Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/0cKvWkFWGbY9Zq40I-EtAWNzL4M.roa
File: 0cKvWkFWGbY9Zq40I-EtAWNzL4M.roa (raw, json)
Hash identifier: a9BO9AKB6DhNAxk79BJC6zIhzBsbenju5rkGbPuevW8=
Subject key identifier: D1:C2:AF:5A:41:56:19:B6:3D:66:AE:34:23:E1:2D:01:63:73:2F:83
Certificate issuer: /CN=350cce1b9d06dcce8856659536499c1603391370
Certificate serial: 018CC6B780BE5487F55C684726EAA751FF42
Authority key identifier: 35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/0cKvWkFWGbY9Zq40I-EtAWNzL4M.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51815
IP address blocks: 91.209.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:80:be:54:87:f5:5c:68:47:26:ea:a7:51:ff:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350cce1b9d06dcce8856659536499c1603391370
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c2af5a415619b63d66ae3423e12d0163732f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:70:63:e8:ae:59:ca:c4:7c:60:ae:d2:67:
bf:75:e2:86:9e:dc:c4:bc:2e:79:a6:d9:16:f1:9e:
09:a0:06:56:77:c6:c0:06:ce:fe:8f:52:15:6e:fa:
b6:76:02:23:d8:e2:3f:5a:12:7a:19:e8:ac:45:a1:
d9:89:e9:a1:47:ac:96:e1:31:51:bf:a5:52:05:f4:
03:e4:40:75:a4:96:0d:fc:21:d1:00:0c:93:4d:19:
24:4a:5e:90:df:83:81:04:88:ad:7f:ee:25:81:37:
9b:4c:89:81:fb:cb:d9:58:cf:af:c8:c9:7a:d4:44:
4b:51:fb:e7:02:2f:11:64:a3:8e:35:a9:c2:60:00:
a9:04:1a:d9:7a:84:52:33:b2:df:7c:45:83:1e:d4:
38:fa:4e:47:bd:06:43:0c:40:91:19:4c:bf:3d:46:
30:04:75:83:0a:dd:75:3e:81:c4:25:f7:e5:18:58:
99:20:3d:9f:4a:a0:10:a2:d2:a4:6a:46:dc:cd:94:
cd:88:a9:00:45:50:09:e1:00:d3:ec:19:61:8d:3d:
79:43:f8:95:72:02:c7:9e:14:0c:48:4b:8d:e6:37:
b1:ab:40:75:d6:cb:7b:4d:62:a9:a0:2d:77:88:0d:
84:ef:f1:34:15:22:7a:7c:53:e2:fa:f6:57:5c:b9:
0a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C2:AF:5A:41:56:19:B6:3D:66:AE:34:23:E1:2D:01:63:73:2F:83
X509v3 Authority Key Identifier:
keyid:35:0C:CE:1B:9D:06:DC:CE:88:56:65:95:36:49:9C:16:03:39:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQzOG50G3M6IVmWVNkmcFgM5E3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/0cKvWkFWGbY9Zq40I-EtAWNzL4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f52db9-8e25-4297-93fd-55415a0ba73b/1/NQzOG50G3M6IVmWVNkmcFgM5E3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.88.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e1:bb:64:bd:d8:02:31:2c:b7:2c:1c:5e:f2:6e:0e:18:b2:
d7:2a:c8:c7:74:69:e9:85:ec:7f:ac:61:e9:49:30:7b:a1:9e:
f6:7c:03:8f:57:a3:f4:bf:64:3c:56:51:c2:ab:cc:ff:f3:47:
05:8d:5a:dd:5e:53:be:f2:0b:0e:7b:fe:e0:c5:18:00:e6:2f:
1d:39:8b:95:eb:07:e3:3e:e6:2b:34:5a:35:4c:19:ba:54:5a:
bb:ef:e1:d8:cd:9c:fa:3d:cf:8d:53:c9:ca:fd:59:f4:08:dd:
16:13:06:1b:e3:ce:33:11:7a:6c:ca:38:0a:22:8d:d1:69:ca:
b4:60:aa:84:d6:38:02:2f:21:95:38:cc:d9:7c:79:4d:a7:23:
38:0b:5f:66:d4:3a:26:06:5a:cf:ad:b6:8b:bb:74:15:e6:57:
55:16:47:72:e3:b1:e3:df:41:69:34:ba:b6:5c:7b:22:a4:0f:
09:b7:d4:da:f2:62:28:6d:c2:3e:89:3b:14:16:38:53:55:1f:
33:09:8a:a6:75:39:37:f3:ff:e8:c4:87:84:b1:42:05:bd:0c:
9e:b0:75:ec:bb:72:7b:1d:29:a7:ec:d7:71:25:d1:c8:5d:d9:
11:73:c7:da:84:6f:83:1b:8e:c6:f4:32:b4:0e:13:2a:a7:7c:
c6:19:ab:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4C+VIf1XGhHJuqnUf9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGNjZTFiOWQwNmRjY2U4ODU2NjU5NTM2NDk5YzE2MDMz
OTEzNzAwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMyYWY1YTQxNTYxOWI2M2Q2NmFlMzQyM2UxMmQwMTYzNzMyZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY1wY+iuWcrEfGCu0me/deKGntzE
vC55ptkW8Z4JoAZWd8bABs7+j1IVbvq2dgIj2OI/WhJ6GeisRaHZiemhR6yW4TFR
v6VSBfQD5EB1pJYN/CHRAAyTTRkkSl6Q34OBBIitf+4lgTebTImB+8vZWM+vyMl6
1ERLUfvnAi8RZKOONanCYACpBBrZeoRSM7LffEWDHtQ4+k5HvQZDDECRGUy/PUYw
BHWDCt11PoHEJfflGFiZID2fSqAQotKkakbczZTNiKkARVAJ4QDT7BlhjT15Q/iV
cgLHnhQMSEuN5jexq0B11st7TWKpoC13iA2E7/E0FSJ6fFPi+vZXXLkKUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHCr1pBVhm2PWauNCPhLQFjcy+DMB8GA1UdIwQY
MBaAFDUMzhudBtzOiFZllTZJnBYDORNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQt
NTU0MTVhMGJhNzNiLzEvMGNLdldrRldHYlk5WnE0MEktRXRBV056TDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mNTJkYjktOGUyNS00Mjk3LTkzZmQtNTU0MTVhMGJhNzNi
LzEvTlF6T0c1MEczTTZJVm1XVk5rbWNGZ001RTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FYMA0G
CSqGSIb3DQEBCwUAA4IBAQAS4btkvdgCMSy3LBxe8m4OGLLXKsjHdGnphex/rGHp
STB7oZ72fAOPV6P0v2Q8VlHCq8z/80cFjVrdXlO+8gsOe/7gxRgA5i8dOYuV6wfj
PuYrNFo1TBm6VFq77+HYzZz6Pc+NU8nK/Vn0CN0WEwYb484zEXpsyjgKIo3Racq0
YKqE1jgCLyGVOMzZfHlNpyM4C19m1DomBlrPrbaLu3QV5ldVFkdy47Hj30FpNLq2
XHsipA8Jt9Ta8mIobcI+iTsUFjhTVR8zCYqmdTk38//oxIeEsUIFvQyesHXsu3J7
HSmn7NdxJdHIXdkRc8fahG+DG47G9DK0DhMqp3zGGavG
-----END CERTIFICATE-----
Generated at Fri May 2 11:20:35 2025 by rpki-client