Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/91cbce-ac9c-4eec-b861-26c3fdc5e717/1/4yBXiVrsX3Y-GRfV4YWitkJoe5U.roa
File: 4yBXiVrsX3Y-GRfV4YWitkJoe5U.roa (raw, json)
Hash identifier: U1KP76eLekje8vH4T5+sTbyoAwZQdAq3Kyd8xPqGpZc=
Subject key identifier: E3:20:57:89:5A:EC:5F:76:3E:19:17:D5:E1:85:A2:B6:42:68:7B:95
Certificate issuer: /CN=6baf725e719244041964a09370e17fbefbbbaaf6
Certificate serial: 019362A8310A4723FC0662BE2590952D7AC9
Authority key identifier: 6B:AF:72:5E:71:92:44:04:19:64:A0:93:70:E1:7F:BE:FB:BB:AA:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a69yXnGSRAQZZKCTcOF_vvu7qvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/91cbce-ac9c-4eec-b861-26c3fdc5e717/1/4yBXiVrsX3Y-GRfV4YWitkJoe5U.roa
Signing time: Mon 25 Nov 2024 09:30:09 +0000
ROA not before: Mon 25 Nov 2024 09:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47766
IP address blocks: 91.208.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:a8:31:0a:47:23:fc:06:62:be:25:90:95:2d:7a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6baf725e719244041964a09370e17fbefbbbaaf6
Validity
Not Before: Nov 25 09:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e32057895aec5f763e1917d5e185a2b642687b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e7:2f:93:be:b4:27:4d:04:83:c5:34:b2:b2:
d8:16:c0:d0:b4:85:ed:26:5f:87:ea:3e:b3:3c:38:
f4:df:fa:c1:70:b8:f5:d8:a1:96:7a:6b:95:e3:a7:
e6:d1:d0:40:7f:a9:47:d0:a0:a8:42:6d:79:a1:f8:
59:81:af:92:44:90:ff:2e:d8:4c:9f:67:e6:3b:10:
f6:1e:1e:0e:8f:0f:6c:6c:8a:69:39:f0:76:da:a0:
ba:26:93:90:4d:c1:d6:c9:c8:a2:1f:c0:14:cc:fa:
ac:f8:0b:89:91:be:1b:09:42:c4:57:07:45:6c:85:
00:1d:9a:82:cb:37:a0:16:30:d5:ab:76:fb:ba:22:
82:6e:52:c4:a2:60:b6:1c:b9:a6:92:36:fc:ce:ef:
32:02:b3:00:78:eb:24:c2:6d:9c:10:1a:93:80:48:
57:8e:22:e9:ed:e2:f3:42:3f:9a:da:bf:1c:ea:1f:
b7:a7:25:8d:c8:9b:5a:bf:d4:f2:41:21:5d:fe:58:
0b:d2:66:7c:25:a4:06:7b:b6:ee:cf:c6:e2:0e:c5:
e3:68:71:0a:33:46:c5:fc:a5:b2:80:29:4b:f2:99:
23:1e:2d:9f:1a:03:a1:4d:e3:fb:56:da:52:7f:8a:
f8:92:8e:4f:f4:b8:1b:86:9c:10:db:24:3e:e9:cb:
15:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:20:57:89:5A:EC:5F:76:3E:19:17:D5:E1:85:A2:B6:42:68:7B:95
X509v3 Authority Key Identifier:
keyid:6B:AF:72:5E:71:92:44:04:19:64:A0:93:70:E1:7F:BE:FB:BB:AA:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a69yXnGSRAQZZKCTcOF_vvu7qvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/91cbce-ac9c-4eec-b861-26c3fdc5e717/1/4yBXiVrsX3Y-GRfV4YWitkJoe5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/91cbce-ac9c-4eec-b861-26c3fdc5e717/1/a69yXnGSRAQZZKCTcOF_vvu7qvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.139.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:81:a4:88:56:92:a6:7b:a5:71:b2:34:7e:0f:1a:b2:51:42:
