Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2026d3-9f33-463e-8410-726da4e9386b/1/Sb89q6NnLKUAcPM-gtu5GzGISvo.roa
File: Sb89q6NnLKUAcPM-gtu5GzGISvo.roa (raw, json)
Hash identifier: c/dO2DasTdC0D4iOSqjDGgYYats4eo69H9FOYy9/8oI=
Subject key identifier: 49:BF:3D:AB:A3:67:2C:A5:00:70:F3:3E:82:DB:B9:1B:31:88:4A:FA
Certificate issuer: /CN=f17f6957fc23b8d46b9d3dc8bc7db122859876f0
Certificate serial: 019422FB0FB486862D97EAABCA910E0DB09D
Authority key identifier: F1:7F:69:57:FC:23:B8:D4:6B:9D:3D:C8:BC:7D:B1:22:85:98:76:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8X9pV_wjuNRrnT3IvH2xIoWYdvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2026d3-9f33-463e-8410-726da4e9386b/1/Sb89q6NnLKUAcPM-gtu5GzGISvo.roa
Signing time: Wed 01 Jan 2025 17:47:46 +0000
ROA not before: Wed 01 Jan 2025 17:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12874
IP address blocks: 91.199.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 18:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:0f:b4:86:86:2d:97:ea:ab:ca:91:0e:0d:b0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f17f6957fc23b8d46b9d3dc8bc7db122859876f0
Validity
Not Before: Jan 1 17:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49bf3daba3672ca50070f33e82dbb91b31884afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:da:a3:75:db:e6:54:c5:3d:0d:ff:e3:f0:
82:d3:46:88:80:07:6b:1f:44:35:44:14:bf:59:7c:
09:98:dd:e9:bf:fb:02:f5:17:d9:8e:ce:c6:3d:e8:
c4:c7:b2:bb:54:b9:32:83:39:61:56:b8:90:c0:6f:
af:88:a5:3a:58:c9:a9:d5:ab:5c:ff:48:43:a8:ac:
12:28:34:42:aa:a2:c1:ff:74:79:a1:72:ce:6f:8b:
ea:96:b1:a4:2e:f2:fd:31:01:fa:d6:eb:29:2f:56:
84:f2:f7:67:3d:80:a9:bf:5e:c7:1b:a0:86:ed:80:
ad:88:b9:3d:2d:c3:f2:f4:d2:03:65:bd:f6:46:00:
77:44:a3:e7:bf:b8:5c:d6:5e:38:ed:17:5a:fb:eb:
23:1b:e8:1a:5e:f1:81:24:c6:e1:78:10:95:37:20:
bf:d2:a9:74:19:9f:f0:1e:bb:f5:0f:37:56:3e:63:
b4:12:9d:e4:20:1f:01:bb:07:45:f5:d8:1e:74:95:
0f:bf:ab:ca:5b:95:5f:f4:39:74:75:f0:61:52:63:
b2:84:03:1e:9e:a5:5a:50:59:27:9e:10:b2:24:95:
3d:a0:00:73:ef:5c:8e:a0:ef:08:2d:bc:4e:bd:0b:
30:67:6d:d5:f4:a7:52:51:9e:91:39:c1:a4:a5:26:
ed:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BF:3D:AB:A3:67:2C:A5:00:70:F3:3E:82:DB:B9:1B:31:88:4A:FA
X509v3 Authority Key Identifier:
keyid:F1:7F:69:57:FC:23:B8:D4:6B:9D:3D:C8:BC:7D:B1:22:85:98:76:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8X9pV_wjuNRrnT3IvH2xIoWYdvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2026d3-9f33-463e-8410-726da4e9386b/1/Sb89q6NnLKUAcPM-gtu5GzGISvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2026d3-9f33-463e-8410-726da4e9386b/1/8X9pV_wjuNRrnT3IvH2xIoWYdvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.211.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:e9:ff:ff:6e:a7:16:f4:ab:ad:4b:d1:7e:a7:b9:cc:0e:9d:
