Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/r5PPw6Go6AlPrfXY4XbL36u6_dA.roa
File: r5PPw6Go6AlPrfXY4XbL36u6_dA.roa (raw, json)
Hash identifier: RT1AeqT02AOlzUCgZ/9BNvJ6lSdhF304JrZpmQOAtpU=
Subject key identifier: AF:93:CF:C3:A1:A8:E8:09:4F:AD:F5:D8:E1:76:CB:DF:AB:BA:FD:D0
Certificate issuer: /CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Certificate serial: 019372D87C7F39D2F1F0A015B94C73E6FE2A
Authority key identifier: 99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/r5PPw6Go6AlPrfXY4XbL36u6_dA.roa
Signing time: Thu 28 Nov 2024 12:56:50 +0000
ROA not before: Thu 28 Nov 2024 12:56:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15372
IP address blocks: 91.90.167.0/24 maxlen: 24
193.36.120.0/22 maxlen: 22
193.176.146.0/24 maxlen: 24
195.248.83.0/24 maxlen: 24
212.111.224.0/19 maxlen: 24
2a01:7700::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:d8:7c:7f:39:d2:f1:f0:a0:15:b9:4c:73:e6:fe:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9984b9eb122237111c1f8ca57707ec7307291ee8
Validity
Not Before: Nov 28 12:56:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af93cfc3a1a8e8094fadf5d8e176cbdfabbafdd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:1b:82:91:cc:80:be:cf:65:cf:12:11:76:
b5:f0:6b:2f:ac:37:7d:23:ac:fa:27:d0:c5:63:c7:
9e:1f:7c:02:e6:21:a6:0b:05:70:64:d0:dc:81:5a:
32:8d:a9:24:5f:77:3a:f3:a7:d7:2b:45:8d:81:68:
2d:0c:49:db:62:f8:a4:c3:7e:0d:c4:2c:82:71:48:
b4:e4:0f:d9:0c:2d:6c:b6:67:dd:a2:ca:5a:6a:bb:
56:12:a8:a5:28:a8:9a:68:a1:e9:9f:5e:ec:e2:bb:
fd:cc:f5:b0:65:3c:1e:00:11:20:6f:2a:ef:d4:87:
d1:81:bc:a9:66:af:68:d7:ef:b0:c9:63:7a:2f:4f:
5a:d2:9f:42:42:dc:3b:a0:87:83:a9:7a:a1:b3:55:
5f:47:2d:05:89:be:89:d6:17:8a:87:36:ca:e5:09:
16:dc:ef:e0:a2:19:4f:8f:80:89:06:03:a1:7a:61:
80:e6:ba:61:9a:7f:a8:08:10:22:ad:09:7a:e2:b1:
c0:4c:dd:85:76:88:c0:99:e8:57:79:35:1b:dc:84:
f9:a0:39:01:37:aa:26:ea:4b:40:61:66:03:54:d4:
1e:57:a7:6d:6d:f0:e8:9a:2e:47:dd:b3:9d:3e:0a:
da:f7:23:6e:62:32:ab:c6:68:3d:f1:c8:d3:e7:5b:
f5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:93:CF:C3:A1:A8:E8:09:4F:AD:F5:D8:E1:76:CB:DF:AB:BA:FD:D0
X509v3 Authority Key Identifier:
keyid:99:84:B9:EB:12:22:37:11:1C:1F:8C:A5:77:07:EC:73:07:29:1E:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mYS56xIiNxEcH4yldwfscwcpHug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/r5PPw6Go6AlPrfXY4XbL36u6_dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b9c1d7-2aed-4696-80a7-d5abf5031d21/1/mYS56xIiNxEcH4yldwfscwcpHug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.167.0/24
193.36.120.0/22
