Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/Kn7IdnJqodb8Rc8NeEQeCN4hPzM.roa
File: Kn7IdnJqodb8Rc8NeEQeCN4hPzM.roa (raw, json)
Hash identifier: urR6YuVc3QUJIx0ybZOHv3/W5NbahK6U276JYeYVviA=
Subject key identifier: 2A:7E:C8:76:72:6A:A1:D6:FC:45:CF:0D:78:44:1E:08:DE:21:3F:33
Certificate issuer: /CN=e12cfc7da8fa74a16dd38c17c20a0192cbb2d3fe
Certificate serial: 018CC2DB4455A3571D9A4E4CF6C8B33E34E1
Authority key identifier: E1:2C:FC:7D:A8:FA:74:A1:6D:D3:8C:17:C2:0A:01:92:CB:B2:D3:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Sz8faj6dKFt04wXwgoBksuy0_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/Kn7IdnJqodb8Rc8NeEQeCN4hPzM.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56750
IP address blocks: 91.227.90.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:44:55:a3:57:1d:9a:4e:4c:f6:c8:b3:3e:34:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e12cfc7da8fa74a16dd38c17c20a0192cbb2d3fe
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a7ec876726aa1d6fc45cf0d78441e08de213f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:22:7a:27:53:ab:05:45:4e:f5:fe:10:f7:
c1:46:59:f3:c1:c1:46:e8:06:a3:55:53:82:c1:27:
4f:21:d9:71:d4:c1:f5:23:b9:33:fd:d5:76:32:ac:
21:1c:f9:3e:c3:5b:50:f6:94:af:12:fa:3f:63:0b:
af:85:9e:1b:f9:29:5b:2d:85:40:a3:19:49:2b:97:
4d:e9:41:be:99:e1:28:53:b2:ed:4b:76:15:b6:7c:
03:38:56:19:61:cd:9b:06:7d:d2:e2:0d:b2:93:97:
96:dd:b7:c7:e1:68:a1:7d:0e:e9:24:db:87:61:09:
4c:6d:02:b8:eb:c6:78:4a:cc:3d:62:bc:98:92:d8:
3e:e3:65:b5:5e:1c:46:20:6a:5f:61:84:d7:cf:b7:
e0:a5:62:48:04:2e:da:df:36:71:e1:77:ee:5b:e1:
6b:b4:9a:80:a4:61:d3:c9:c0:dd:d9:fe:59:51:b9:
74:e6:16:e7:50:d8:6f:3b:61:24:af:f0:95:2a:4b:
d9:e1:bf:b8:44:cd:07:61:1e:d0:8a:14:81:14:8c:
40:a8:27:a5:ae:3d:b7:1d:ac:1b:e1:a8:ba:95:9a:
1d:50:9e:66:6b:70:fb:15:09:e3:c1:d9:29:63:58:
02:3f:ef:62:50:5b:8a:dc:09:79:8b:f0:f2:0d:75:
6e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7E:C8:76:72:6A:A1:D6:FC:45:CF:0D:78:44:1E:08:DE:21:3F:33
X509v3 Authority Key Identifier:
keyid:E1:2C:FC:7D:A8:FA:74:A1:6D:D3:8C:17:C2:0A:01:92:CB:B2:D3:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Sz8faj6dKFt04wXwgoBksuy0_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/Kn7IdnJqodb8Rc8NeEQeCN4hPzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/4Sz8faj6dKFt04wXwgoBksuy0_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.90.0/24
Signature Algorithm: sha256WithRSAEncryption
09:5e:3f:9e:68:8f:84:d0:00:d0:1d:96:8b:a2:9d:82:ae:6e:
