Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/cAgGaKJljpoTsMiazVxGA65nQz4.roa
File: cAgGaKJljpoTsMiazVxGA65nQz4.roa (raw, json)
Hash identifier: jIlMquZcFJgSbLzXB1eIVq4pDNY2OkKnY7QsIf7w0XQ=
Subject key identifier: 70:08:06:68:A2:65:8E:9A:13:B0:C8:9A:CD:5C:46:03:AE:67:43:3E
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 0193CFA6E8D6E6693F668174A001F2426B3A
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/cAgGaKJljpoTsMiazVxGA65nQz4.roa
Signing time: Mon 16 Dec 2024 13:27:22 +0000
ROA not before: Mon 16 Dec 2024 13:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31480
IP address blocks: 91.196.32.0/22 maxlen: 22
185.59.136.0/24 maxlen: 24
193.151.108.0/22 maxlen: 22
193.151.108.0/24 maxlen: 24
193.151.110.0/24 maxlen: 24
2a0c:1d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:a6:e8:d6:e6:69:3f:66:81:74:a0:01:f2:42:6b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Dec 16 13:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70080668a2658e9a13b0c89acd5c4603ae67433e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:40:26:8c:9a:6e:93:6b:da:43:dc:f1:c0:
6a:d5:92:65:92:ff:93:27:9f:db:76:c3:52:23:7e:
d6:fe:f9:da:de:29:fb:09:f5:0c:86:12:00:a4:03:
8c:10:5d:de:4c:3d:8a:27:38:cd:a5:98:77:e1:af:
2a:c5:11:22:47:33:bf:7b:95:d7:8d:9f:c5:fb:f7:
63:78:7b:ea:53:72:8a:ff:f8:08:96:2f:00:be:75:
93:a8:3b:1e:a6:f4:1b:20:26:64:e1:c4:44:f8:44:
73:10:1c:6e:c7:dd:b7:bc:7c:ad:13:38:8b:a0:cd:
2f:88:98:3c:f7:d8:68:f4:b1:ba:21:15:12:b9:34:
fa:1e:f9:bb:5b:5c:70:35:5b:26:a7:b0:de:88:e0:
a0:fd:fd:ae:4e:b5:7e:89:31:bb:72:a3:68:65:af:
81:f5:21:bd:05:00:b7:2c:41:54:94:83:2a:81:27:
81:8d:ac:a7:b5:4b:76:e9:71:89:8b:ba:00:14:4d:
e1:ee:4c:70:16:5e:20:10:8e:41:dd:b4:5c:39:78:
83:9b:4b:03:bb:db:0c:a9:b3:f5:72:4a:f6:0c:f3:
ec:4c:35:c6:cc:18:53:06:27:18:b2:fb:e3:67:9c:
3a:a2:dc:39:4e:6f:e1:9e:ef:62:21:0a:cf:27:5c:
32:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:08:06:68:A2:65:8E:9A:13:B0:C8:9A:CD:5C:46:03:AE:67:43:3E
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/cAgGaKJljpoTsMiazVxGA65nQz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
185.59.136.0/24
193.151.108.0/22
IPv6:
2a0c:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
57:23:63:33:c8:fb:41:d9:67:d0:ab:12:14:3d:a4:d9:fd:bf:
0a:57:70:1f:c7:ad:6f:6f:9d:26:80:90:68:86:ea:c4:b5:24:
ba:c6:90:49:73:96:9b:d7:92:9e:fd:c1:3a:13:fd:60:7e:64:
b4:7a:da:7e:1e:df:ee:7b:57:9c:a5:5a:e3:db:f7:bd:42:f9:
24:87:ed:6f:48:26:d9:e2:e1:49:23:0a:eb:0a:d7:36:9e:3f:
b6:89:06:bb:b8:7d:51:cd:a6:b9:ab:d5:03:a4:b6:e6:0a:46:
f8:4b:13:e4:1a:7d:21:15:d2:98:45:a8:8f:1e:5c:54:c9:70:
11:1b:8c:3e:65:bc:e1:c9:7a:1c:5b:09:6b:ea:4a:1b:e9:c8:
67:8e:37:50:e6:27:7f:b0:9e:b9:7d:79:7f:52:1a:9a:56:04:
62:60:ec:46:96:62:3c:ac:91:0f:82:87:59:d1:57:a5:69:e1:
51:3b:da:cc:cd:8e:12:50:a5:e5:de:a0:df:3a:a4:e7:a7:43:
6e:c1:bf:b2:44:a2:26:5b:39:00:06:25:0a:f0:04:08:49:11:
a1:04:ca:1a:36:18:06:24:19:0b:7b:22:a9:f3:fc:86:23:72:
f5:e1:26:e6:82:ad:05:5f:01:ee:3c:65:ac:a3:7e:6e:2a:6c:
c8:61:a1:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZPPpujW5mk/ZoF0oAHyQms6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjQxMjE2MTMyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA4MDY2OGEyNjU4ZTlhMTNiMGM4OWFjZDVjNDYwM2FlNjc0MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHVAJoyabpNr2kPc8cBq1ZJlkv+T
J5/bdsNSI37W/vna3in7CfUMhhIApAOMEF3eTD2KJzjNpZh34a8qxREiRzO/e5XX
jZ/F+/djeHvqU3KK//gIli8AvnWTqDsepvQbICZk4cRE+ERzEBxux923vHytEziL
oM0viJg899ho9LG6IRUSuTT6Hvm7W1xwNVsmp7DeiOCg/f2uTrV+iTG7cqNoZa+B
9SG9BQC3LEFUlIMqgSeBjayntUt26XGJi7oAFE3h7kxwFl4gEI5B3bRcOXiDm0sD
u9sMqbP1ckr2DPPsTDXGzBhTBicYsvvjZ5w6otw5Tm/hnu9iIQrPJ1wyNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHAIBmiiZY6aE7DIms1cRgOuZ0M+MB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvY0FnR2FLSmxqcG9Uc01pYXpWeEdBNjVuUXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQBXI2Mz
yPtB2WfQqxIUPaTZ/b8KV3Afx61vb50mgJBohurEtSS6xpBJc5ab15Ke/cE6E/1g
fmS0etp+Ht/ue1ecpVrj2/e9Qvkkh+1vSCbZ4uFJIwrrCtc2nj+2iQa7uH1Rzaa5
q9UDpLbmCkb4SxPkGn0hFdKYRaiPHlxUyXARG4w+ZbzhyXocWwlr6kob6chnjjdQ
5id/sJ65fXl/UhqaVgRiYOxGlmI8rJEPgodZ0VelaeFRO9rMzY4SUKXl3qDfOqTn
p0Nuwb+yRKImWzkABiUK8AQISRGhBMoaNhgGJBkLeyKp8/yGI3L14Sbmgq0FXwHu
PGWso35uKmzIYaHi
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:03 2025 by rpki-client