Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Toa9P9CTLP7xY8U8TWx5md8n30o.roa
File: Toa9P9CTLP7xY8U8TWx5md8n30o.roa (raw, json)
Hash identifier: famDGZ4krBgY2cdvD2CSdQlTBMV3ghs54Akk9jyvqvg=
Subject key identifier: 4E:86:BD:3F:D0:93:2C:FE:F1:63:C5:3C:4D:6C:79:99:DF:27:DF:4A
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC42459D8F6C51C93DC01F612078E8444
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Toa9P9CTLP7xY8U8TWx5md8n30o.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202432
IP address blocks: 91.108.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:59:d8:f6:c5:1c:93:dc:01:f6:12:07:8e:84:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e86bd3fd0932cfef163c53c4d6c7999df27df4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:57:db:88:c9:44:32:46:10:31:d3:53:ca:27:
5f:06:86:13:dd:b6:8d:03:93:4d:5e:bd:1a:c9:d3:
d0:4e:f4:af:c6:db:4b:d8:48:c0:84:36:e9:98:8a:
ad:33:08:61:76:af:b9:85:db:31:80:eb:7c:ac:7a:
5f:20:e7:29:c5:a6:a1:57:9b:14:e8:7f:f2:9b:c0:
89:44:7b:01:66:98:c4:06:62:2a:a5:d8:2c:79:9d:
d5:ed:8b:f9:8d:23:c6:f9:62:7b:11:f4:ee:28:c4:
60:7c:76:ea:f6:f9:e7:70:34:8a:92:a6:fc:9c:fe:
3f:76:be:cb:e8:d9:02:b8:a7:87:2b:0b:64:5a:a1:
d7:37:33:8d:9f:f5:26:fe:dd:a6:95:11:80:74:a9:
09:e6:e7:c6:72:4a:19:29:a7:0c:63:8c:be:8e:7c:
03:29:47:0b:b3:62:b9:c7:4b:52:18:5b:25:a1:01:
58:a3:26:e4:3c:24:67:6b:ab:f9:10:f7:04:dc:80:
7e:c8:8d:ac:45:f9:64:6a:1a:fc:fd:e9:cf:4a:be:
8e:a0:a9:03:f7:22:3b:cd:d5:bc:60:dc:19:cc:4b:
55:f0:95:2a:14:a1:c6:3d:d1:1d:f8:36:57:2f:c1:
c0:7b:99:2d:18:71:42:85:89:3b:9d:57:3f:3d:dd:
fb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:86:BD:3F:D0:93:2C:FE:F1:63:C5:3C:4D:6C:79:99:DF:27:DF:4A
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Toa9P9CTLP7xY8U8TWx5md8n30o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.42.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:bb:57:36:9e:e1:11:c2:59:db:dc:a9:02:5c:c8:aa:08:d3:
61:6e:80:6d:25:ce:98:bc:2f:39:09:b9:5d:a3:5b:27:36:1d:
c8:ad:af:33:57:1f:b3:86:36:10:ee:bc:51:8b:08:dc:fe:8e:
fd:62:04:2e:ec:87:58:ec:7c:e8:ca:d4:7f:7c:6a:8e:b1:86:
fa:d1:31:4c:c3:00:a1:43:eb:d9:69:6d:39:cd:ed:58:74:90:
29:c7:88:af:13:b5:d1:1f:aa:50:18:a9:7e:ed:60:e8:dd:9b:
4e:49:d5:c3:06:a1:a7:f4:41:ab:19:62:78:39:67:55:a4:6d:
ba:dd:73:b3:1c:5f:f4:f3:41:3b:ab:32:9e:a0:bc:4b:36:81:
6c:81:ec:5c:04:04:f6:ce:ee:ed:89:a7:53:1a:f5:aa:58:e9:
e4:4b:51:22:d2:5c:01:39:38:a8:22:af:88:3a:13:09:9d:41:
20:92:2a:53:bb:16:74:ff:9b:d2:f8:14:b9:a6:5b:90:34:b6:
0f:1f:1f:86:33:8b:5c:52:7e:b1:b9:c7:cc:d0:16:51:a1:9e:
ee:50:ce:8e:fa:70:46:4a:d3:4c:a8:c3:00:ab:13:7b:ff:77:
db:b9:31:44:d9:2c:fe:07:e1:b9:d5:84:8f:ba:cc:4c:4e:5d:
8f:45:ef:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFnY9sUck9wB9hIHjoREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg2YmQzZmQwOTMyY2ZlZjE2M2M1M2M0ZDZjNzk5OWRmMjdkZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlfbiMlEMkYQMdNTyidfBoYT3baN
A5NNXr0aydPQTvSvxttL2EjAhDbpmIqtMwhhdq+5hdsxgOt8rHpfIOcpxaahV5sU
6H/ym8CJRHsBZpjEBmIqpdgseZ3V7Yv5jSPG+WJ7EfTuKMRgfHbq9vnncDSKkqb8
nP4/dr7L6NkCuKeHKwtkWqHXNzONn/Um/t2mlRGAdKkJ5ufGckoZKacMY4y+jnwD
KUcLs2K5x0tSGFsloQFYoybkPCRna6v5EPcE3IB+yI2sRflkahr8/enPSr6OoKkD
9yI7zdW8YNwZzEtV8JUqFKHGPdEd+DZXL8HAe5ktGHFChYk7nVc/Pd37yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6GvT/Qkyz+8WPFPE1seZnfJ99KMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvVG9hOVA5Q1RMUDd4WThVOFRXeDVtZDhuMzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2wqMA0G
CSqGSIb3DQEBCwUAA4IBAQCMu1c2nuERwlnb3KkCXMiqCNNhboBtJc6YvC85Cbld
o1snNh3Ira8zVx+zhjYQ7rxRiwjc/o79YgQu7IdY7HzoytR/fGqOsYb60TFMwwCh
Q+vZaW05ze1YdJApx4ivE7XRH6pQGKl+7WDo3ZtOSdXDBqGn9EGrGWJ4OWdVpG26
3XOzHF/080E7qzKeoLxLNoFsgexcBAT2zu7tiadTGvWqWOnkS1Ei0lwBOTioIq+I
OhMJnUEgkipTuxZ0/5vS+BS5pluQNLYPHx+GM4tcUn6xucfM0BZRoZ7uUM6O+nBG
StNMqMMAqxN7/3fbuTFE2Sz+B+G51YSPusxMTl2PRe9A
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:20:58 2025 by rpki-client