Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/By_i-lxDyACJEp0Nm-7qHvNFiZs.roa
File: By_i-lxDyACJEp0Nm-7qHvNFiZs.roa (raw, json)
Hash identifier: +MgLhaLzGygee1YQJPyAViAyazBkbkST/n244tkIxBk=
Subject key identifier: 07:2F:E2:FA:5C:43:C8:00:89:12:9D:0D:9B:EE:EA:1E:F3:45:89:9B
Certificate issuer: /CN=1a5b7d43bb4c83e7c7d97ce07543a96d74c69fda
Certificate serial: 018CC3491FB7EED3C15361E57C030BEC6D1A
Authority key identifier: 1A:5B:7D:43:BB:4C:83:E7:C7:D9:7C:E0:75:43:A9:6D:74:C6:9F:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/By_i-lxDyACJEp0Nm-7qHvNFiZs.roa
Signing time: Mon 01 Jan 2024 04:29:58 +0000
ROA not before: Mon 01 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197479
IP address blocks: 91.222.145.0/24 maxlen: 24
91.222.144.0/22 maxlen: 22
91.222.144.0/24 maxlen: 24
91.222.146.0/24 maxlen: 24
91.222.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1f:b7:ee:d3:c1:53:61:e5:7c:03:0b:ec:6d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5b7d43bb4c83e7c7d97ce07543a96d74c69fda
Validity
Not Before: Jan 1 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=072fe2fa5c43c80089129d0d9beeea1ef345899b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:c0:6e:e3:4b:9c:3a:5d:f1:c6:66:70:e7:
36:b4:6b:26:bc:d6:19:58:a8:79:2a:85:b0:2c:70:
48:73:c0:4d:62:ed:bd:44:fd:54:ce:08:82:17:e3:
fc:0e:c1:34:b3:ff:e5:13:4d:fe:10:00:84:0b:72:
b5:ab:3d:52:64:0c:48:cd:0f:49:c0:0d:75:a7:02:
20:cd:46:da:eb:2b:21:bf:b0:78:36:70:97:05:cd:
f9:94:2a:fa:55:fe:65:a4:ab:8f:35:77:1e:60:9f:
66:4f:58:32:57:a8:fb:10:cd:40:4b:9a:c8:7e:2c:
ae:84:36:6e:dd:06:17:a5:66:f0:a1:4c:67:45:7e:
a2:a2:8e:5f:9d:0d:aa:20:7b:48:c8:2a:c3:89:12:
12:ed:f0:bd:28:df:45:59:8d:44:f5:0e:68:8e:1b:
2f:46:84:c5:bd:0f:b4:12:85:1d:32:58:da:a1:88:
14:4e:43:b4:28:45:92:60:f7:48:14:cb:d8:62:23:
89:fa:07:7a:83:52:7a:54:7f:af:d5:6a:5a:e1:13:
91:5e:5c:97:6b:d0:6d:01:48:de:4f:51:c2:7d:4b:
c9:e3:e3:91:a6:44:a2:0c:a8:5b:ea:e5:60:93:c0:
04:d9:39:36:c7:d2:50:1f:18:10:29:0d:f4:72:2d:
3a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2F:E2:FA:5C:43:C8:00:89:12:9D:0D:9B:EE:EA:1E:F3:45:89:9B
X509v3 Authority Key Identifier:
keyid:1A:5B:7D:43:BB:4C:83:E7:C7:D9:7C:E0:75:43:A9:6D:74:C6:9F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/By_i-lxDyACJEp0Nm-7qHvNFiZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/8ad64a-057f-472a-89b1-5eef024d9a92/1/Glt9Q7tMg-fH2XzgdUOpbXTGn9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.144.0/22
Signature Algorithm: sha256WithRSAEncryption
