Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/noFZ2_yYd5YWr-e4nbel7uKNGO4.roa
File: noFZ2_yYd5YWr-e4nbel7uKNGO4.roa (raw, json)
Hash identifier: c4nJoISlKc/2g7CLjRt1KCnFhtwlAqnyu4QGAaPqWIg=
Subject key identifier: 9E:81:59:DB:FC:98:77:96:16:AF:E7:B8:9D:B7:A5:EE:E2:8D:18:EE
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192527D7ECE91CA120493AD37F4C6785AD6
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/noFZ2_yYd5YWr-e4nbel7uKNGO4.roa
Signing time: Thu 03 Oct 2024 13:06:48 +0000
ROA not before: Thu 03 Oct 2024 13:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203464
IP address blocks: 91.231.227.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 13:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:7d:7e:ce:91:ca:12:04:93:ad:37:f4:c6:78:5a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 3 13:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e8159dbfc98779616afe7b89db7a5eee28d18ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:62:81:3b:02:8e:f4:18:9b:13:48:45:4d:
b6:a3:d0:5f:3d:04:bb:60:af:9b:c1:71:24:3b:93:
1b:70:f0:9a:4d:c3:c4:88:67:e0:bd:81:83:ab:cf:
9e:04:e1:61:d7:c5:6c:71:b0:bc:c6:52:4f:6d:3a:
85:8a:3b:f1:56:e6:8c:12:8a:e1:01:79:9d:6e:82:
c7:97:1a:e8:ab:70:c6:d3:8c:a7:d1:8c:6f:f6:35:
f2:d5:0b:9e:5a:53:37:1c:8c:d1:f6:9c:49:04:7a:
5f:ae:d8:9a:bb:02:b0:b7:8b:56:d9:4f:ff:3a:96:
59:5d:5e:0e:94:b5:48:7b:e2:e1:49:ae:c1:62:22:
93:79:d5:4f:ac:54:6f:c5:98:ab:e5:89:28:8b:1e:
f0:1b:23:5f:f5:f4:cc:31:cc:50:74:15:ea:8d:7a:
f2:34:71:9b:c8:38:21:3b:29:eb:4d:6a:91:49:d6:
5e:1f:59:e8:6d:e4:1c:67:41:ce:3f:5f:f6:b5:75:
05:eb:ff:70:69:0e:ee:92:1f:04:0d:d7:dd:13:7c:
ab:3e:bf:4d:b1:95:51:9c:38:5d:69:83:80:0b:e5:
2f:f8:3d:ea:0b:be:cd:de:06:50:80:40:02:00:21:
7c:74:07:15:97:25:fc:4e:c3:b7:47:8f:7c:0c:7e:
72:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:81:59:DB:FC:98:77:96:16:AF:E7:B8:9D:B7:A5:EE:E2:8D:18:EE
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/noFZ2_yYd5YWr-e4nbel7uKNGO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.227.0/24
91.237.193.0/24
91.238.38.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6b:6a:e9:b3:b4:83:ff:5f:93:3e:ae:b4:16:cd:1f:dd:3c:
dd:b8:be:f4:85:e1:d4:37:cd:d7:9c:00:0e:c0:db:38:f8:83:
78:02:3c:24:b4:8a:4b:f1:45:e9:ef:59:80:23:6e:1f:56:47:
52:20:b2:1a:e4:e4:a7:25:f6:18:96:b6:d1:6e:b7:d3:6c:fe:
28:14:24:89:10:8a:78:89:d0:db:ea:55:cb:a2:60:bb:89:63:
44:ca:39:32:6c:93:33:08:6c:a1:84:f5:e4:42:10:6e:5f:44:
24:f5:20:f4:41:cd:e5:f9:22:a1:79:ad:ee:d4:37:d7:34:90:
59:d1:27:09:9c:b6:6f:1e:5f:15:32:a8:13:23:11:22:56:43:
b8:f1:79:d6:e9:ec:4b:46:2a:83:b8:90:dc:3c:9b:b7:7e:13:
25:a5:c3:70:95:c7:4b:49:cb:60:42:ef:8c:30:4c:bb:89:8a:
92:f1:d2:ba:b1:bc:74:1a:64:05:4e:ab:31:55:e1:0f:14:4f:
04:9a:77:d2:2b:bf:43:c6:73:aa:e3:85:f6:77:d9:c0:33:f4:
92:ae:69:08:4a:44:c2:ae:80:50:81:25:2a:d5:20:a7:23:de:
78:e4:56:b4:98:0c:13:21:b5:98:19:73:56:5a:77:ec:2f:91:
64:ea:f2:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJSfX7OkcoSBJOtN/TGeFrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDAzMTMwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTgxNTlkYmZjOTg3Nzk2MTZhZmU3Yjg5ZGI3YTVlZWUyOGQxOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHpigTsCjvQYmxNIRU22o9BfPQS7
YK+bwXEkO5MbcPCaTcPEiGfgvYGDq8+eBOFh18VscbC8xlJPbTqFijvxVuaMEorh
AXmdboLHlxroq3DG04yn0Yxv9jXy1QueWlM3HIzR9pxJBHpfrtiauwKwt4tW2U//
OpZZXV4OlLVIe+LhSa7BYiKTedVPrFRvxZir5Ykoix7wGyNf9fTMMcxQdBXqjXry
NHGbyDghOynrTWqRSdZeH1nobeQcZ0HOP1/2tXUF6/9waQ7ukh8EDdfdE3yrPr9N
sZVRnDhdaYOAC+Uv+D3qC77N3gZQgEACACF8dAcVlyX8TsO3R498DH5yrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ6BWdv8mHeWFq/nuJ23pe7ijRjuMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbm9GWjJfeVlkNVlXci1lNG5iZWw3dUtOR080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+fjAwQA
W+3BAwQAW+4mMA0GCSqGSIb3DQEBCwUAA4IBAQBEa2rps7SD/1+TPq60Fs0f3Tzd
uL70heHUN83XnAAOwNs4+IN4AjwktIpL8UXp71mAI24fVkdSILIa5OSnJfYYlrbR
brfTbP4oFCSJEIp4idDb6lXLomC7iWNEyjkybJMzCGyhhPXkQhBuX0Qk9SD0Qc3l
+SKhea3u1DfXNJBZ0ScJnLZvHl8VMqgTIxEiVkO48XnW6exLRiqDuJDcPJu3fhMl
pcNwlcdLSctgQu+MMEy7iYqS8dK6sbx0GmQFTqsxVeEPFE8EmnfSK79DxnOq44X2
d9nAM/SSrmkISkTCroBQgSUq1SCnI9545Fa0mAwTIbWYGXNWWnfsL5Fk6vL9
-----END CERTIFICATE-----
Generated at Sun May 11 23:29:54 2025 by rpki-client