36:32:07:d7:0e:20:3e:97:17:e7:b9:3e:4c:8e:c9:52:41:96:
74:92:c5:9d:9c:47:8b:f9:60:2c:48:f4:da:69:56:73:9c:b4:
23:0c:0e:d4:a3:c6:5d:b2:f7:a9:e0:f7:d9:e9:31:0c:54:e2:
ab:99:f2:b6:99:9e:90:1d:f5:f6:ef:41:b0:7b:43:e3:91:62:
39:f6:e9:6a:3d:5f:fb:20:4b:30:e8:06:8d:86:90:c3:37:32:
b7:06:98:61:37:ee:a7:5d:2c:22:7d:d7:ca:23:3c:82:a5:a3:
b2:08:d2:be:81:ba:65:6e:78:28:58:37:3f:f8:cb:06:43:9e:
f3:c3:1e:67:67:03:15:ff:90:dc:b5:9b:42:ba:0c:b3:9f:8c:
2d:c0:f7:1b:01:1e:99:23:29:91:2f:5e:1f:7a:ed:7b:18:a5:
6e:ad:63:75:6b:f7:cb:cc:fe:b3:d3:7c:ba:ba:a9:d5:26:31:
7b:62:eb:d9:a4:b1:93:11:b0:d9:09:3a:2c:5c:ce:ec:2f:df:
73:44:f1:48:80:36:a6:d4:36:13:6a:da:56:6c:a8:4c:23:f7:
6d:53:ad:18:34:56:ad:c9:67:ce:3b:3a:a8:9f:63:ae:c6:1c:
08:3a:51:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+w+0hoYtl+qrypEODbCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxN2Y2OTU3ZmMyM2I4ZDQ2YjlkM2RjOGJjN2RiMTIyODU5
ODc2ZjAwHhcNMjUwMTAxMTc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJmM2RhYmEzNjcyY2E1MDA3MGYzM2U4MmRiYjkxYjMxODg0YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDfao3Xb5lTFPQ3/4/CC00aIgAdr
H0Q1RBS/WXwJmN3pv/sC9RfZjs7GPejEx7K7VLkygzlhVriQwG+viKU6WMmp1atc
/0hDqKwSKDRCqqLB/3R5oXLOb4vqlrGkLvL9MQH61uspL1aE8vdnPYCpv17HG6CG
7YCtiLk9LcPy9NIDZb32RgB3RKPnv7hc1l447Rda++sjG+gaXvGBJMbheBCVNyC/
0ql0GZ/wHrv1DzdWPmO0Ep3kIB8BuwdF9dgedJUPv6vKW5Vf9Dl0dfBhUmOyhAMe
nqVaUFknnhCyJJU9oABz71yOoO8ILbxOvQswZ23V9KdSUZ6ROcGkpSbt6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEm/PaujZyylAHDzPoLbuRsxiEr6MB8GA1UdIwQY
MBaAFPF/aVf8I7jUa509yLx9sSKFmHbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFg5cFZfd2p1TlJyblQzSXZIMnhJb1dZZHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMDI2ZDMtOWYzMy00NjNlLTg0MTAt
NzI2ZGE0ZTkzODZiLzEvU2I4OXE2Tm5MS1VBY1BNLWd0dTVHekdJU3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMDI2ZDMtOWYzMy00NjNlLTg0MTAtNzI2ZGE0ZTkzODZi
LzEvOFg5cFZfd2p1TlJyblQzSXZIMnhJb1dZZHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8fTMA0G
CSqGSIb3DQEBCwUAA4IBAQCt6f//bqcW9KutS9F+p7nMDp02MgfXDiA+lxfnuT5M
jslSQZZ0ksWdnEeL+WAsSPTaaVZznLQjDA7Uo8Zdsvep4PfZ6TEMVOKrmfK2mZ6Q
HfX270Gwe0PjkWI59ulqPV/7IEsw6AaNhpDDNzK3BphhN+6nXSwifdfKIzyCpaOy
CNK+gbplbngoWDc/+MsGQ57zwx5nZwMV/5DctZtCugyzn4wtwPcbAR6ZIymRL14f
eu17GKVurWN1a/fLzP6z03y6uqnVJjF7YuvZpLGTEbDZCTosXM7sL99zRPFIgDam
1DYTatpWbKhMI/dtU60YNFatyWfOOzqon2OuxhwIOlFT
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:04:47 2025 by rpki-client