Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/maZcBhVMjmSPiOi_unQkG1_Hijo.roa
File: maZcBhVMjmSPiOi_unQkG1_Hijo.roa (raw, json)
Hash identifier: G1nqapW+AIboBNHlw8eBze8c7fPEVJm5IDoz0OSRm0w=
Subject key identifier: 99:A6:5C:06:15:4C:8E:64:8F:88:E8:BF:BA:74:24:1B:5F:C7:8A:3A
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018FCC808DB7CF3B9305775221E50EAAB5B6
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/maZcBhVMjmSPiOi_unQkG1_Hijo.roa
Signing time: Fri 31 May 2024 02:35:27 +0000
ROA not before: Fri 31 May 2024 02:35:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 91.201.140.0/23 maxlen: 23
91.201.140.0/24 maxlen: 24
91.201.141.0/24 maxlen: 24
92.119.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cc:80:8d:b7:cf:3b:93:05:77:52:21:e5:0e:aa:b5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: May 31 02:35:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99a65c06154c8e648f88e8bfba74241b5fc78a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:3a:ac:70:d1:d7:52:a7:fd:01:90:32:16:
e6:5b:ed:35:ce:3d:aa:b9:96:fe:89:32:af:22:90:
c4:b9:df:04:dc:c9:fd:94:8d:47:b0:2f:ba:15:5b:
95:ad:c3:64:d2:67:e4:13:f3:43:b7:47:4e:11:80:
6c:59:22:fb:78:ca:23:f7:f4:0b:d3:56:d2:85:c6:
eb:fa:0f:e1:db:e5:7a:ca:43:bc:9b:35:e3:dd:db:
d1:40:4c:a1:30:b1:78:63:8e:7d:3b:8b:3f:0a:41:
50:c4:18:28:af:f9:04:b8:98:bd:70:51:ff:71:fb:
60:25:49:c1:88:bb:48:a1:a1:ca:4c:8e:12:1f:0e:
c7:3c:3e:06:93:64:e8:7b:4b:1e:4c:47:27:d6:b5:
33:8f:f5:0c:75:6d:b6:72:2c:7d:ee:53:5a:a8:f7:
90:d9:30:ae:49:37:69:22:55:aa:66:3a:49:eb:28:
e5:b7:56:e6:ea:09:7f:e9:bb:25:f8:de:1f:5e:bf:
11:53:b3:ae:ec:c0:ad:cf:f3:f3:b0:5a:12:a3:00:
0f:fb:ed:6d:00:de:9d:c3:df:a3:16:0d:f0:0f:e4:
ca:d3:c6:01:65:55:b1:fa:1c:60:60:40:47:81:46:
a4:2a:49:25:1d:db:cb:58:ac:d3:b7:55:9f:24:80:
22:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A6:5C:06:15:4C:8E:64:8F:88:E8:BF:BA:74:24:1B:5F:C7:8A:3A
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/maZcBhVMjmSPiOi_unQkG1_Hijo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.140.0/23
92.119.182.0/24
Signature Algorithm: sha256WithRSAEncryption
04:fc:24:e3:64:d3:e9:01:f2:b3:41:b8:4f:b6:8d:4b:eb:6f:
db:b4:9f:d2:11:0b:fe:c6:22:f5:3f:37:5d:7d:c7:9b:15:6f:
5e:da:b9:93:35:10:5a:31:44:50:e1:5b:15:39:99:5d:f1:63:
ac:94:ea:86:d1:e1:77:0f:57:bc:af:35:b8:72:26:22:da:0c:
a0:70:0b:31:f8:9e:63:25:05:75:fc:d4:09:8f:6f:70:f4:48:
8f:54:d2:38:47:88:ac:03:98:81:f4:4f:28:7b:16:a3:b5:e6:
3c:0b:3b:fb:f2:32:c1:81:bd:03:71:23:bd:a1:91:f5:7d:d0:
2c:2e:92:47:68:4f:c5:2a:57:43:f0:bf:7e:d4:1c:31:b3:0c:
5f:f0:3a:d6:2c:e1:53:13:6c:c7:ac:5f:2f:69:db:d2:7d:20:
24:9e:05:80:55:1f:99:ff:48:14:68:e9:3f:f7:3d:b7:2c:08:
c7:82:01:fd:11:bf:23:e3:a1:e7:54:a4:00:6c:1d:cc:7d:e6:
b4:96:c2:fb:5d:f8:33:a9:21:d7:60:fc:05:c9:cf:56:89:ab:
5d:12:6a:b7:26:26:b9:2c:02:30:2d:2a:24:33:d2:79:d4:fd:
db:ba:4f:dd:75:fd:55:58:5d:5e:3c:20:18:8e:11:3c:2d:1e:
0d:37:bd:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/MgI23zzuTBXdSIeUOqrW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwNTMxMDIzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE2NWMwNjE1NGM4ZTY0OGY4OGU4YmZiYTc0MjQxYjVmYzc4YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc06rHDR11Kn/QGQMhbmW+01zj2q
uZb+iTKvIpDEud8E3Mn9lI1HsC+6FVuVrcNk0mfkE/NDt0dOEYBsWSL7eMoj9/QL
01bShcbr+g/h2+V6ykO8mzXj3dvRQEyhMLF4Y459O4s/CkFQxBgor/kEuJi9cFH/
cftgJUnBiLtIoaHKTI4SHw7HPD4Gk2Toe0seTEcn1rUzj/UMdW22cix97lNaqPeQ
2TCuSTdpIlWqZjpJ6yjlt1bm6gl/6bsl+N4fXr8RU7Ou7MCtz/PzsFoSowAP++1t
AN6dw9+jFg3wD+TK08YBZVWx+hxgYEBHgUakKkklHdvLWKzTt1WfJIAiYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJmmXAYVTI5kj4jov7p0JBtfx4o6MB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvbWFaY0JoVk1qbVNQaU9pX3VuUWtHMV9IaWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8mMAwQA
XHe2MA0GCSqGSIb3DQEBCwUAA4IBAQAE/CTjZNPpAfKzQbhPto1L62/btJ/SEQv+
xiL1PzddfcebFW9e2rmTNRBaMURQ4VsVOZld8WOslOqG0eF3D1e8rzW4ciYi2gyg
cAsx+J5jJQV1/NQJj29w9EiPVNI4R4isA5iB9E8oexajteY8Czv78jLBgb0DcSO9
oZH1fdAsLpJHaE/FKldD8L9+1Bwxswxf8DrWLOFTE2zHrF8vadvSfSAkngWAVR+Z
/0gUaOk/9z23LAjHggH9Eb8j46HnVKQAbB3Mfea0lsL7XfgzqSHXYPwFyc9Wiatd
Emq3Jia5LAIwLSokM9J51P3buk/ddf1VWF1ePCAYjhE8LR4NN72e
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:52 2025 by rpki-client