Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/f539cb-14bf-48a2-a835-ce8d2dd43066/1/pbIVvQcJosslX9byn4yr4ORMRWE.roa
File: pbIVvQcJosslX9byn4yr4ORMRWE.roa (raw, json)
Hash identifier: rUO7TAucgh9JAJ4lWSoL4bi+HX+lJQtz4fJInayzPaE=
Subject key identifier: A5:B2:15:BD:07:09:A2:CB:25:5F:D6:F2:9F:8C:AB:E0:E4:4C:45:61
Certificate issuer: /CN=53122e03a841b8878963affff695ca4f9fd0682c
Certificate serial: 01939390F269AF581823CA919FC0C09C2369
Authority key identifier: 53:12:2E:03:A8:41:B8:87:89:63:AF:FF:F6:95:CA:4F:9F:D0:68:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UxIuA6hBuIeJY6__9pXKT5_QaCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/f539cb-14bf-48a2-a835-ce8d2dd43066/1/pbIVvQcJosslX9byn4yr4ORMRWE.roa
Signing time: Wed 04 Dec 2024 21:26:10 +0000
ROA not before: Wed 04 Dec 2024 21:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59437
IP address blocks: 91.226.226.0/24 maxlen: 24
2a0c:3c80::/29 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:90:f2:69:af:58:18:23:ca:91:9f:c0:c0:9c:23:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53122e03a841b8878963affff695ca4f9fd0682c
Validity
Not Before: Dec 4 21:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5b215bd0709a2cb255fd6f29f8cabe0e44c4561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0e:be:42:2c:95:dc:c1:d7:b0:fc:98:a1:3e:
92:78:75:18:d6:fd:22:b7:a0:8b:3e:ef:a1:c8:75:
ec:e7:17:ea:ac:04:c9:77:a4:01:a9:c1:53:79:69:
e3:91:ec:e5:ca:a5:39:6f:3b:bd:0a:9b:50:18:4d:
01:5d:a4:d8:73:53:1d:1d:5a:b4:3c:4b:40:d7:44:
92:d2:33:c3:e1:33:55:0c:e2:a3:b0:23:08:07:6d:
f4:77:cc:e8:71:47:6c:03:e4:21:35:b2:47:c9:f3:
61:8c:20:c1:47:2e:76:97:89:7a:c4:7b:52:39:e9:
ff:b0:9e:eb:ec:e4:d0:ad:bb:5f:8c:12:6d:05:85:
9c:52:f1:ac:c0:94:6a:3d:35:61:40:8d:75:24:68:
c5:8e:c8:18:ca:dc:97:56:d1:11:c7:fa:94:8f:34:
5b:12:47:79:7d:73:56:53:16:a2:2b:16:3b:7a:81:
78:e1:01:54:10:ec:0e:06:03:7a:4e:38:02:bf:00:
e9:f5:83:81:29:53:12:67:e9:d5:37:b9:06:cf:fe:
a5:d6:82:84:23:ba:28:e5:26:cf:64:d3:23:a7:f1:
b6:2c:17:15:ca:cd:3b:76:72:be:a6:d9:7e:a2:4e:
95:9d:70:25:42:a4:4d:be:f6:4e:69:10:30:e2:ff:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B2:15:BD:07:09:A2:CB:25:5F:D6:F2:9F:8C:AB:E0:E4:4C:45:61
X509v3 Authority Key Identifier:
keyid:53:12:2E:03:A8:41:B8:87:89:63:AF:FF:F6:95:CA:4F:9F:D0:68:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UxIuA6hBuIeJY6__9pXKT5_QaCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f539cb-14bf-48a2-a835-ce8d2dd43066/1/pbIVvQcJosslX9byn4yr4ORMRWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f539cb-14bf-48a2-a835-ce8d2dd43066/1/UxIuA6hBuIeJY6__9pXKT5_QaCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.226.0/24