07:f5:7c:54:16:ad:bf:6a:e8:c6:ee:db:ca:e8:b0:24:6c:64:
49:61:0f:2a:63:29:e2:e5:c8:c4:de:c9:fd:6d:56:44:a4:3b:
01:fd:e0:b9:50:3c:26:6c:49:8e:e9:4b:68:4a:0e:44:32:12:
bd:69:1b:59:06:a6:92:30:e8:89:ea:dc:9c:8f:0c:ad:80:37:
ff:a8:13:11:48:4b:6a:17:a5:3f:6e:e7:eb:9e:d1:74:09:3d:
ac:88:55:ad:e4:25:a1:b5:b1:be:ab:47:c0:c9:31:f7:41:0e:
f8:1a:69:c6:5b:f8:61:4c:e3:ee:7d:9a:a8:96:c4:5e:57:44:
ff:16:3e:ae:6b:83:dc:6e:75:88:ad:8a:fd:c7:fd:0f:0d:bb:
7b:d5:a6:8d:8a:56:d0:54:36:f1:96:98:c1:c6:f1:2e:2a:80:
d3:a2:36:cc:eb:a8:dd:e7:b4:9e:14:1d:71:42:e2:c4:3c:29:
f9:20:10:b7:8f:e1:40:95:4d:50:e3:dd:d5:c2:d9:6d:82:ee:
f0:34:6e:25:58:0b:57:63:db:03:28:24:8a:21:47:04:4f:61:
7e:a0:39:9d:65:ae:90:3c:2b:f4:4f:60:48:0a:55:39:08:2f:
6a:dd:bb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNiqDEKRyP8BmK+JZCVLXrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYWY3MjVlNzE5MjQ0MDQxOTY0YTA5MzcwZTE3ZmJlZmJi
YmFhZjYwHhcNMjQxMTI1MDkzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIwNTc4OTVhZWM1Zjc2M2UxOTE3ZDVlMTg1YTJiNjQyNjg3Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOcvk760J00Eg8U0srLYFsDQtIXt
Jl+H6j6zPDj03/rBcLj12KGWemuV46fm0dBAf6lH0KCoQm15ofhZga+SRJD/LthM
n2fmOxD2Hh4Ojw9sbIppOfB22qC6JpOQTcHWyciiH8AUzPqs+AuJkb4bCULEVwdF
bIUAHZqCyzegFjDVq3b7uiKCblLEomC2HLmmkjb8zu8yArMAeOskwm2cEBqTgEhX
jiLp7eLzQj+a2r8c6h+3pyWNyJtav9TyQSFd/lgL0mZ8JaQGe7buz8biDsXjaHEK
M0bF/KWygClL8pkjHi2fGgOhTeP7VtpSf4r4ko5P9LgbhpwQ2yQ+6csVeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOMgV4la7F92PhkX1eGForZCaHuVMB8GA1UdIwQY
MBaAFGuvcl5xkkQEGWSgk3Dhf777u6r2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTY5eVhuR1NSQVFaWktDVGNPRl92dnU3cXZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85MWNiY2UtYWM5Yy00ZWVjLWI4NjEt
MjZjM2ZkYzVlNzE3LzEvNHlCWGlWcnNYM1ktR1JmVjRZV2l0a0pvZTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85MWNiY2UtYWM5Yy00ZWVjLWI4NjEtMjZjM2ZkYzVlNzE3
LzEvYTY5eVhuR1NSQVFaWktDVGNPRl92dnU3cXZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CLMA0G
CSqGSIb3DQEBCwUAA4IBAQBMgaSIVpKme6VxsjR+DxqyUUIH9XxUFq2/aujG7tvK
6LAkbGRJYQ8qYyni5cjE3sn9bVZEpDsB/eC5UDwmbEmO6UtoSg5EMhK9aRtZBqaS
MOiJ6tycjwytgDf/qBMRSEtqF6U/bufrntF0CT2siFWt5CWhtbG+q0fAyTH3QQ74
GmnGW/hhTOPufZqolsReV0T/Fj6ua4PcbnWIrYr9x/0PDbt71aaNilbQVDbxlpjB
xvEuKoDTojbM66jd57SeFB1xQuLEPCn5IBC3j+FAlU1Q493Vwtltgu7wNG4lWAtX
Y9sDKCSKIUcET2F+oDmdZa6QPCv0T2BIClU5CC9q3bsl
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:27 2025 by rpki-client