Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/kMmbP9ziTKBaVksFwSKRZ65gekE.roa
File: kMmbP9ziTKBaVksFwSKRZ65gekE.roa (raw, json)
Hash identifier: u28ZZ3fGXUnXnG71BqFCkMWX+5Kz9RrAkTOxnxYLcdA=
Subject key identifier: 90:C9:9B:3F:DC:E2:4C:A0:5A:56:4B:05:C1:22:91:67:AE:60:7A:41
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018DEA120F50112D44DAE46E28C4183BEA97
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/kMmbP9ziTKBaVksFwSKRZ65gekE.roa
Signing time: Tue 27 Feb 2024 10:17:48 +0000
ROA not before: Tue 27 Feb 2024 10:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197968
IP address blocks: 91.147.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:12:0f:50:11:2d:44:da:e4:6e:28:c4:18:3b:ea:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Feb 27 10:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90c99b3fdce24ca05a564b05c1229167ae607a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:1b:1b:db:ee:d7:21:50:46:d0:5d:1e:15:
28:4f:7b:5b:8f:f1:39:bf:82:97:ae:a6:00:c6:d4:
be:00:e8:bc:12:f8:fa:10:70:5b:cb:70:96:d9:3a:
b4:df:d7:38:6e:e2:01:b1:4a:98:95:f9:b5:a2:2d:
2a:70:f1:59:a3:41:a1:65:a5:f7:ce:65:ff:62:4a:
78:d9:24:50:3f:04:f2:91:08:ff:ba:08:41:4f:c5:
e5:12:08:65:92:10:e0:bb:34:55:97:4b:c6:9a:50:
d7:5b:5f:e7:cc:2e:1e:92:56:05:74:0a:18:f7:05:
ef:dd:e8:89:19:7f:f8:4d:e9:66:c5:a4:13:14:41:
a9:37:1a:ec:d5:4f:e6:78:30:17:f8:b1:86:d7:62:
0c:e2:e8:7e:2b:32:f1:94:be:56:71:99:38:3b:5a:
2f:20:18:7f:c5:5f:6a:f6:4b:49:2e:31:28:a6:57:
95:e1:56:af:78:32:24:03:50:82:e0:5b:f6:95:fc:
45:32:1a:71:a1:76:96:a1:1f:4b:0f:27:2f:1f:09:
70:66:41:54:c9:aa:85:a0:a1:62:ed:32:df:1e:58:
bd:84:f2:78:c7:b4:cc:09:ac:bc:e2:c1:3b:f4:db:
ea:12:d8:77:92:c7:ca:17:4b:83:96:64:09:04:76:
2f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C9:9B:3F:DC:E2:4C:A0:5A:56:4B:05:C1:22:91:67:AE:60:7A:41
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/kMmbP9ziTKBaVksFwSKRZ65gekE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.108.0/24
Signature Algorithm: sha256WithRSAEncryption
28:db:91:bb:69:02:f1:9a:7d:45:97:fe:73:f0:03:f5:1e:59:
69:bf:0b:b5:b5:c2:78:2e:6b:e3:67:25:be:4a:3d:ff:f4:a7:
36:98:44:17:00:2b:48:1c:e0:fe:be:2a:eb:3e:b6:a9:dd:33:
6d:5d:99:cd:db:c0:14:32:3a:98:e9:dd:67:11:54:f4:11:a0:
01:79:cd:41:27:e6:c2:56:f0:eb:38:de:9f:77:99:0c:89:c2:
8b:f7:94:b0:be:74:87:6e:43:29:5b:82:bc:ca:98:41:10:41:
ae:b0:16:b8:4d:1f:48:36:b4:d7:ac:06:9b:f3:26:9f:ab:3c:
e5:e6:82:2f:14:bd:d8:6b:f9:cb:e3:47:5c:11:1a:fa:ee:ce:
a8:32:72:75:70:80:c5:79:a8:b8:3c:8e:fb:df:d6:dc:ff:28:
51:17:a2:84:ff:13:cf:93:37:e8:da:bd:fe:e0:ed:c2:f6:ff:
96:2a:02:e6:f5:e6:04:11:ae:bc:29:6e:aa:3b:f3:d9:24:5e:
dd:af:64:1d:e3:76:89:a6:ea:79:55:22:8e:dc:f0:2b:da:54:
f9:25:6d:c3:4e:79:8a:0a:cf:b9:b4:9f:04:b2:4e:03:9d:37:
6f:49:e3:62:e4:58:ae:ef:ed:a2:d3:24:d9:68:0e:64:1a:22:
87:1f:fd:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3qEg9QES1E2uRuKMQYO+qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMjI3MTAxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM5OWIzZmRjZTI0Y2EwNWE1NjRiMDVjMTIyOTE2N2FlNjA3YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznIbG9vu1yFQRtBdHhUoT3tbj/E5
v4KXrqYAxtS+AOi8Evj6EHBby3CW2Tq039c4buIBsUqYlfm1oi0qcPFZo0GhZaX3
zmX/Ykp42SRQPwTykQj/ughBT8XlEghlkhDguzRVl0vGmlDXW1/nzC4eklYFdAoY
9wXv3eiJGX/4TelmxaQTFEGpNxrs1U/meDAX+LGG12IM4uh+KzLxlL5WcZk4O1ov
IBh/xV9q9ktJLjEopleV4VaveDIkA1CC4Fv2lfxFMhpxoXaWoR9LDycvHwlwZkFU
yaqFoKFi7TLfHli9hPJ4x7TMCay84sE79NvqEth3ksfKF0uDlmQJBHYvuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDJmz/c4kygWlZLBcEikWeuYHpBMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEva01tYlA5emlUS0JhVmtzRndTS1JaNjVnZWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5NsMA0G
CSqGSIb3DQEBCwUAA4IBAQAo25G7aQLxmn1Fl/5z8AP1Hllpvwu1tcJ4LmvjZyW+
Sj3/9Kc2mEQXACtIHOD+virrPrap3TNtXZnN28AUMjqY6d1nEVT0EaABec1BJ+bC
VvDrON6fd5kMicKL95SwvnSHbkMpW4K8yphBEEGusBa4TR9INrTXrAab8yafqzzl
5oIvFL3Ya/nL40dcERr67s6oMnJ1cIDFeai4PI7739bc/yhRF6KE/xPPkzfo2r3+
4O3C9v+WKgLm9eYEEa68KW6qO/PZJF7dr2Qd43aJpup5VSKO3PAr2lT5JW3DTnmK
Cs+5tJ8Esk4DnTdvSeNi5Fiu7+2i0yTZaA5kGiKHH/04
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:07 2025 by rpki-client