Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/vJJ4Dav6U1F4n7E4isRSRRp3Wo4.roa
File: vJJ4Dav6U1F4n7E4isRSRRp3Wo4.roa (raw, json)
Hash identifier: UVqTrTL0rbg858uWE3MGkh1CZO4Pryr3HeWLDrBgOnE=
Subject key identifier: BC:92:78:0D:AB:FA:53:51:78:9F:B1:38:8A:C4:52:45:1A:77:5A:8E
Certificate issuer: /CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Certificate serial: 018CC5DC3A40C7F8A130A948EA8AE2ED5C9F
Authority key identifier: B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/vJJ4Dav6U1F4n7E4isRSRRp3Wo4.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 91.192.4.0/24 maxlen: 24
91.192.5.0/24 maxlen: 24
91.192.6.0/24 maxlen: 24
91.192.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3a:40:c7:f8:a1:30:a9:48:ea:8a:e2:ed:5c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91464767773f1239b646bb66bdcf4f7fb1206ce
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc92780dabfa5351789fb1388ac452451a775a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:6c:fb:0d:50:54:d4:78:3c:5a:8c:29:81:
15:da:a9:c4:d3:99:b5:65:e5:86:30:1a:98:37:1f:
68:ef:34:c4:cf:9b:52:10:ab:ca:76:93:53:b4:9f:
31:dd:56:d3:8d:35:9f:b2:6f:7f:59:25:3a:85:40:
5d:6c:0c:ae:68:7e:15:ff:06:e6:7e:61:3f:c7:55:
0f:b9:1b:46:a5:39:f2:49:50:26:51:39:84:8f:6b:
84:71:5d:1e:3d:9a:c0:56:51:f5:bb:87:85:c3:0b:
a3:48:34:76:0b:d9:6e:22:f8:65:c8:93:4b:0e:aa:
1b:74:56:04:2d:a5:a5:4d:4d:8e:5f:e8:42:0c:c9:
cf:89:59:2c:b0:a1:89:ee:cb:5d:02:e4:93:18:39:
47:37:67:12:ba:cd:0a:8d:47:a1:0e:32:56:7d:fa:
06:60:07:11:4d:d2:23:93:aa:d4:ff:ab:6e:21:01:
23:94:b7:1c:35:b0:fe:d3:e8:0f:25:21:c2:7d:97:
55:7b:8d:b5:6d:d7:7f:08:3c:72:01:c6:6c:3f:41:
6a:47:6c:20:6a:5f:0d:69:4c:a2:10:a8:9d:87:58:
25:c7:f1:ac:2a:8e:d6:9b:6b:cc:1f:cf:5c:87:12:
f1:3a:d3:2c:20:4f:a2:85:b0:5d:d4:7e:fd:27:7d:
11:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:92:78:0D:AB:FA:53:51:78:9F:B1:38:8A:C4:52:45:1A:77:5A:8E
X509v3 Authority Key Identifier:
keyid:B9:14:64:76:77:73:F1:23:9B:64:6B:B6:6B:DC:F4:F7:FB:12:06:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRRkdndz8SObZGu2a9z09_sSBs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/vJJ4Dav6U1F4n7E4isRSRRp3Wo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/13fcd1-d806-4e56-8533-475dbbb0c08c/1/uRRkdndz8SObZGu2a9z09_sSBs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.4.0/22
Signature Algorithm: sha256WithRSAEncryption
