Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/9S-RmcUjSEJdeX-arq9R1M4Eqs0.roa
File: 9S-RmcUjSEJdeX-arq9R1M4Eqs0.roa (raw, json)
Hash identifier: bMj7HCcav5zZeIEbfKV8Khn3XvfjKI0s3SRyPkFvpIg=
Subject key identifier: F5:2F:91:99:C5:23:48:42:5D:79:7F:9A:AE:AF:51:D4:CE:04:AA:CD
Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411
Certificate serial: 018CC2DB12BF37E52B367C8F184D0F4669DB
Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/9S-RmcUjSEJdeX-arq9R1M4Eqs0.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51926
IP address blocks: 91.220.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:12:bf:37:e5:2b:36:7c:8f:18:4d:0f:46:69:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f52f9199c52348425d797f9aaeaf51d4ce04aacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c6:0c:8f:5a:50:db:7b:bd:ca:4d:c1:6e:47:
d7:bb:70:44:c3:d1:a0:96:c1:9b:b3:f6:01:6d:ba:
c0:0c:4a:4d:40:c5:ad:32:ab:20:33:27:00:26:66:
db:d3:bb:bd:1a:e6:3d:a1:f8:f5:0e:a9:6c:fa:ca:
4b:4e:05:c0:85:46:6e:e8:ce:6a:ed:21:21:b3:30:
cb:a2:de:00:13:e3:85:19:73:12:f2:c9:be:35:a6:
e4:cc:2d:04:26:79:15:82:a9:94:ae:4a:1e:47:56:
4c:ec:3e:71:70:1c:03:bb:c3:6d:f2:69:a9:a9:80:
ac:f0:7f:1b:8c:c4:f8:b6:db:4f:63:05:02:41:a2:
09:47:16:e9:a4:ac:ed:e6:80:9f:ea:61:40:95:1d:
cf:d0:bd:7b:45:fa:03:96:b7:10:39:2e:5a:e2:de:
a8:65:21:9b:e9:a5:e0:0f:1c:6c:89:ae:90:f5:2b:
49:a7:c8:b8:34:2e:48:1f:a5:1a:de:da:47:0c:17:
ec:0e:5e:d6:3b:a9:8c:01:8c:41:83:77:4b:87:be:
6b:0c:4c:eb:8c:ef:cb:dd:76:54:3b:24:d9:33:6a:
d5:a7:8e:fe:97:10:b0:23:96:3b:38:26:c9:9b:19:
2c:d8:9c:7b:38:fd:b5:1e:f4:fa:04:b0:96:24:70:
c4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2F:91:99:C5:23:48:42:5D:79:7F:9A:AE:AF:51:D4:CE:04:AA:CD
X509v3 Authority Key Identifier:
keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/9S-RmcUjSEJdeX-arq9R1M4Eqs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.160.0/24
Signature Algorithm: sha256WithRSAEncryption
56:1e:bd:e8:ff:7c:00:91:2d:6b:80:01:81:9a:cf:6d:e7:e2:
a7:9a:c8:a2:b5:c0:94:9e:bb:41:dd:a1:5f:ca:28:e1:21:c6:
f6:93:b2:f9:2e:5f:d7:03:4a:cc:37:1c:6e:40:d1:d0:80:30:
f8:3e:f0:11:42:74:17:f0:f0:72:5d:96:8f:b3:88:31:cd:df:
45:2e:d0:be:6f:2e:da:f9:c8:07:3a:e9:3f:bb:be:0e:b4:a9:
e4:4f:58:4c:a0:c9:a7:bd:23:8a:89:26:38:a7:c6:9c:c9:e0:
21:36:45:62:3e:fc:6c:f5:43:4d:fd:83:87:02:0f:34:81:98:
93:e2:5a:9c:96:53:03:1f:86:af:da:14:58:0d:70:67:7c:20:
5f:b8:0d:57:a8:7b:b2:6c:d1:84:82:85:bf:c8:e4:12:15:48:
19:59:77:46:76:fb:26:27:f2:ae:2e:a6:74:84:11:fa:26:21:
54:bf:e2:a8:da:19:96:af:85:f4:aa:14:02:97:59:3d:2a:8c:
17:c0:c2:17:14:03:b8:d3:4f:c4:eb:74:17:3c:1d:01:02:fa:
ec:77:59:b7:e0:f2:9b:84:19:6f:51:e9:ee:f7:e1:75:b4:4c:
98:01:c0:fc:ef:df:b2:de:cb:c4:48:64:25:49:c7:45:30:40:
d7:51:57:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2xK/N+UrNnyPGE0PRmnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz
MGM0MTEwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJmOTE5OWM1MjM0ODQyNWQ3OTdmOWFhZWFmNTFkNGNlMDRhYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsYMj1pQ23u9yk3BbkfXu3BEw9Gg
lsGbs/YBbbrADEpNQMWtMqsgMycAJmbb07u9GuY9ofj1Dqls+spLTgXAhUZu6M5q
7SEhszDLot4AE+OFGXMS8sm+NabkzC0EJnkVgqmUrkoeR1ZM7D5xcBwDu8Nt8mmp
qYCs8H8bjMT4tttPYwUCQaIJRxbppKzt5oCf6mFAlR3P0L17RfoDlrcQOS5a4t6o
ZSGb6aXgDxxsia6Q9StJp8i4NC5IH6Ua3tpHDBfsDl7WO6mMAYxBg3dLh75rDEzr
jO/L3XZUOyTZM2rVp47+lxCwI5Y7OCbJmxks2Jx7OP21HvT6BLCWJHDEcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUvkZnFI0hCXXl/mq6vUdTOBKrNMB8GA1UdIwQY
MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt
ODlkMjYxMWE5NWRiLzEvOVMtUm1jVWpTRUpkZVgtYXJxOVIxTTRFcXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi
LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ygMA0G
CSqGSIb3DQEBCwUAA4IBAQBWHr3o/3wAkS1rgAGBms9t5+KnmsiitcCUnrtB3aFf
yijhIcb2k7L5Ll/XA0rMNxxuQNHQgDD4PvARQnQX8PByXZaPs4gxzd9FLtC+by7a
+cgHOuk/u74OtKnkT1hMoMmnvSOKiSY4p8acyeAhNkViPvxs9UNN/YOHAg80gZiT
4lqcllMDH4av2hRYDXBnfCBfuA1XqHuybNGEgoW/yOQSFUgZWXdGdvsmJ/KuLqZ0
hBH6JiFUv+Ko2hmWr4X0qhQCl1k9KowXwMIXFAO400/E63QXPB0BAvrsd1m34PKb
hBlvUenu9+F1tEyYAcD879+y3svESGQlScdFMEDXUVcm
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:01:01 2025 by rpki-client