Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/Kki9qJHQ9q5OWoRgkA3-q98D8UE.roa
File: Kki9qJHQ9q5OWoRgkA3-q98D8UE.roa (raw, json)
Hash identifier: 2cmYtuo455+gROHTVLibOz4hdpYiENu73Hr3YC3GC4M=
Subject key identifier: 2A:48:BD:A8:91:D0:F6:AE:4E:5A:84:60:90:0D:FE:AB:DF:03:F1:41
Certificate issuer: /CN=e6a4cb74cf524c18121d53b532c03c06f4ad6be6
Certificate serial: 018CC94D4F610A75C3D197690A7F132B928F
Authority key identifier: E6:A4:CB:74:CF:52:4C:18:12:1D:53:B5:32:C0:3C:06:F4:AD:6B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5qTLdM9STBgSHVO1MsA8BvSta-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/Kki9qJHQ9q5OWoRgkA3-q98D8UE.roa
Signing time: Tue 02 Jan 2024 08:32:16 +0000
ROA not before: Tue 02 Jan 2024 08:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48388
IP address blocks: 91.209.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:4f:61:0a:75:c3:d1:97:69:0a:7f:13:2b:92:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6a4cb74cf524c18121d53b532c03c06f4ad6be6
Validity
Not Before: Jan 2 08:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a48bda891d0f6ae4e5a8460900dfeabdf03f141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:75:1c:d9:ad:f0:ed:62:cd:7b:25:26:e4:c6:
06:f9:38:5a:09:63:31:d5:ab:a8:e5:45:e2:ce:96:
23:a4:4a:d6:1c:1b:73:e4:88:4e:44:c0:5e:42:9f:
21:c7:ee:a9:2b:84:81:04:5e:e4:43:b3:74:fb:b1:
c8:96:3a:1b:51:c4:50:0b:65:d0:64:bd:1a:49:ff:
3d:60:b6:57:77:ac:6b:a0:51:04:c7:e4:c7:49:63:
64:52:7a:7d:ae:00:01:17:da:20:6b:7e:2d:25:fb:
66:49:c8:63:11:ba:1b:47:d0:79:1c:55:00:b9:46:
a2:51:e3:05:73:cf:f6:0c:10:ed:80:87:f3:fb:ef:
e6:ea:46:37:e7:08:3d:00:0a:11:db:e4:9f:19:4d:
e7:ee:be:29:86:12:39:6d:d0:1a:b5:d1:ec:a2:b0:
6e:55:4d:0c:56:0b:47:1a:b7:50:b5:53:e7:cd:d1:
13:fc:97:d7:ea:7d:8c:6a:50:59:1b:37:0f:aa:1b:
1d:81:80:04:4c:50:a0:ef:dd:23:e2:bf:8f:a2:37:
1e:c3:a6:cd:59:57:1f:fb:f2:29:a1:b4:2d:c4:d1:
57:30:b2:2b:63:b8:02:2c:3f:b3:ad:cc:45:a6:2f:
37:50:d2:e0:31:4e:db:33:48:3d:bd:1a:b5:4b:12:
b3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:48:BD:A8:91:D0:F6:AE:4E:5A:84:60:90:0D:FE:AB:DF:03:F1:41
X509v3 Authority Key Identifier:
keyid:E6:A4:CB:74:CF:52:4C:18:12:1D:53:B5:32:C0:3C:06:F4:AD:6B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5qTLdM9STBgSHVO1MsA8BvSta-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/Kki9qJHQ9q5OWoRgkA3-q98D8UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/f9f773-121e-450d-b606-98bf4289df3b/1/5qTLdM9STBgSHVO1MsA8BvSta-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.132.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:db:7c:08:e3:d4:17:79:d6:75:91:2b:34:1e:dd:5f:fb:f0:
c8:2a:37:b9:22:d3:e7:c9:72:e6:46:1b:dc:33:a0:5a:7e:fb:
9e:e9:fe:71:56:a6:d7:eb:a6:92:fa:d1:c6:85:c4:a1:dc:aa:
23:63:15:5c:fc:9c:d6:0d:58:d6:d5:7c:53:aa:8d:9a:37:98:
e7:97:f9:fa:95:7e:0e:a5:14:23:89:88:cf:65:d9:13:59:77:
4f:a3:74:89:a9:21:93:63:18:a9:d5:94:dc:d4:3d:21:1f:59:
40:14:35:84:2f:28:f5:c5:4d:83:4e:11:ff:b0:6c:7b:03:c0:
0d:5e:31:f6:d5:73:fb:f1:66:5c:72:79:e0:f4:b3:eb:00:33:
02:52:6f:ac:49:62:6a:f3:86:ec:47:77:66:6c:9a:7d:99:cb:
0e:98:42:14:bd:cc:6a:55:7f:1e:95:35:b2:3c:ea:24:a0:5a:
a0:95:c3:cc:74:3a:1b:6d:f4:a0:63:fd:cb:ed:01:c3:cd:ed:
fd:0b:54:e8:36:18:cd:f8:0b:dc:82:e9:6c:d4:78:84:15:b9:
ae:b9:7e:b7:40:9e:3d:a6:b9:4e:b2:a0:e1:c8:9c:66:ef:8f:
30:85:b3:2c:ad:2b:57:6b:5b:96:27:f8:5f:bc:d1:52:1c:ca:
49:cd:00:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTU9hCnXD0ZdpCn8TK5KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YTRjYjc0Y2Y1MjRjMTgxMjFkNTNiNTMyYzAzYzA2ZjRh
ZDZiZTYwHhcNMjQwMTAyMDgzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ4YmRhODkxZDBmNmFlNGU1YTg0NjA5MDBkZmVhYmRmMDNmMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnUc2a3w7WLNeyUm5MYG+ThaCWMx
1auo5UXizpYjpErWHBtz5IhORMBeQp8hx+6pK4SBBF7kQ7N0+7HIljobUcRQC2XQ
ZL0aSf89YLZXd6xroFEEx+THSWNkUnp9rgABF9oga34tJftmSchjEbobR9B5HFUA
uUaiUeMFc8/2DBDtgIfz++/m6kY35wg9AAoR2+SfGU3n7r4phhI5bdAatdHsorBu
VU0MVgtHGrdQtVPnzdET/JfX6n2MalBZGzcPqhsdgYAETFCg790j4r+Pojcew6bN
WVcf+/IpobQtxNFXMLIrY7gCLD+zrcxFpi83UNLgMU7bM0g9vRq1SxKz0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpIvaiR0PauTlqEYJAN/qvfA/FBMB8GA1UdIwQY
MBaAFOaky3TPUkwYEh1TtTLAPAb0rWvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXFUTGRNOVNUQmdTSFZPMU1zQThCdlN0YS1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mOWY3NzMtMTIxZS00NTBkLWI2MDYt
OThiZjQyODlkZjNiLzEvS2tpOXFKSFE5cTVPV29SZ2tBMy1xOThEOFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mOWY3NzMtMTIxZS00NTBkLWI2MDYtOThiZjQyODlkZjNi
LzEvNXFUTGRNOVNUQmdTSFZPMU1zQThCdlN0YS1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GEMA0G
CSqGSIb3DQEBCwUAA4IBAQCi23wI49QXedZ1kSs0Ht1f+/DIKje5ItPnyXLmRhvc
M6Bafvue6f5xVqbX66aS+tHGhcSh3KojYxVc/JzWDVjW1XxTqo2aN5jnl/n6lX4O
pRQjiYjPZdkTWXdPo3SJqSGTYxip1ZTc1D0hH1lAFDWELyj1xU2DThH/sGx7A8AN
XjH21XP78WZccnng9LPrADMCUm+sSWJq84bsR3dmbJp9mcsOmEIUvcxqVX8elTWy
POokoFqglcPMdDobbfSgY/3L7QHDze39C1ToNhjN+Avcguls1HiEFbmuuX63QJ49
prlOsqDhyJxm748whbMsrStXa1uWJ/hfvNFSHMpJzQD/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:32 2025 by rpki-client