96:d8:22:80:93:95:18:d7:65:e0:b5:a2:6b:a8:da:e8:57:f9:
26:81:97:cd:30:ea:aa:46:7b:4c:d7:aa:92:5e:cd:a6:79:a5:
da:b5:64:ea:ce:84:7d:06:01:a4:22:70:75:43:68:ee:ba:8c:
eb:2d:45:bd:62:5e:e8:49:8f:91:63:16:82:48:d3:39:e5:be:
e0:72:03:63:b1:30:17:eb:e1:f6:f7:dc:2b:7a:9c:39:6d:1a:
3e:e8:0a:fd:94:bb:53:f9:26:ed:e2:bf:7f:a4:c5:ee:31:a2:
aa:2a:ca:67:f9:91:4d:14:8e:b0:ea:8e:06:01:5f:24:7f:d3:
b1:fc:3c:b2:da:4c:c0:cf:fd:d2:ef:0e:16:a6:11:e6:59:c4:
c3:59:d5:82:7a:fe:37:67:b8:5f:82:15:a4:6e:2f:79:c4:38:
dd:c4:67:4f:01:4d:55:4e:3b:e1:6c:db:21:2e:3c:90:8c:a4:
e7:0e:ac:43:9b:fc:12:44:25:dd:43:5e:e5:22:d4:86:f8:99:
ab:5b:23:69:2d:e1:6b:fe:13:c2:fb:77:d3:ea:1a:59:87:fb:
61:08:df:5e:e5:d5:71:33:0e:d0:a2:99:ac:ba:f2:22:89:ce:
3a:5e:bd:72:ca:d3:93:90:90:08:b6:a2:d3:90:91:06:37:00:
03:7d:18:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSR+37tPBU2HlfAML7G0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWI3ZDQzYmI0YzgzZTdjN2Q5N2NlMDc1NDNhOTZkNzRj
NjlmZGEwHhcNMjQwMTAxMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJmZTJmYTVjNDNjODAwODkxMjlkMGQ5YmVlZWExZWYzNDU4OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrjAbuNLnDpd8cZmcOc2tGsmvNYZ
WKh5KoWwLHBIc8BNYu29RP1UzgiCF+P8DsE0s//lE03+EACEC3K1qz1SZAxIzQ9J
wA11pwIgzUba6yshv7B4NnCXBc35lCr6Vf5lpKuPNXceYJ9mT1gyV6j7EM1AS5rI
fiyuhDZu3QYXpWbwoUxnRX6ioo5fnQ2qIHtIyCrDiRIS7fC9KN9FWY1E9Q5ojhsv
RoTFvQ+0EoUdMljaoYgUTkO0KEWSYPdIFMvYYiOJ+gd6g1J6VH+v1Wpa4RORXlyX
a9BtAUjeT1HCfUvJ4+ORpkSiDKhb6uVgk8AE2Tk2x9JQHxgQKQ30ci06EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcv4vpcQ8gAiRKdDZvu6h7zRYmbMB8GA1UdIwQY
MBaAFBpbfUO7TIPnx9l84HVDqW10xp/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x0OVE3dE1nLWZIMlh6Z2RVT3BiWFRHbjlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC84YWQ2NGEtMDU3Zi00NzJhLTg5YjEt
NWVlZjAyNGQ5YTkyLzEvQnlfaS1seER5QUNKRXAwTm0tN3FIdk5GaVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC84YWQ2NGEtMDU3Zi00NzJhLTg5YjEtNWVlZjAyNGQ5YTky
LzEvR2x0OVE3dE1nLWZIMlh6Z2RVT3BiWFRHbjlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW96QMA0G
CSqGSIb3DQEBCwUAA4IBAQCW2CKAk5UY12XgtaJrqNroV/kmgZfNMOqqRntM16qS
Xs2meaXatWTqzoR9BgGkInB1Q2juuozrLUW9Yl7oSY+RYxaCSNM55b7gcgNjsTAX
6+H299wrepw5bRo+6Ar9lLtT+Sbt4r9/pMXuMaKqKspn+ZFNFI6w6o4GAV8kf9Ox
/Dyy2kzAz/3S7w4WphHmWcTDWdWCev43Z7hfghWkbi95xDjdxGdPAU1VTjvhbNsh
LjyQjKTnDqxDm/wSRCXdQ17lItSG+JmrWyNpLeFr/hPC+3fT6hpZh/thCN9e5dVx
Mw7QopmsuvIiic46Xr1yytOTkJAItqLTkJEGNwADfRhZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:31 2025 by rpki-client