193.176.146.0/24
195.248.83.0/24
212.111.224.0/19
IPv6:
2a01:7700::/32
Signature Algorithm: sha256WithRSAEncryption
ca:ae:cf:8c:3c:8c:4a:50:c4:fb:71:68:64:e7:d0:d9:81:96:
2f:45:aa:d3:06:d9:12:83:de:db:25:70:ae:9d:40:91:6a:36:
a1:e2:48:3f:46:48:cb:69:bc:d3:4f:ed:60:52:46:a0:2d:d0:
17:cb:43:48:58:19:27:a7:9a:7b:ea:8e:c8:46:4a:55:66:f3:
d0:41:34:7a:82:78:85:69:1f:45:98:0e:0b:33:6e:de:63:da:
08:f2:af:d2:0e:ab:e6:03:36:26:0e:67:69:9c:44:a8:bb:f5:
95:40:d3:44:8b:e2:86:be:66:4a:ef:4e:db:bf:20:6e:fd:6d:
71:2f:ac:27:06:ff:5c:5d:9d:23:8a:b0:8a:a7:71:2a:d4:6d:
2e:24:17:e3:0c:88:9d:86:79:40:90:fa:e1:4e:a8:c2:f6:dd:
df:44:16:15:8f:8d:9d:8e:9d:b6:01:d8:50:48:e6:dc:9e:20:
f0:aa:f8:1c:3d:b3:31:cc:dd:59:f2:0d:f9:74:5c:74:47:bd:
4f:52:26:6b:80:94:92:49:18:8f:5e:c7:57:b3:de:d2:7f:e8:
67:fd:51:21:e8:7f:11:99:0b:46:f9:e3:22:c3:f2:d1:21:34:
ec:ca:60:4b:30:ab:23:3b:73:1b:43:26:bd:b7:16:ba:d8:34:
42:89:37:7d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNy2Hx/OdLx8KAVuUxz5v4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ODRiOWViMTIyMjM3MTExYzFmOGNhNTc3MDdlYzczMDcy
OTFlZTgwHhcNMjQxMTI4MTI1NjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjkzY2ZjM2ExYThlODA5NGZhZGY1ZDhlMTc2Y2JkZmFiYmFmZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGgbgpHMgL7PZc8SEXa18GsvrDd9
I6z6J9DFY8eeH3wC5iGmCwVwZNDcgVoyjakkX3c686fXK0WNgWgtDEnbYvikw34N
xCyCcUi05A/ZDC1stmfdospaartWEqilKKiaaKHpn17s4rv9zPWwZTweABEgbyrv
1IfRgbypZq9o1++wyWN6L09a0p9CQtw7oIeDqXqhs1VfRy0Fib6J1heKhzbK5QkW
3O/gohlPj4CJBgOhemGA5rphmn+oCBAirQl64rHATN2FdojAmehXeTUb3IT5oDkB
N6om6ktAYWYDVNQeV6dtbfDomi5H3bOdPgra9yNuYjKrxmg98cjT51v1QQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK+Tz8OhqOgJT6312OF2y9+ruv3QMB8GA1UdIwQY
MBaAFJmEuesSIjcRHB+MpXcH7HMHKR7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTct
ZDVhYmY1MDMxZDIxLzEvcjVQUHc2R282QWxQcmZYWTRYYkwzNnU2X2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iOWMxZDctMmFlZC00Njk2LTgwYTctZDVhYmY1MDMxZDIx
LzEvbVlTNTZ4SWlOeEVjSDR5bGR3ZnNjd2NwSHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW1qnAwQC
wSR4AwQAwbCSAwQAw/hTAwQF1G/gMA0EAgACMAcDBQAqAXcAMA0GCSqGSIb3DQEB
CwUAA4IBAQDKrs+MPIxKUMT7cWhk59DZgZYvRarTBtkSg97bJXCunUCRajah4kg/
RkjLabzTT+1gUkagLdAXy0NIWBknp5p76o7IRkpVZvPQQTR6gniFaR9FmA4LM27e
Y9oI8q/SDqvmAzYmDmdpnESou/WVQNNEi+KGvmZK707bvyBu/W1xL6wnBv9cXZ0j
irCKp3Eq1G0uJBfjDIidhnlAkPrhTqjC9t3fRBYVj42djp22AdhQSObcniDwqvgc
PbMxzN1Z8g35dFx0R71PUiZrgJSSSRiPXsdXs97Sf+hn/VEh6H8RmQtG+eMiw/LR
ITTsymBLMKsjO3MbQya9txa62DRCiTd9
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:08:48 2025 by rpki-client