SgZ
/ixe0tKxPwgSawIqJxRkVbv4yWRQFU0sTGJkHAql4KFc7pjr/DNssxduDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGTxPGTC8zTXA9CAXT0Le5eKnrQMB8GA1UdIwQY
MBaAFK+VSRdvlm06IhQQB5CXyH8OHSCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVWSkYyLVdiVG9pRkJBSGtKZklmdzRkSUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84NTkxNzAtYTk3NC00YWUzLWEwMjAt
M2VhNTlkOTZhNzkwLzEvd1pQRThaTUx6Tk5jRDBJQmRQUXQ3bDRxZXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84NTkxNzAtYTk3NC00YWUzLWEwMjAtM2VhNTlkOTZhNzkw
LzEvcjVWSkYyLVdiVG9pRkJBSGtKZklmdzRkSUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8kMMA0G
CSqGSIb3DQEBCwUAA4IBAQAzyqtj/xSFdnRsTHSUwe5TGW1cC8cGieqHzYDb76cJ
PzXeB6Jdh8bK87tXkInnH88y7jWhr5wNPS3+E8NXw1lkY02ShHpXIzSwz6J2gzyL
TswhUaFkS8Tc6cf7ugemf1oCItG/A/X0+FcCT560bUqUYhJ0MI5hVkpjqaSR7Uj7
UIqnU32diDSxgMNtH9DNIgoK2YKVcTVp2z8QCYKMyxaMAtYKT8FYHuQyiVajxMNn
PTh52puzTHAvKPiKgb3N6LHlcjjgX0mMMjtneTkxCXgDf+ilrcZ1C+7MA5Y2/FwJ
uvPND4s0Xhh/tLIdGlzRkokMvpUGxzhzMbr4DCP5g07P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:55 2025 by rpki-client