Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bm7xWsmbMHrV8E8DHHIs9_gNVX0.roa
File: bm7xWsmbMHrV8E8DHHIs9_gNVX0.roa (raw, json)
Hash identifier: W6FLYPHnkuW9psJuwaR0SzavnhAuhWSqA6vZXth7EMQ=
Subject key identifier: 6E:6E:F1:5A:C9:9B:30:7A:D5:F0:4F:03:1C:72:2C:F7:F8:0D:55:7D
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0193A8AEB709AC17821781C5529036309B7D
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bm7xWsmbMHrV8E8DHHIs9_gNVX0.roa
Signing time: Sun 08 Dec 2024 23:50:42 +0000
ROA not before: Sun 08 Dec 2024 23:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29390
IP address blocks: 91.198.133.0/24 maxlen: 24
94.131.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a8:ae:b7:09:ac:17:82:17:81:c5:52:90:36:30:9b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 8 23:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e6ef15ac99b307ad5f04f031c722cf7f80d557d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8a:fb:7b:91:af:0c:04:2b:83:44:49:79:0e:
c3:48:b6:4c:f4:a0:69:e2:17:e8:ae:5a:cc:50:2a:
4b:d2:dd:9a:6d:08:85:f2:96:dc:1e:fc:05:fb:be:
fe:cf:16:06:57:e9:ce:12:7a:89:9a:0a:ec:1f:0f:
9a:fc:f3:41:27:03:83:f9:da:ce:17:de:c0:7d:29:
0a:49:24:3a:ad:b7:5c:d8:0c:6c:c6:fd:a6:9d:1e:
9f:c4:6b:fc:6f:2f:ec:57:13:e9:54:34:d1:af:d4:
d4:5a:bc:19:58:ae:f0:43:ed:09:54:64:f6:87:46:
bc:2c:e4:fb:29:8a:28:87:45:a4:41:05:53:c7:05:
00:ad:f9:78:09:cb:8b:29:58:da:24:76:33:1f:c4:
e3:cd:8f:36:b8:75:d9:d5:bd:45:b9:99:c8:f0:d5:
27:4c:4a:72:64:29:be:d9:43:56:f1:e8:66:4a:f4:
65:84:55:0e:fd:39:0d:0e:49:1b:a4:54:0a:55:2b:
16:fe:3f:8f:b8:6d:ac:f2:ff:c3:27:bd:93:18:3a:
5e:f9:bc:59:a6:93:8e:21:64:d4:ba:43:66:9d:34:
c0:aa:07:84:b0:83:05:64:56:1d:65:81:c2:9c:45:
be:d0:c2:72:b0:f4:a1:68:47:38:1d:ed:89:5d:b2:
65:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6E:F1:5A:C9:9B:30:7A:D5:F0:4F:03:1C:72:2C:F7:F8:0D:55:7D
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bm7xWsmbMHrV8E8DHHIs9_gNVX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.133.0/24
94.131.0.0/23
Signature Algorithm: sha256WithRSAEncryption
75:45:ff:67:67:c7:f0:8b:23:5c:ff:5b:7e:0a:9c:da:f4:57:
0a:70:80:ed:92:03:51:59:3d:de:da:ac:58:6b:ed:fb:74:f9:
4b:de:d0:aa:b9:5b:75:4e:11:1a:4e:09:2c:a4:6d:27:5b:0f:
07:a7:3e:90:b6:11:b1:8a:50:df:7d:1a:a3:40:cd:64:40:89:
b9:d5:ad:bf:be:98:f1:92:f6:16:17:5a:b8:83:55:b6:0b:82:
9e:64:47:72:00:26:6f:40:2f:61:8e:98:ea:a3:12:24:a8:b8:
17:28:ba:f4:21:33:84:24:53:3e:42:e1:2c:f1:b6:d4:8e:8e:
5b:cc:83:46:34:70:81:19:16:60:f0:45:a1:de:b4:0f:28:d1:
e9:de:cb:8f:fa:0b:26:d5:ad:7e:4d:81:3a:a8:9d:36:94:46:
0a:97:54:52:4f:7a:61:f0:52:26:a8:f7:96:e1:16:a3:c9:41:
24:3e:cb:3d:64:88:fc:e5:19:57:6a:f8:87:dd:89:a8:61:45:
9a:96:e5:47:3d:63:98:01:dc:76:1a:d2:3c:a4:50:60:14:ed:
17:72:38:85:89:cf:ce:01:0d:fb:99:0f:6c:ac:77:5a:9c:0e:
b4:bd:af:eb:3b:a3:a6:bd:4d:d8:b1:b4:f0:7c:cf:00:06:00:
a5:9c:c3:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOorrcJrBeCF4HFUpA2MJt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMjA4MjM1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZlZjE1YWM5OWIzMDdhZDVmMDRmMDMxYzcyMmNmN2Y4MGQ1NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmor7e5GvDAQrg0RJeQ7DSLZM9KBp
4hforlrMUCpL0t2abQiF8pbcHvwF+77+zxYGV+nOEnqJmgrsHw+a/PNBJwOD+drO
F97AfSkKSSQ6rbdc2Axsxv2mnR6fxGv8by/sVxPpVDTRr9TUWrwZWK7wQ+0JVGT2
h0a8LOT7KYooh0WkQQVTxwUArfl4CcuLKVjaJHYzH8TjzY82uHXZ1b1FuZnI8NUn
TEpyZCm+2UNW8ehmSvRlhFUO/TkNDkkbpFQKVSsW/j+PuG2s8v/DJ72TGDpe+bxZ
ppOOIWTUukNmnTTAqgeEsIMFZFYdZYHCnEW+0MJysPShaEc4He2JXbJlxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5u8VrJmzB61fBPAxxyLPf4DVV9MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYm03eFdzbWJNSHJWOEU4REhISXM5X2dOVlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8aFAwQB
XoMAMA0GCSqGSIb3DQEBCwUAA4IBAQB1Rf9nZ8fwiyNc/1t+Cpza9FcKcIDtkgNR
WT3e2qxYa+37dPlL3tCquVt1ThEaTgkspG0nWw8Hpz6QthGxilDffRqjQM1kQIm5
1a2/vpjxkvYWF1q4g1W2C4KeZEdyACZvQC9hjpjqoxIkqLgXKLr0ITOEJFM+QuEs
8bbUjo5bzINGNHCBGRZg8EWh3rQPKNHp3suP+gsm1a1+TYE6qJ02lEYKl1RST3ph
8FImqPeW4RajyUEkPss9ZIj85RlXaviH3YmoYUWaluVHPWOYAdx2GtI8pFBgFO0X
cjiFic/OAQ37mQ9srHdanA60va/rO6OmvU3YsbTwfM8ABgClnMME
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:22:23 2025 by rpki-client