86:f0:6e:ba:9d:d3:32:dd:a2:15:19:73:67:de:3e:af:31:a6:
f9:aa:a2:54:46:5f:b5:6d:ef:da:d5:2f:b7:17:26:a0:f5:2a:
81:79:65:eb:cc:7d:aa:2c:fe:4c:a8:fd:ab:0e:f7:45:87:4c:
d2:7f:70:2a:4f:79:a0:61:12:01:67:eb:f7:b4:2b:38:ba:2e:
d3:9f:20:ba:68:92:5d:0f:90:29:c6:34:bd:dd:d7:64:e8:54:
f7:84:f9:1a:de:69:e3:88:ca:69:ad:16:8a:5e:f3:ed:20:9d:
82:6a:96:88:3b:58:2c:13:b5:05:3d:3a:c9:dc:06:97:63:53:
2e:bf:a8:4f:11:e6:4e:77:9c:a2:22:28:ec:9b:25:77:52:ae:
33:cb:5c:0f:81:24:3f:2b:01:c0:6d:ce:01:f3:e7:0c:e6:b8:
a2:41:d3:f2:5b:f3:0a:29:b2:38:7c:2c:8e:d3:ba:8c:22:94:
08:23:f1:80:fd:1d:e5:99:0b:ce:e7:e3:c7:b2:00:4f:01:8d:
aa:32:8f:db:64:b6:f7:6b:8a:91:1a:78:0a:1b:8b:ab:35:43:
ea:c9:5c:f5:e8:cb:5c:62:0d:84:98:79:8a:0e:53:da:00:45:
91:61:c5:42:1f:6d:e8:e8:79:57:cd:ee:8f:a2:56:4a:eb:e4:
e8:b3:2a:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DpAx/ihMKlI6ori7VyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ2NDc2Nzc3M2YxMjM5YjY0NmJiNjZiZGNmNGY3ZmIx
MjA2Y2UwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzkyNzgwZGFiZmE1MzUxNzg5ZmIxMzg4YWM0NTI0NTFhNzc1YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA9s+w1QVNR4PFqMKYEV2qnE05m1
ZeWGMBqYNx9o7zTEz5tSEKvKdpNTtJ8x3VbTjTWfsm9/WSU6hUBdbAyuaH4V/wbm
fmE/x1UPuRtGpTnySVAmUTmEj2uEcV0ePZrAVlH1u4eFwwujSDR2C9luIvhlyJNL
DqobdFYELaWlTU2OX+hCDMnPiVkssKGJ7stdAuSTGDlHN2cSus0KjUehDjJWffoG
YAcRTdIjk6rU/6tuIQEjlLccNbD+0+gPJSHCfZdVe421bdd/CDxyAcZsP0FqR2wg
al8NaUyiEKidh1glx/GsKo7Wm2vMH89chxLxOtMsIE+ihbBd1H79J30RIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLySeA2r+lNReJ+xOIrEUkUad1qOMB8GA1UdIwQY
MBaAFLkUZHZ3c/Ejm2Rrtmvc9Pf7EgbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMt
NDc1ZGJiYjBjMDhjLzEvdkpKNERhdjZVMUY0bjdFNGlzUlNSUnAzV280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xM2ZjZDEtZDgwNi00ZTU2LTg1MzMtNDc1ZGJiYjBjMDhj
LzEvdVJSa2RuZHo4U09iWkd1MmE5ejA5X3NTQnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8AEMA0G
CSqGSIb3DQEBCwUAA4IBAQCG8G66ndMy3aIVGXNn3j6vMab5qqJURl+1be/a1S+3
Fyag9SqBeWXrzH2qLP5MqP2rDvdFh0zSf3AqT3mgYRIBZ+v3tCs4ui7TnyC6aJJd
D5ApxjS93ddk6FT3hPka3mnjiMpprRaKXvPtIJ2CapaIO1gsE7UFPTrJ3AaXY1Mu
v6hPEeZOd5yiIijsmyV3Uq4zy1wPgSQ/KwHAbc4B8+cM5riiQdPyW/MKKbI4fCyO
07qMIpQII/GA/R3lmQvO5+PHsgBPAY2qMo/bZLb3a4qRGngKG4urNUPqyVz16Mtc
Yg2EmHmKDlPaAEWRYcVCH23o6HlXze6PolZK6+Tosyqv
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:45 2025 by rpki-client