Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/y9Kd_ekfDeSsK8IKg-1iUjBzcRM.roa
File: y9Kd_ekfDeSsK8IKg-1iUjBzcRM.roa (raw, json)
Hash identifier: 0JsP0es9pafQHFPtC1vpTKKcTqMOn6Gd1O2rDGERrXo=
Subject key identifier: CB:D2:9D:FD:E9:1F:0D:E4:AC:2B:C2:0A:83:ED:62:52:30:73:71:13
Certificate issuer: /CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Certificate serial: 01936D76EAAB4A506B7D5B4011560E7FB1BE
Authority key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/y9Kd_ekfDeSsK8IKg-1iUjBzcRM.roa
Signing time: Wed 27 Nov 2024 11:52:10 +0000
ROA not before: Wed 27 Nov 2024 11:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211085
IP address blocks: 91.198.87.0/24 maxlen: 24
2a02:6c20:7::/48 maxlen: 48
2a10:d4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:76:ea:ab:4a:50:6b:7d:5b:40:11:56:0e:7f:b1:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Validity
Not Before: Nov 27 11:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbd29dfde91f0de4ac2bc20a83ed625230737113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9f:09:76:f4:61:da:9f:6c:3f:c4:a7:a5:2e:
84:57:ac:5e:cb:e0:f8:40:ef:7a:40:28:dd:dd:70:
d4:86:46:23:85:2c:08:7c:d6:c6:52:2c:e9:6e:40:
ce:ab:c9:d1:71:d3:a8:15:e3:38:4d:33:e7:79:56:
55:0f:c2:a9:c3:7d:21:d1:e0:b4:43:72:e6:70:61:
12:28:e2:8b:c2:57:81:f9:a0:fa:c4:12:aa:5c:ae:
f5:b7:c7:fd:f6:f6:be:10:4f:12:e5:4c:fa:d2:58:
6f:a4:21:ae:ae:6f:20:2b:50:c2:69:49:2a:57:fd:
fb:4f:89:14:e9:3c:77:2c:4c:71:00:bb:39:53:0f:
ae:10:5b:8b:8a:83:c5:dd:6a:71:33:39:4c:42:11:
78:d8:69:fb:70:c7:77:0c:b0:91:b4:88:b5:07:c9:
6a:ef:0d:23:88:fb:af:3d:96:32:a2:f3:de:e4:15:
75:81:87:8f:fe:34:ff:da:ce:c3:13:cb:b5:ed:7b:
61:23:ce:a5:97:66:2b:c4:9f:c4:93:6b:6a:95:06:
02:fe:ab:d5:c1:34:df:62:83:50:bc:58:d9:eb:f8:
b3:1e:96:c5:16:3f:b5:cd:c4:1f:6c:b6:66:03:cd:
3e:93:e5:7c:8e:1c:5e:ad:e0:03:ad:13:19:66:ac:
bc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D2:9D:FD:E9:1F:0D:E4:AC:2B:C2:0A:83:ED:62:52:30:73:71:13
X509v3 Authority Key Identifier:
keyid:EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/y9Kd_ekfDeSsK8IKg-1iUjBzcRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.87.0/24
IPv6:
2a02:6c20:7::/48
2a10:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:3f:97:06:71:9a:70:52:cb:ba:96:a0:e3:92:e9:34:a9:fc:
ba:2a:4f:67:d9:0b:ef:b3:a1:d0:ec:90:52:18:1c:2e:9e:54:
86:5f:17:a3:ec:fb:b9:03:12:26:b5:7f:86:b0:fb:aa:63:ca:
0f:f3:a1:31:60:35:b3:7d:f8:de:02:fa:4d:8b:b5:04:63:65:
8c:7a:9e:89:14:9d:04:9c:9b:78:5f:68:b5:0f:5e:a1:9c:5b:
79:4d:ba:e2:b2:9c:b3:6a:97:eb:dd:d7:1e:30:4a:8e:89:75:
79:a8:72:3c:7d:b1:bb:67:58:b1:bf:2a:da:8f:8c:47:46:5d:
ed:68:1a:48:93:bd:ce:76:40:78:d9:06:f4:79:5e:29:a8:a1:
31:41:69:1f:0a:96:d9:67:3d:b8:98:99:f0:da:a9:fe:ad:1a:
a7:e2:d1:bd:7f:79:85:71:48:28:0e:2f:6f:45:1b:3e:82:aa:
42:8a:64:38:98:94:24:74:ab:aa:01:87:b5:29:f3:bf:c4:a2:
bb:45:5a:c9:72:a9:53:a6:7a:80:e4:00:a8:bb:84:25:47:50:
a0:4c:6a:c7:e4:35:c6:5e:a3:cd:72:d1:7a:fc:99:36:38:0f:
f3:b7:df:b8:a8:e4:1d:5b:57:b5:65:5a:b6:99:fb:64:e1:83:
f1:55:38:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNtduqrSlBrfVtAEVYOf7G+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYjU5Yjc5MWM3YTExZDIzMmE5NWM3ZWYxNjkyODVjYWVh
Njk1YmMwHhcNMjQxMTI3MTE1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQyOWRmZGU5MWYwZGU0YWMyYmMyMGE4M2VkNjI1MjMwNzM3MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ8JdvRh2p9sP8SnpS6EV6xey+D4
QO96QCjd3XDUhkYjhSwIfNbGUizpbkDOq8nRcdOoFeM4TTPneVZVD8Kpw30h0eC0
Q3LmcGESKOKLwleB+aD6xBKqXK71t8f99va+EE8S5Uz60lhvpCGurm8gK1DCaUkq
V/37T4kU6Tx3LExxALs5Uw+uEFuLioPF3WpxMzlMQhF42Gn7cMd3DLCRtIi1B8lq
7w0jiPuvPZYyovPe5BV1gYeP/jT/2s7DE8u17XthI86ll2YrxJ/Ek2tqlQYC/qvV
wTTfYoNQvFjZ6/izHpbFFj+1zcQfbLZmA80+k+V8jhxereADrRMZZqy8CQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMvSnf3pHw3krCvCCoPtYlIwc3ETMB8GA1UdIwQY
MBaAFO61m3kcehHSMqlcfvFpKFyuppW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMt
YTY3ZDhjN2VkN2NhLzEveTlLZF9la2ZEZVNzSzhJS2ctMWlVakJ6Y1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMtYTY3ZDhjN2VkN2Nh
LzEvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW8ZXMBYE
AgACMBADBwAqAmwgAAcDBQMqENTAMA0GCSqGSIb3DQEBCwUAA4IBAQCxP5cGcZpw
Usu6lqDjkuk0qfy6Kk9n2Qvvs6HQ7JBSGBwunlSGXxej7Pu5AxImtX+GsPuqY8oP
86ExYDWzffjeAvpNi7UEY2WMep6JFJ0EnJt4X2i1D16hnFt5Tbrispyzapfr3dce
MEqOiXV5qHI8fbG7Z1ixvyraj4xHRl3taBpIk73OdkB42Qb0eV4pqKExQWkfCpbZ
Zz24mJnw2qn+rRqn4tG9f3mFcUgoDi9vRRs+gqpCimQ4mJQkdKuqAYe1KfO/xKK7
RVrJcqlTpnqA5ACou4QlR1CgTGrH5DXGXqPNctF6/Jk2OA/zt9+4qOQdW1e1ZVq2
mftk4YPxVTjI
-----END CERTIFICATE-----
Generated at Mon May 12 00:13:58 2025 by rpki-client