IPv6:
2a0c:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
83:74:65:5b:e9:3a:f1:25:f8:cb:0b:a8:87:8e:42:d2:9b:96:
b1:cb:ac:4c:bc:c9:8b:47:b5:f8:a0:c4:84:28:d3:0e:ac:f1:
c7:63:f3:d1:aa:1b:90:03:74:71:73:d4:64:93:49:1e:b1:83:
71:56:e9:60:16:d2:40:b8:bb:78:9d:64:af:d5:01:c4:33:0e:
78:1c:db:70:f3:6d:4f:11:83:7a:a8:6f:13:b2:d3:48:85:22:
f3:1f:fc:b6:22:06:e4:4e:d6:09:dd:2c:b4:04:6e:b6:a1:86:
f3:a2:18:0d:2e:9f:57:f1:39:39:9c:c1:4a:67:99:00:37:84:
c5:f7:ef:49:6a:9e:88:cd:55:39:ab:86:8e:61:51:5c:b9:4c:
1b:37:a9:37:c9:19:af:6a:11:73:60:db:a5:3d:51:c5:5d:0e:
b6:bc:12:e1:f4:f9:e1:44:25:21:6d:b7:b5:39:f3:03:d0:73:
d0:d0:4c:9a:86:82:85:ad:b7:2b:57:ea:a3:3d:67:ec:fc:db:
ea:9a:d9:eb:b2:90:5c:a6:df:0f:2b:2a:62:3a:73:3a:6c:ad:
6c:f8:4b:3b:5a:85:07:97:90:3c:46:52:fd:8b:34:28:3c:c5:
94:19:6f:18:9e:45:f6:79:28:29:51:21:19:65:df:5e:ab:3c:
f9:6a:62:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOTkPJpr1gYI8qRn8DAnCNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMTIyZTAzYTg0MWI4ODc4OTYzYWZmZmY2OTVjYTRmOWZk
MDY4MmMwHhcNMjQxMjA0MjEyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIyMTViZDA3MDlhMmNiMjU1ZmQ2ZjI5ZjhjYWJlMGU0NGM0NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw6+QiyV3MHXsPyYoT6SeHUY1v0i
t6CLPu+hyHXs5xfqrATJd6QBqcFTeWnjkezlyqU5bzu9CptQGE0BXaTYc1MdHVq0
PEtA10SS0jPD4TNVDOKjsCMIB230d8zocUdsA+QhNbJHyfNhjCDBRy52l4l6xHtS
Oen/sJ7r7OTQrbtfjBJtBYWcUvGswJRqPTVhQI11JGjFjsgYytyXVtERx/qUjzRb
Ekd5fXNWUxaiKxY7eoF44QFUEOwOBgN6TjgCvwDp9YOBKVMSZ+nVN7kGz/6l1oKE
I7oo5SbPZNMjp/G2LBcVys07dnK+ptl+ok6VnXAlQqRNvvZOaRAw4v8RawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKWyFb0HCaLLJV/W8p+Mq+DkTEVhMB8GA1UdIwQY
MBaAFFMSLgOoQbiHiWOv//aVyk+f0GgsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXhJdUE2aEJ1SWVKWTZfXzlwWEtUNV9RYUN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mNTM5Y2ItMTRiZi00OGEyLWE4MzUt
Y2U4ZDJkZDQzMDY2LzEvcGJJVnZRY0pvc3NsWDlieW40eXI0T1JNUldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mNTM5Y2ItMTRiZi00OGEyLWE4MzUtY2U4ZDJkZDQzMDY2
LzEvVXhJdUE2aEJ1SWVKWTZfXzlwWEtUNV9RYUN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+LiMA0E
AgACMAcDBQMqDDyAMA0GCSqGSIb3DQEBCwUAA4IBAQCDdGVb6TrxJfjLC6iHjkLS
m5axy6xMvMmLR7X4oMSEKNMOrPHHY/PRqhuQA3Rxc9Rkk0kesYNxVulgFtJAuLt4
nWSv1QHEMw54HNtw821PEYN6qG8TstNIhSLzH/y2IgbkTtYJ3Sy0BG62oYbzohgN
Lp9X8Tk5nMFKZ5kAN4TF9+9Jap6IzVU5q4aOYVFcuUwbN6k3yRmvahFzYNulPVHF
XQ62vBLh9PnhRCUhbbe1OfMD0HPQ0EyahoKFrbcrV+qjPWfs/NvqmtnrspBcpt8P
KypiOnM6bK1s+Es7WoUHl5A8RlL9izQoPMWUGW8YnkX2eSgpUSEZZd9eqzz5amJv
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:00:59 2025 by rpki-client