Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/AYSk3ny4N8T4m-iDznkUjvMmGr0.roa
File: AYSk3ny4N8T4m-iDznkUjvMmGr0.roa (raw, json)
Hash identifier: RAQ457JacOvGFOuTeCKeEVDeqO721nGC/CHHvqEMq5E=
Subject key identifier: 01:84:A4:DE:7C:B8:37:C4:F8:9B:E8:83:CE:79:14:8E:F3:26:1A:BD
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F93988CD188AAB4311BA2840B8228
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/AYSk3ny4N8T4m-iDznkUjvMmGr0.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208757
IP address blocks: 91.239.220.0/23 maxlen: 23
193.36.222.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 01 Apr 2025 14:43:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:93:98:8c:d1:88:aa:b4:31:1b:a2:84:0b:82:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0184a4de7cb837c4f89be883ce79148ef3261abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:30:ac:56:18:62:25:ac:2a:e7:13:28:d4:b9:
fa:ca:47:66:ea:02:73:f9:ae:bb:f6:12:e1:9a:6e:
36:c7:2b:7c:5f:ec:d5:fa:9b:25:f4:2c:9a:0c:95:
a5:99:71:02:82:6f:80:55:3c:6f:de:4e:cc:d5:8c:
5a:08:95:57:d1:9a:81:0f:a2:10:1d:e2:8e:57:e5:
28:d0:f5:07:e5:07:a4:be:e3:4a:ae:b3:8e:f8:b5:
c0:f4:67:92:05:d7:03:0c:dd:8a:86:13:59:a8:c4:
91:a8:ef:1d:dc:af:cc:ee:c2:59:bb:46:e7:e8:69:
f8:46:b3:f6:7d:dd:eb:e3:61:9e:36:d8:10:60:38:
5c:8e:81:25:eb:80:8e:2e:dd:aa:95:77:2d:65:a1:
eb:dc:4d:24:26:05:87:82:42:52:54:56:b6:b7:cb:
43:df:b9:fb:de:6e:3e:48:db:f5:58:25:18:d5:27:
74:3b:e3:67:42:5a:96:13:7e:68:ce:8e:f5:cc:c6:
77:85:3d:53:15:64:ac:86:d5:ba:cd:61:f9:a9:a7:
d9:5f:52:d3:d8:83:ee:af:02:73:22:6d:de:94:79:
6e:ad:c2:3c:63:60:d9:4d:92:7d:1a:28:49:05:76:
83:2f:3d:e1:0a:9f:04:06:8d:cb:97:3b:e0:f4:87:
cd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:84:A4:DE:7C:B8:37:C4:F8:9B:E8:83:CE:79:14:8E:F3:26:1A:BD
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/AYSk3ny4N8T4m-iDznkUjvMmGr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.220.0/23
193.36.222.0/23
Signature Algorithm: sha256WithRSAEncryption
78:ec:21:49:59:e7:a1:6f:cf:9b:30:ff:ce:34:77:ac:b7:fe:
a1:8d:c3:6b:f9:cb:99:b9:8f:ae:da:c0:d2:e1:42:d7:63:cf:
8f:45:71:f4:86:7c:79:2d:9a:0e:78:5c:bd:08:0a:7a:cd:d1:
a3:8b:28:90:63:42:57:5b:0d:97:8d:83:60:53:6a:2e:db:7d:
ac:4f:77:bc:d3:7f:97:19:ab:81:2c:8e:77:6e:6e:b9:2b:51:
8c:d9:37:17:85:64:ab:1d:aa:47:13:6d:db:4f:81:fb:dc:c5:
d0:20:26:58:83:36:47:53:c9:8a:6f:df:58:48:6d:7c:cc:02:
99:91:2c:8f:84:8d:9f:cc:f2:ed:3b:0a:cb:d1:b0:07:c6:4a:
19:7c:42:c8:c2:8d:39:e8:62:2a:59:b6:3d:8f:54:fc:fa:58:
4d:90:b2:ab:26:b5:85:af:6c:4b:8d:2f:50:a2:32:3c:23:1b:
57:45:fb:a3:b7:77:4a:71:21:e7:33:cd:28:37:ee:c2:48:ef:
20:57:20:35:07:72:f8:59:2b:ed:6e:b6:60:84:07:57:3f:61:
4f:f9:79:10:1d:cc:7c:1a:38:d4:db:b5:8a:bf:4b:f1:60:2c:
1d:cb:1a:fe:0c:66:bd:66:93:82:b9:d5:a5:fd:29:9b:39:d8:
52:77:15:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj5OYjNGIqrQxG6KEC4IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg0YTRkZTdjYjgzN2M0Zjg5YmU4ODNjZTc5MTQ4ZWYzMjYxYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjCsVhhiJawq5xMo1Ln6ykdm6gJz
+a679hLhmm42xyt8X+zV+psl9CyaDJWlmXECgm+AVTxv3k7M1YxaCJVX0ZqBD6IQ
HeKOV+Uo0PUH5QekvuNKrrOO+LXA9GeSBdcDDN2KhhNZqMSRqO8d3K/M7sJZu0bn
6Gn4RrP2fd3r42GeNtgQYDhcjoEl64COLt2qlXctZaHr3E0kJgWHgkJSVFa2t8tD
37n73m4+SNv1WCUY1Sd0O+NnQlqWE35ozo71zMZ3hT1TFWSshtW6zWH5qafZX1LT
2IPurwJzIm3elHlurcI8Y2DZTZJ9GihJBXaDLz3hCp8EBo3Llzvg9IfNBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGEpN58uDfE+Jvog855FI7zJhq9MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQVlTazNueTROOFQ0bS1pRHpua1Vqdk1tR3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+/cAwQB
wSTeMA0GCSqGSIb3DQEBCwUAA4IBAQB47CFJWeehb8+bMP/ONHest/6hjcNr+cuZ
uY+u2sDS4ULXY8+PRXH0hnx5LZoOeFy9CAp6zdGjiyiQY0JXWw2XjYNgU2ou232s
T3e803+XGauBLI53bm65K1GM2TcXhWSrHapHE23bT4H73MXQICZYgzZHU8mKb99Y
SG18zAKZkSyPhI2fzPLtOwrL0bAHxkoZfELIwo056GIqWbY9j1T8+lhNkLKrJrWF
r2xLjS9QojI8IxtXRfujt3dKcSHnM80oN+7CSO8gVyA1B3L4WSvtbrZghAdXP2FP
+XkQHcx8GjjU27WKv0vxYCwdyxr+DGa9ZpOCudWl/SmbOdhSdxUJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:53 2025 by rpki-client