0f:f7:03:f7:25:de:88:3d:a9:25:de:96:54:ea:9e:1c:75:0c:
59:37:2b:ef:37:38:d4:5a:9c:77:3a:12:ea:06:f9:3f:6b:47:
95:03:38:f0:c7:84:a2:8d:c9:83:f4:78:66:2d:79:57:9f:7e:
0c:8c:1d:be:59:99:e4:50:ab:6a:ef:de:86:d8:34:a3:95:a7:
24:ac:b2:f0:00:10:df:92:7a:cb:5f:ee:f7:65:9f:33:cf:3e:
c5:1a:e2:c8:c4:18:a2:45:69:31:32:e3:7c:23:24:9f:af:aa:
d4:6d:9d:44:ba:43:91:81:1c:1f:39:8c:fd:e5:6f:10:2b:77:
a8:f8:94:b2:85:33:b8:a7:1a:4e:fa:d1:3b:f3:97:31:ba:8d:
18:81:37:9b:6d:d2:e7:6b:a1:5d:85:28:56:06:30:61:80:ec:
51:42:57:6b:9a:15:c1:8b:32:72:9a:5e:e8:a9:59:ae:c3:8b:
d1:fb:09:ab:3d:15:fc:fe:3d:b2:98:b3:30:d1:dd:50:04:c9:
14:d0:dd:66:4e:6e:5b:58:f1:84:bc:6a:7a:d4:47:bd:51:81:
17:97:93:77:b8:bd:e0:89:c5:a8:c2:4a:1b:ea:7d:e3:11:06:
02:78:30:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20RVo1cdmk5M9sizPjThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmNmYzdkYThmYTc0YTE2ZGQzOGMxN2MyMGEwMTkyY2Ji
MmQzZmUwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdlYzg3NjcyNmFhMWQ2ZmM0NWNmMGQ3ODQ0MWUwOGRlMjEzZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPgieidTqwVFTvX+EPfBRlnzwcFG
6AajVVOCwSdPIdlx1MH1I7kz/dV2MqwhHPk+w1tQ9pSvEvo/YwuvhZ4b+SlbLYVA
oxlJK5dN6UG+meEoU7LtS3YVtnwDOFYZYc2bBn3S4g2yk5eW3bfH4WihfQ7pJNuH
YQlMbQK468Z4Ssw9YryYktg+42W1XhxGIGpfYYTXz7fgpWJIBC7a3zZx4XfuW+Fr
tJqApGHTycDd2f5ZUbl05hbnUNhvO2Ekr/CVKkvZ4b+4RM0HYR7QihSBFIxAqCel
rj23Hawb4ai6lZodUJ5ma3D7FQnjwdkpY1gCP+9iUFuK3Al5i/DyDXVucwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp+yHZyaqHW/EXPDXhEHgjeIT8zMB8GA1UdIwQY
MBaAFOEs/H2o+nShbdOMF8IKAZLLstP+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFN6OGZhajZkS0Z0MDR3WHdnb0Jrc3V5MF80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hNmFlZmYtOWI5YS00YzE4LTk0NzQt
MjI3MmI0ZGJhYTYyLzEvS243SWRuSnFvZGI4UmM4TmVFUWVDTjRoUHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hNmFlZmYtOWI5YS00YzE4LTk0NzQtMjI3MmI0ZGJhYTYy
LzEvNFN6OGZhajZkS0Z0MDR3WHdnb0Jrc3V5MF80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+NaMA0G
CSqGSIb3DQEBCwUAA4IBAQAJXj+eaI+E0ADQHZaLop2Crm4P9wP3Jd6IPakl3pZU
6p4cdQxZNyvvNzjUWpx3OhLqBvk/a0eVAzjwx4SijcmD9HhmLXlXn34MjB2+WZnk
UKtq796G2DSjlackrLLwABDfknrLX+73ZZ8zzz7FGuLIxBiiRWkxMuN8IySfr6rU
bZ1EukORgRwfOYz95W8QK3eo+JSyhTO4pxpO+tE785cxuo0YgTebbdLna6FdhShW
BjBhgOxRQldrmhXBizJyml7oqVmuw4vR+wmrPRX8/j2ymLMw0d1QBMkU0N1mTm5b
WPGEvGp61Ee9UYEXl5N3uL3gicWowkob6n3jEQYCeDCz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:32 2025 by rpki-client