Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKYboFBBPAo9ierluHc-akyTEMs.roa
File: CKYboFBBPAo9ierluHc-akyTEMs.roa (raw, json)
Hash identifier: vMC1LDhJMNqKf0vREMUSGXXQxenI4FP4kcFzj5umIZc=
Subject key identifier: 08:A6:1B:A0:50:41:3C:0A:3D:89:EA:E5:B8:77:3E:6A:4C:93:10:CB
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0193ABAD6E16C4E5EBE5CB8BDA18B3FB2EED
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKYboFBBPAo9ierluHc-akyTEMs.roa
Signing time: Mon 09 Dec 2024 13:48:09 +0000
ROA not before: Mon 09 Dec 2024 13:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
91.103.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:ad:6e:16:c4:e5:eb:e5:cb:8b:da:18:b3:fb:2e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 9 13:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08a61ba050413c0a3d89eae5b8773e6a4c9310cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:65:d2:ea:13:4b:74:87:47:d6:e2:dc:5f:
70:f2:6d:ac:76:d5:c6:eb:96:f4:3a:ff:ed:3e:c0:
09:d4:b4:2b:43:c2:1d:3f:c3:92:1c:a8:c5:6a:eb:
3e:b6:0f:7a:cc:5b:7f:eb:dd:68:9a:50:e5:0f:56:
a7:bc:dd:17:5d:3e:1a:bc:24:41:3f:f7:c4:c3:2b:
ce:64:d5:10:e4:e0:b3:20:68:30:f6:b8:3b:e3:6b:
e0:0a:96:79:fd:27:b5:63:ae:cd:5d:1d:e8:99:9d:
b0:3e:25:4e:fc:8c:05:59:c7:65:2b:a5:23:4f:93:
18:7b:cd:4e:b6:6c:2f:d9:cd:01:3a:68:0b:61:ed:
94:40:ec:75:dd:1c:4c:47:da:09:0a:78:a2:8e:26:
4d:65:3e:ea:b1:2c:25:ee:b4:8e:9d:6e:eb:dc:6d:
73:91:d2:ae:4c:31:9a:e7:5f:40:49:4c:ce:f2:76:
0d:98:1a:4a:62:fc:ef:43:bf:99:a8:7a:d2:51:7e:
36:47:1c:e8:8d:eb:0b:47:b3:3b:1d:41:99:68:a8:
3f:51:cb:97:4c:15:89:8b:11:31:00:81:83:11:7a:
e1:34:7f:f7:46:ac:3b:d0:02:1b:11:2f:b2:dc:ec:
96:4b:16:95:e8:de:aa:55:79:fd:1d:c7:fa:18:31:
03:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A6:1B:A0:50:41:3C:0A:3D:89:EA:E5:B8:77:3E:6A:4C:93:10:CB
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/CKYboFBBPAo9ierluHc-akyTEMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
Signature Algorithm: sha256WithRSAEncryption
18:cf:7d:cd:fc:d6:0f:82:e7:2c:06:32:c9:6a:01:72:19:e4:
2a:4b:db:37:24:7d:a0:f5:8f:f8:62:8b:0c:25:53:23:2f:39:
1a:15:65:50:42:30:e9:c2:b6:02:56:ba:2b:a4:14:12:c6:df:
4b:90:23:0e:56:1d:f7:2e:1f:e0:26:d3:42:b1:3e:41:aa:a4:
b3:aa:d7:1e:ad:b5:68:f5:e4:5b:b5:99:4a:89:92:3b:a9:77:
7a:8f:a1:6a:b0:91:0f:45:60:17:27:c6:61:74:c8:03:9f:7c:
dc:87:aa:67:5c:e1:65:09:07:ef:c0:7e:4a:a6:1f:84:22:01:
65:51:64:f2:86:ef:42:8b:6e:ac:d6:df:54:eb:8f:11:4c:89:
57:68:2c:08:de:5a:71:1f:9e:97:41:5c:7e:ed:2c:e4:88:00:
99:b2:8e:df:97:42:04:6d:f5:a1:36:ab:39:b3:32:be:de:68:
da:e5:cd:53:e9:79:3e:7e:ca:32:69:c2:de:ad:1e:37:9f:16:
7a:50:a9:ef:fd:91:d9:21:41:ad:fc:b5:ad:2e:48:3e:37:40:
e3:62:b4:2a:93:f2:ff:7d:07:88:7e:b0:bb:35:fb:7c:d1:e2:
bf:42:99:9c:45:4a:dd:89:03:a0:44:92:bf:d9:f4:ad:5e:f4:
c0:4e:ba:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOrrW4WxOXr5cuL2hiz+y7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQxMjA5MTM0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE2MWJhMDUwNDEzYzBhM2Q4OWVhZTViODc3M2U2YTRjOTMxMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1Bl0uoTS3SHR9bi3F9w8m2sdtXG
65b0Ov/tPsAJ1LQrQ8IdP8OSHKjFaus+tg96zFt/691omlDlD1anvN0XXT4avCRB
P/fEwyvOZNUQ5OCzIGgw9rg742vgCpZ5/Se1Y67NXR3omZ2wPiVO/IwFWcdlK6Uj
T5MYe81Otmwv2c0BOmgLYe2UQOx13RxMR9oJCniijiZNZT7qsSwl7rSOnW7r3G1z
kdKuTDGa519ASUzO8nYNmBpKYvzvQ7+ZqHrSUX42RxzojesLR7M7HUGZaKg/UcuX
TBWJixExAIGDEXrhNH/3Rqw70AIbES+y3OyWSxaV6N6qVXn9Hcf6GDEDOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAimG6BQQTwKPYnq5bh3PmpMkxDLMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvQ0tZYm9GQkJQQW85aWVybHVIYy1ha3lURU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2d4MA0G
CSqGSIb3DQEBCwUAA4IBAQAYz33N/NYPgucsBjLJagFyGeQqS9s3JH2g9Y/4YosM
JVMjLzkaFWVQQjDpwrYCVrorpBQSxt9LkCMOVh33Lh/gJtNCsT5BqqSzqtcerbVo
9eRbtZlKiZI7qXd6j6FqsJEPRWAXJ8ZhdMgDn3zch6pnXOFlCQfvwH5Kph+EIgFl
UWTyhu9Ci26s1t9U648RTIlXaCwI3lpxH56XQVx+7SzkiACZso7fl0IEbfWhNqs5
szK+3mja5c1T6Xk+fsoyacLerR43nxZ6UKnv/ZHZIUGt/LWtLkg+N0DjYrQqk/L/
fQeIfrC7Nft80eK/QpmcRUrdiQOgRJK/2fStXvTATrrW
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:13:46 2025 by rpki-client