Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FJzF1hW9v32Ym5H36iECqRmU7as.roa
File: FJzF1hW9v32Ym5H36iECqRmU7as.roa (raw, json)
Hash identifier: goiI78EHgKwIEEiPjKH6BSY/HBZ9h/E7GQfXq8RDQc4=
Subject key identifier: 14:9C:C5:D6:15:BD:BF:7D:98:9B:91:F7:EA:21:02:A9:19:94:ED:AB
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDCEB2D958A636A0D310EAB53B0DB
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FJzF1hW9v32Ym5H36iECqRmU7as.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49617
IP address blocks: 91.215.60.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 11 Jun 2024 09:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:dc:eb:2d:95:8a:63:6a:0d:31:0e:ab:53:b0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=149cc5d615bdbf7d989b91f7ea2102a91994edab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:ad:01:35:da:c7:ce:25:b3:44:10:02:5d:
ad:7c:ce:bb:df:aa:cd:6a:05:86:3d:5a:fa:8b:f2:
a8:a1:20:4e:3b:13:1e:5e:00:76:2e:37:2e:cc:ef:
d0:8f:ba:b8:ed:82:28:0f:b4:f5:7c:58:a3:b0:e7:
c8:db:ce:2c:ad:eb:ae:b4:da:75:64:9d:66:5b:ba:
23:d0:29:52:10:ba:3a:93:c6:0e:e0:78:d8:ca:32:
6f:f5:a9:29:67:68:c1:f7:89:e7:8a:a4:9d:25:47:
e7:e3:70:68:10:1e:cf:59:b2:ca:b1:f9:bb:d1:9b:
5c:f3:43:6d:6f:7d:af:4d:c2:6d:52:6a:5f:2d:4d:
a0:46:ac:60:47:2b:6b:8f:b5:80:e6:14:42:33:05:
c2:fd:a7:f9:d8:62:c2:82:38:d5:9d:9c:8f:3c:e7:
04:42:15:71:c4:aa:d5:12:79:1b:13:c2:fd:0c:7e:
dd:2e:ab:6a:8c:c3:de:96:dc:6d:16:27:10:24:0c:
4a:8d:01:69:f4:05:0f:31:69:35:33:21:c3:ac:d9:
af:26:2a:05:82:58:80:e4:bf:8a:d0:d8:1a:a9:b4:
bc:e9:4a:13:4b:dc:8c:54:24:16:38:22:d2:3c:b6:
1b:38:a6:a1:96:91:a0:01:2a:be:c7:d1:83:9a:d5:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9C:C5:D6:15:BD:BF:7D:98:9B:91:F7:EA:21:02:A9:19:94:ED:AB
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FJzF1hW9v32Ym5H36iECqRmU7as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.60.0/23
Signature Algorithm: sha256WithRSAEncryption
76:d0:3e:46:0c:93:4d:26:bd:57:47:18:bb:53:32:e8:86:49:
05:12:67:d1:08:fe:27:76:8b:96:94:4b:7e:d6:d2:ad:96:f1:
96:8f:5e:a5:30:58:32:75:c0:f8:a2:bc:1d:3f:d5:cc:85:b1:
ad:0b:af:6e:9d:26:9a:e8:a8:aa:84:6b:95:31:e7:4a:fb:da:
a8:c1:e4:22:3f:3d:82:4f:1d:de:2f:26:39:5e:f8:69:41:03:
24:ff:98:7e:aa:bc:61:85:3e:20:99:dc:8a:30:8f:e1:11:7e:
5b:0b:fc:80:7d:85:33:bb:c1:24:97:bc:59:fc:09:83:a2:a5:
3f:2d:47:21:2a:7b:5f:2a:b5:e7:85:b8:75:d2:ac:d1:7a:04:
38:76:71:27:8e:ce:58:57:0a:49:25:7b:49:9f:19:36:fc:8a:
bc:cf:39:91:73:a5:e3:5a:74:14:fa:02:3e:6f:27:1a:2e:81:
4c:74:fd:b0:3c:82:8b:b4:c6:99:ea:6a:91:8d:97:8e:02:fa:
80:d6:5d:bb:30:11:99:04:09:e0:87:76:2a:41:7c:3c:e4:bb:
d5:e3:3f:57:69:0b:7c:a7:6f:c6:a1:b1:c4:55:85:e8:fe:6f:
1c:1e:b5:8e:86:c3:ce:56:34:7b:26:e1:ac:06:a4:fc:fc:40:
6c:b7:13:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3tzrLZWKY2oNMQ6rU7DbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDljYzVkNjE1YmRiZjdkOTg5YjkxZjdlYTIxMDJhOTE5OTRlZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimWtATXax84ls0QQAl2tfM6736rN
agWGPVr6i/KooSBOOxMeXgB2LjcuzO/Qj7q47YIoD7T1fFijsOfI284sreuutNp1
ZJ1mW7oj0ClSELo6k8YO4HjYyjJv9akpZ2jB94nniqSdJUfn43BoEB7PWbLKsfm7
0Ztc80Ntb32vTcJtUmpfLU2gRqxgRytrj7WA5hRCMwXC/af52GLCgjjVnZyPPOcE
QhVxxKrVEnkbE8L9DH7dLqtqjMPeltxtFicQJAxKjQFp9AUPMWk1MyHDrNmvJioF
gliA5L+K0NgaqbS86UoTS9yMVCQWOCLSPLYbOKahlpGgASq+x9GDmtXsKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBScxdYVvb99mJuR9+ohAqkZlO2rMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvRkp6RjFoVzl2MzJZbTVIMzZpRUNxUm1VN2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9c8MA0G
CSqGSIb3DQEBCwUAA4IBAQB20D5GDJNNJr1XRxi7UzLohkkFEmfRCP4ndouWlEt+
1tKtlvGWj16lMFgydcD4orwdP9XMhbGtC69unSaa6KiqhGuVMedK+9qoweQiPz2C
Tx3eLyY5XvhpQQMk/5h+qrxhhT4gmdyKMI/hEX5bC/yAfYUzu8Ekl7xZ/AmDoqU/
LUchKntfKrXnhbh10qzRegQ4dnEnjs5YVwpJJXtJnxk2/Iq8zzmRc6XjWnQU+gI+
bycaLoFMdP2wPIKLtMaZ6mqRjZeOAvqA1l27MBGZBAngh3YqQXw85LvV4z9XaQt8
p2/GobHEVYXo/m8cHrWOhsPOVjR7JuGsBqT8/EBstxN0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:43 2025 by rpki-client