Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/oidapMf2PbArNogCwmlUflcqPIQ.roa
File: oidapMf2PbArNogCwmlUflcqPIQ.roa (raw, json)
Hash identifier: 9Ad+UO8k59dwgTiEXSZrb9xqofqxWv0cmf6b4XTsDkE=
Subject key identifier: A2:27:5A:A4:C7:F6:3D:B0:2B:36:88:02:C2:69:54:7E:57:2A:3C:84
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC4245529A0B8EEE3F05F1EE9E67030C9
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/oidapMf2PbArNogCwmlUflcqPIQ.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44907
IP address blocks: 91.108.20.0/22 maxlen: 22
91.108.20.0/23 maxlen: 23
2001:b28:f23c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:55:29:a0:b8:ee:e3:f0:5f:1e:e9:e6:70:30:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2275aa4c7f63db02b368802c269547e572a3c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:35:5c:d2:6a:70:d4:5b:73:ea:85:bc:5d:c5:
70:39:70:bd:28:2d:bf:07:44:07:bb:03:e6:48:8f:
7f:6f:91:de:b3:bc:f3:cb:9b:ca:60:df:51:e9:31:
67:6b:b2:d4:db:b6:29:be:24:5e:94:13:8f:b5:c9:
e7:78:fd:fa:26:b5:29:c8:58:73:72:b2:fb:7b:f5:
7f:e6:9d:a6:58:8f:17:18:67:ee:67:e4:b4:55:fe:
80:16:a1:fb:16:69:2d:d1:4f:24:27:75:ce:b7:0c:
54:9a:6d:3b:00:a5:1d:03:ed:5c:94:0e:2c:01:33:
8b:7d:d8:92:d1:e1:a1:13:b2:0e:f8:ef:10:07:1b:
43:a9:e2:54:e9:b8:6b:d1:37:03:39:05:8e:fb:9b:
18:55:71:2e:38:e7:76:7c:c3:21:6c:d2:07:b8:e2:
b5:f6:e0:34:6f:aa:07:38:10:a6:b1:73:a3:cd:55:
19:9e:c0:83:37:a7:81:ea:f8:96:fc:e9:0c:00:fb:
e1:f3:9b:28:96:84:fa:68:90:9e:bf:3f:f4:be:81:
8c:b4:2f:12:70:e4:b8:a8:77:5d:9b:94:2c:18:74:
d9:7c:5f:40:92:6c:cc:96:21:f1:cf:9c:7a:2f:48:
5d:98:46:16:58:be:48:a0:ec:fe:2e:4b:37:b9:e1:
76:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:27:5A:A4:C7:F6:3D:B0:2B:36:88:02:C2:69:54:7E:57:2A:3C:84
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/oidapMf2PbArNogCwmlUflcqPIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.20.0/22
IPv6:
2001:b28:f23c::/48
Signature Algorithm: sha256WithRSAEncryption
b5:17:d4:0d:c3:a8:42:a2:5b:72:87:9f:e7:06:9c:c3:dd:f5:
e0:9c:84:72:97:67:1d:2e:7e:c7:83:60:45:7f:65:f6:db:70:
d7:2c:34:f9:4b:06:12:10:c2:99:0e:f5:73:18:ca:69:5e:fd:
64:a5:e3:2a:96:40:80:9c:05:17:f3:c4:72:91:55:f1:7c:85:
2b:5b:6f:07:82:da:58:6b:c8:5b:96:fb:87:5d:fc:7d:d7:ce:
7a:36:7c:e6:dc:d6:e2:65:9a:20:f0:96:08:cd:a2:36:38:e7:
48:6d:f0:8b:58:39:c1:1e:3e:f4:1e:e8:46:80:c3:f6:5c:6f:
ec:32:40:30:3e:13:16:78:ec:ae:33:9b:ff:bb:26:4e:1a:33:
38:94:53:10:18:ed:2a:61:06:97:c5:97:1e:c3:8f:95:e5:4e:
e7:ce:95:5b:3e:cf:28:f3:fd:5f:12:fb:44:48:62:b7:1c:29:
6d:43:a3:2f:85:a5:68:20:4c:a3:26:14:cb:8e:9a:bb:c6:2f:
92:4a:af:7f:c8:7a:b4:70:f6:89:84:50:3d:7c:25:8f:18:29:
0d:dc:3d:85:2f:f5:2c:7c:cb:b3:5b:8e:66:da:48:54:b5:95:
35:51:60:db:04:e1:ed:87:c0:c2:a0:6f:3c:5b:04:5b:80:23:
08:9a:9f:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJFUpoLju4/BfHunmcDDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjI3NWFhNGM3ZjYzZGIwMmIzNjg4MDJjMjY5NTQ3ZTU3MmEzYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzVc0mpw1Ftz6oW8XcVwOXC9KC2/
B0QHuwPmSI9/b5Hes7zzy5vKYN9R6TFna7LU27YpviRelBOPtcnneP36JrUpyFhz
crL7e/V/5p2mWI8XGGfuZ+S0Vf6AFqH7Fmkt0U8kJ3XOtwxUmm07AKUdA+1clA4s
ATOLfdiS0eGhE7IO+O8QBxtDqeJU6bhr0TcDOQWO+5sYVXEuOOd2fMMhbNIHuOK1
9uA0b6oHOBCmsXOjzVUZnsCDN6eB6viW/OkMAPvh85soloT6aJCevz/0voGMtC8S
cOS4qHddm5QsGHTZfF9AkmzMliHxz5x6L0hdmEYWWL5IoOz+Lks3ueF2VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKInWqTH9j2wKzaIAsJpVH5XKjyEMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvb2lkYXBNZjJQYkFyTm9nQ3dtbFVmbGNxUElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW2wUMA8E
AgACMAkDBwAgAQso8jwwDQYJKoZIhvcNAQELBQADggEBALUX1A3DqEKiW3KHn+cG
nMPd9eCchHKXZx0ufseDYEV/ZfbbcNcsNPlLBhIQwpkO9XMYymle/WSl4yqWQICc
BRfzxHKRVfF8hStbbweC2lhryFuW+4dd/H3Xzno2fObc1uJlmiDwlgjNojY450ht
8ItYOcEePvQe6EaAw/Zcb+wyQDA+ExZ47K4zm/+7Jk4aMziUUxAY7SphBpfFlx7D
j5XlTufOlVs+zyjz/V8S+0RIYrccKW1Doy+FpWggTKMmFMuOmrvGL5JKr3/IerRw
9omEUD18JY8YKQ3cPYUv9Sx8y7NbjmbaSFS1lTVRYNsE4e2HwMKgbzxbBFuAIwia
n6E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:55 2025 by rpki-client