Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/GJFpnTRunndxL-_lGH8DsEBdbxQ.roa
File: GJFpnTRunndxL-_lGH8DsEBdbxQ.roa (raw, json)
Hash identifier: nJp0+8lrktVMUcPBVTLQM1TCIgghnuRaTN069WMtbps=
Subject key identifier: 18:91:69:9D:34:6E:9E:77:71:2F:EF:E5:18:7F:03:B0:40:5D:6F:14
Certificate issuer: /CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
Certificate serial: 018CC9BCDC470204908181D36CCB97960591
Authority key identifier: 2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/GJFpnTRunndxL-_lGH8DsEBdbxQ.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8896
IP address blocks: 91.201.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:dc:47:02:04:90:81:81:d3:6c:cb:97:96:05:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa5f05f99e0250040a431d2bedcab7f8928e9b2
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1891699d346e9e77712fefe5187f03b0405d6f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:86:b9:fb:32:80:4e:5e:07:71:ee:83:3f:62:
bd:bc:98:f7:bf:ad:c5:44:df:18:91:65:73:e6:6d:
59:b2:f3:23:a5:d3:ca:df:4c:4d:86:4e:e4:ed:9b:
1e:1b:74:c9:3c:aa:85:e1:46:91:12:1f:53:00:5a:
f3:50:9b:bd:18:61:fc:5e:88:e6:b1:d7:76:2e:e5:
39:fc:54:1c:8b:db:d1:84:47:c6:6b:d1:87:88:6e:
59:7b:b3:6e:27:0a:86:2e:19:85:11:28:8b:27:aa:
4c:be:20:74:37:60:bd:98:62:e8:19:ed:7c:26:11:
4c:ce:2f:26:ab:99:94:c5:cf:a8:78:e5:c0:2d:cf:
57:2d:d1:d8:f7:23:ea:a1:f5:aa:66:35:f5:0c:8c:
d2:98:60:81:61:26:37:59:c3:34:32:9e:bc:b7:32:
90:6f:dd:2f:4b:f9:f1:16:ca:9c:c2:09:b4:98:b4:
06:5d:6d:2c:30:c2:eb:fd:b7:d3:c6:40:4f:b9:8d:
d5:d6:a6:10:46:75:40:2d:a5:d0:b5:3d:8a:dd:29:
1d:3a:51:1a:17:ce:ce:f4:62:79:61:d5:05:7b:af:
cf:74:e8:a3:73:58:44:cb:0d:12:41:61:a9:cf:25:
3f:da:bd:51:c3:92:6d:57:98:38:30:7e:23:f1:d0:
b5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:91:69:9D:34:6E:9E:77:71:2F:EF:E5:18:7F:03:B0:40:5D:6F:14
X509v3 Authority Key Identifier:
keyid:2F:A5:F0:5F:99:E0:25:00:40:A4:31:D2:BE:DC:AB:7F:89:28:E9:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6XwX5ngJQBApDHSvtyrf4ko6bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/GJFpnTRunndxL-_lGH8DsEBdbxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/dc06bd-e834-405f-8c33-9e5f90538336/1/L6XwX5ngJQBApDHSvtyrf4ko6bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.201.0/24
Signature Algorithm: sha256WithRSAEncryption
e9:ea:4a:33:c9:b7:7d:81:4d:2f:56:3c:35:9d:e5:e2:53:d3:
ea:a1:4d:f2:0a:ef:f3:73:f0:20:44:63:94:28:dc:ee:37:a0:
80:74:ae:e0:32:87:c4:38:76:ba:71:b0:d8:fd:b9:06:ea:d4:
4b:29:75:b5:92:31:b5:01:4f:01:fb:36:66:43:be:ff:c6:b8:
0e:bf:df:68:9e:6e:cd:f6:d8:e6:c6:70:6d:79:a7:f4:8b:3f:
65:b5:29:b0:18:49:91:b5:96:14:0c:67:e7:cd:a0:dc:09:12:
6d:5c:23:3c:39:1b:8d:28:73:21:69:f3:9e:ed:21:f9:14:0c:
d7:5c:af:83:64:06:8b:03:83:1c:b9:c2:d1:0e:e4:b5:8f:e9:
9f:ee:67:5a:04:17:32:9f:ea:ae:73:78:92:f6:a1:50:0c:b1:
a8:9b:47:dc:f4:eb:8d:ba:e1:5d:73:aa:c4:8e:0b:ae:71:4e:
bb:8c:47:15:21:0f:8f:70:94:86:0a:83:7e:5a:0a:57:78:48:
66:32:c7:91:4d:e9:6d:04:2e:f4:a2:0c:f0:b0:9a:aa:8f:49:
19:ef:17:75:3e:2f:fa:f4:df:d1:83:c4:82:96:a7:a0:c1:36:
1a:84:bc:6b:c1:43:9f:fb:34:f7:c6:a3:4e:34:4b:48:fc:c7:
f0:de:1f:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvNxHAgSQgYHTbMuXlgWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTVmMDVmOTllMDI1MDA0MGE0MzFkMmJlZGNhYjdmODky
OGU5YjIwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODkxNjk5ZDM0NmU5ZTc3NzEyZmVmZTUxODdmMDNiMDQwNWQ2ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ia5+zKATl4Hce6DP2K9vJj3v63F
RN8YkWVz5m1ZsvMjpdPK30xNhk7k7ZseG3TJPKqF4UaREh9TAFrzUJu9GGH8Xojm
sdd2LuU5/FQci9vRhEfGa9GHiG5Ze7NuJwqGLhmFESiLJ6pMviB0N2C9mGLoGe18
JhFMzi8mq5mUxc+oeOXALc9XLdHY9yPqofWqZjX1DIzSmGCBYSY3WcM0Mp68tzKQ
b90vS/nxFsqcwgm0mLQGXW0sMMLr/bfTxkBPuY3V1qYQRnVALaXQtT2K3SkdOlEa
F87O9GJ5YdUFe6/PdOijc1hEyw0SQWGpzyU/2r1Rw5JtV5g4MH4j8dC1MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiRaZ00bp53cS/v5Rh/A7BAXW8UMB8GA1UdIwQY
MBaAFC+l8F+Z4CUAQKQx0r7cq3+JKOmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZYd1g1bmdKUUJBcERIU3Z0eXJmNGtvNmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYzA2YmQtZTgzNC00MDVmLThjMzMt
OWU1ZjkwNTM4MzM2LzEvR0pGcG5UUnVubmR4TC1fbEdIOERzRUJkYnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYzA2YmQtZTgzNC00MDVmLThjMzMtOWU1ZjkwNTM4MzM2
LzEvTDZYd1g1bmdKUUJBcERIU3Z0eXJmNGtvNmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nJMA0G
CSqGSIb3DQEBCwUAA4IBAQDp6kozybd9gU0vVjw1neXiU9PqoU3yCu/zc/AgRGOU
KNzuN6CAdK7gMofEOHa6cbDY/bkG6tRLKXW1kjG1AU8B+zZmQ77/xrgOv99onm7N
9tjmxnBteaf0iz9ltSmwGEmRtZYUDGfnzaDcCRJtXCM8ORuNKHMhafOe7SH5FAzX
XK+DZAaLA4McucLRDuS1j+mf7mdaBBcyn+quc3iS9qFQDLGom0fc9OuNuuFdc6rE
jguucU67jEcVIQ+PcJSGCoN+WgpXeEhmMseRTeltBC70ogzwsJqqj0kZ7xd1Pi/6
9N/Rg8SClqegwTYahLxrwUOf+zT3xqNONEtI/Mfw3h9R
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:10 2025 by rpki-client