Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9BA7UDOia8nFK7gesANfRJI8n2I.roa
File: 9BA7UDOia8nFK7gesANfRJI8n2I.roa (raw, json)
Hash identifier: B9c5PEIBoa/EnDouzWkZWazB5CXIjqaC2Mcx3TS2yRs=
Subject key identifier: F4:10:3B:50:33:A2:6B:C9:C5:2B:B8:1E:B0:03:5F:44:92:3C:9F:62
Certificate issuer: /CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Certificate serial: 018CC64A7A35C122BAFFEC438612910A209B
Authority key identifier: D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9BA7UDOia8nFK7gesANfRJI8n2I.roa
Signing time: Mon 01 Jan 2024 18:30:18 +0000
ROA not before: Mon 01 Jan 2024 18:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57508
IP address blocks: 91.220.110.0/24 maxlen: 24
185.221.232.0/22 maxlen: 22
2001:67c:2aac::/48 maxlen: 48
2a0c:7000::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:7a:35:c1:22:ba:ff:ec:43:86:12:91:0a:20:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c0d5b106b81a92924ea2bc5139fbb5ee1186dd
Validity
Not Before: Jan 1 18:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4103b5033a26bc9c52bb81eb0035f44923c9f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fc:c2:68:9f:bc:03:d4:89:9d:d1:b1:81:6f:
ad:f2:4c:16:e5:bd:cd:a7:1c:5a:02:0e:78:75:cf:
fb:04:ab:b3:bd:93:fc:66:15:92:59:e6:c1:26:e5:
9a:b0:b8:78:2d:f8:3d:d1:39:02:8f:06:fc:64:a4:
b0:18:c3:62:67:2d:78:0c:a5:df:84:51:ea:53:43:
4c:0f:a9:0b:7e:56:0b:dc:9a:37:96:f3:12:16:16:
00:b0:1e:2b:40:f6:a4:3d:7e:0b:93:98:dc:3b:d8:
70:74:5d:9d:55:c2:aa:27:87:38:f9:55:08:7c:d6:
11:32:5d:4f:57:10:b3:f7:38:b6:87:48:d8:61:9f:
b1:8b:05:7e:24:fe:95:b2:0f:84:c6:a6:48:50:28:
81:44:bb:44:ec:5b:bc:e7:01:be:c2:9c:b0:cb:3f:
58:25:20:95:2f:9b:f3:dc:0d:7b:d6:b1:87:65:fa:
0e:87:fa:13:7c:01:1e:4c:2e:1f:0e:dc:d1:0b:57:
ce:5d:d4:c9:eb:47:c6:fe:36:67:61:b4:a8:09:c8:
99:ce:51:20:96:d7:17:66:b4:3e:57:70:ff:e0:5a:
d4:a8:da:74:3b:c9:59:79:fa:18:c9:05:b4:45:24:
57:4c:07:40:a0:d1:0d:47:bc:42:bd:dd:81:16:d8:
f8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:10:3B:50:33:A2:6B:C9:C5:2B:B8:1E:B0:03:5F:44:92:3C:9F:62
X509v3 Authority Key Identifier:
keyid:D3:C0:D5:B1:06:B8:1A:92:92:4E:A2:BC:51:39:FB:B5:EE:11:86:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08DVsQa4GpKSTqK8UTn7te4Rht0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/9BA7UDOia8nFK7gesANfRJI8n2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/19f4d4-5c1e-421f-9f56-bc5104a385e2/1/08DVsQa4GpKSTqK8UTn7te4Rht0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.110.0/24
185.221.232.0/22
IPv6:
2001:67c:2aac::/48
2a0c:7000::/29
Signature Algorithm: sha256WithRSAEncryption
44:c8:8f:db:f1:ad:14:af:2a:a9:96:30:8c:38:76:1e:bb:56:
cf:e8:3d:68:1f:94:c0:3b:ca:bb:97:a5:7c:1f:18:15:75:1a:
b1:18:88:5f:73:ea:8d:6e:8f:4d:02:aa:3a:68:45:f6:b2:28:
f6:99:4f:5a:11:91:35:a9:7b:88:2c:6e:68:c5:1d:bb:8e:8f:
db:26:db:d7:73:21:5e:a1:26:50:a1:c4:6c:25:e6:fe:41:34:
29:4c:96:38:b0:5c:24:dc:c6:6a:12:22:11:ee:92:72:6a:1e:
ee:92:44:8b:b9:e0:6e:0d:4a:49:c7:c5:52:d4:c9:c9:51:f3:
15:a1:8e:ab:c3:15:1d:5b:28:e3:ad:9c:dc:07:8e:4e:63:04:
ac:ee:21:da:ce:71:82:e4:a3:1e:d2:e2:e3:dd:33:25:d7:f2:
9d:74:5d:a4:8a:ff:24:a5:35:3f:17:dd:7c:2a:92:06:37:a4:
a9:57:9c:b4:75:20:97:47:d8:c2:6c:34:91:92:8b:ef:c7:15:
60:0e:9c:da:76:4d:bd:2a:b0:9c:5a:e6:b8:a9:10:0f:9b:43:
64:ca:a6:cf:0b:1f:b5:96:c8:25:17:fa:cc:6b:f0:fd:59:6c:
96:57:6c:07:5a:6a:00:bc:e4:f3:dc:2a:6f:78:5c:46:3c:b3:
0e:ec:6c:84
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSno1wSK6/+xDhhKRCiCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzBkNWIxMDZiODFhOTI5MjRlYTJiYzUxMzlmYmI1ZWUx
MTg2ZGQwHhcNMjQwMTAxMTgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDEwM2I1MDMzYTI2YmM5YzUyYmI4MWViMDAzNWY0NDkyM2M5ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/zCaJ+8A9SJndGxgW+t8kwW5b3N
pxxaAg54dc/7BKuzvZP8ZhWSWebBJuWasLh4Lfg90TkCjwb8ZKSwGMNiZy14DKXf
hFHqU0NMD6kLflYL3Jo3lvMSFhYAsB4rQPakPX4Lk5jcO9hwdF2dVcKqJ4c4+VUI
fNYRMl1PVxCz9zi2h0jYYZ+xiwV+JP6Vsg+ExqZIUCiBRLtE7Fu85wG+wpywyz9Y
JSCVL5vz3A171rGHZfoOh/oTfAEeTC4fDtzRC1fOXdTJ60fG/jZnYbSoCciZzlEg
ltcXZrQ+V3D/4FrUqNp0O8lZefoYyQW0RSRXTAdAoNENR7xCvd2BFtj4YQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPQQO1AzomvJxSu4HrADX0SSPJ9iMB8GA1UdIwQY
MBaAFNPA1bEGuBqSkk6ivFE5+7XuEYbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYt
YmM1MTA0YTM4NWUyLzEvOUJBN1VET2lhOG5GSzdnZXNBTmZSSkk4bjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xOWY0ZDQtNWMxZS00MjFmLTlmNTYtYmM1MTA0YTM4NWUy
LzEvMDhEVnNRYTRHcEtTVHFLOFVUbjd0ZTRSaHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW9xuAwQC
ud3oMBYEAgACMBADBwAgAQZ8KqwDBQMqDHAAMA0GCSqGSIb3DQEBCwUAA4IBAQBE
yI/b8a0UryqpljCMOHYeu1bP6D1oH5TAO8q7l6V8HxgVdRqxGIhfc+qNbo9NAqo6
aEX2sij2mU9aEZE1qXuILG5oxR27jo/bJtvXcyFeoSZQocRsJeb+QTQpTJY4sFwk
3MZqEiIR7pJyah7ukkSLueBuDUpJx8VS1MnJUfMVoY6rwxUdWyjjrZzcB45OYwSs
7iHaznGC5KMe0uLj3TMl1/KddF2kiv8kpTU/F918KpIGN6SpV5y0dSCXR9jCbDSR
kovvxxVgDpzadk29KrCcWua4qRAPm0NkyqbPCx+1lsglF/rMa/D9WWyWV2wHWmoA
vOTz3CpveFxGPLMO7GyE
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:33:25 2025 by rpki-client