Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/s4xTxe4EF-qyYmErIyUcA6_ac6A.roa
File: s4xTxe4EF-qyYmErIyUcA6_ac6A.roa (raw, json)
Hash identifier: hkOK+AyKCb+H2OZDetLD9bahUzCfTyo1k5PsdbqWSOw=
Subject key identifier: B3:8C:53:C5:EE:04:17:EA:B2:62:61:2B:23:25:1C:03:AF:DA:73:A0
Certificate issuer: /CN=db418bcf3194317b9c2881193196feb598fd9eee
Certificate serial: 0193B5ED84E1B9255907F4AD8EF8698DA2D2
Authority key identifier: DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/s4xTxe4EF-qyYmErIyUcA6_ac6A.roa
Signing time: Wed 11 Dec 2024 13:34:22 +0000
ROA not before: Wed 11 Dec 2024 13:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48571
IP address blocks: 91.209.189.0/24 maxlen: 24
91.216.80.0/24 maxlen: 24
128.0.55.0/24 maxlen: 24
194.55.152.0/22 maxlen: 24
2a0c:cb40::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:ed:84:e1:b9:25:59:07:f4:ad:8e:f8:69:8d:a2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db418bcf3194317b9c2881193196feb598fd9eee
Validity
Not Before: Dec 11 13:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b38c53c5ee0417eab262612b23251c03afda73a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:36:e2:69:6e:5b:96:7b:ef:3c:f7:03:d2:c8:
b0:dc:22:da:db:42:3d:d4:2a:4a:15:e3:08:54:00:
4d:76:d2:79:d8:1e:c9:6b:08:c8:c3:de:c1:22:93:
d2:9d:7b:9b:7c:c0:f3:66:c8:48:26:d4:f0:39:b7:
d9:a1:c3:d9:cd:73:0d:19:64:52:22:ba:2e:7c:57:
32:77:3b:51:79:5f:3f:65:88:8f:8e:6b:7f:eb:d3:
c4:33:d9:a3:cf:dc:69:66:96:bf:dd:5f:7f:11:e6:
ce:a5:01:bf:11:93:5a:c3:97:7d:d2:d0:c3:2f:18:
c2:be:93:57:fa:fd:24:0b:8c:7b:2e:89:7a:4a:1c:
7e:3b:9f:19:da:11:01:2b:1f:07:d8:13:1f:97:84:
a5:61:2f:dd:a5:f0:a8:fc:dc:c0:b4:e6:ac:4c:b2:
c8:33:94:bf:f9:12:07:49:35:e5:a7:54:df:ad:fc:
0f:98:5c:72:3b:41:57:5b:3c:2f:de:08:5b:6a:b6:
09:59:85:bc:3f:38:da:e4:03:1f:5f:e2:49:5e:81:
15:99:97:43:71:7c:d9:e9:c4:58:25:8d:d1:26:40:
5f:40:24:cf:3e:79:b8:54:d2:4e:a2:a9:3a:cf:27:
88:e7:48:7f:34:0b:65:09:3d:f4:65:8d:80:3d:61:
54:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8C:53:C5:EE:04:17:EA:B2:62:61:2B:23:25:1C:03:AF:DA:73:A0
X509v3 Authority Key Identifier:
keyid:DB:41:8B:CF:31:94:31:7B:9C:28:81:19:31:96:FE:B5:98:FD:9E:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20GLzzGUMXucKIEZMZb-tZj9nu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/s4xTxe4EF-qyYmErIyUcA6_ac6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b897ad-5d41-40a2-90c3-e29ee3d91395/1/20GLzzGUMXucKIEZMZb-tZj9nu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.189.0/24
91.216.80.0/24
128.0.55.0/24
194.55.152.0/22
IPv6:
2a0c:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:72:d8:ca:7c:d3:6c:e1:3f:96:f9:f6:3c:12:4f:a0:87:2b:
ae:19:a5:d0:13:f1:b6:39:f7:2b:82:37:87:b5:e2:39:1e:c5:
04:e9:e2:ad:34:d3:fc:72:13:50:a6:be:dc:22:00:85:24:bb:
8c:cf:11:a9:cc:51:d5:d3:84:72:0a:93:75:b4:a9:1c:74:d4:
20:17:9e:b0:d8:8f:67:7f:2e:57:92:71:75:79:e0:52:9e:9d:
68:98:5c:88:87:4f:24:f4:8c:70:26:08:6f:08:e3:aa:0f:23:
16:15:4a:06:27:93:f8:5b:21:67:82:81:21:0b:1e:86:7c:9e:
8f:9d:c2:ba:5f:0f:4c:dd:70:c6:8c:c6:9a:6d:de:f5:60:f0:
f4:96:2a:97:bf:7b:94:dc:d3:f3:67:92:56:09:95:39:c5:8c:
c5:65:e5:8c:8c:cc:7a:7c:2a:c6:42:d1:42:78:1b:66:08:c4:
c5:d9:0a:62:5c:88:c4:b5:3e:05:68:04:41:da:d6:e5:e0:1b:
a0:53:9e:f1:55:ba:6e:5d:de:08:1d:35:12:46:39:77:e7:4c:
d6:25:9e:f9:79:46:f4:5c:c5:fc:41:28:f3:15:9f:57:ae:f8:
56:cb:68:ec:8f:3d:5f:ac:98:7e:b4:0c:99:ae:b3:7f:e0:5d:
bb:8a:2b:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZO17YThuSVZB/StjvhpjaLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDE4YmNmMzE5NDMxN2I5YzI4ODExOTMxOTZmZWI1OThm
ZDllZWUwHhcNMjQxMjExMTMzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzhjNTNjNWVlMDQxN2VhYjI2MjYxMmIyMzI1MWMwM2FmZGE3M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjbiaW5blnvvPPcD0siw3CLa20I9
1CpKFeMIVABNdtJ52B7JawjIw97BIpPSnXubfMDzZshIJtTwObfZocPZzXMNGWRS
IroufFcydztReV8/ZYiPjmt/69PEM9mjz9xpZpa/3V9/EebOpQG/EZNaw5d90tDD
LxjCvpNX+v0kC4x7Lol6Shx+O58Z2hEBKx8H2BMfl4SlYS/dpfCo/NzAtOasTLLI
M5S/+RIHSTXlp1TfrfwPmFxyO0FXWzwv3ghbarYJWYW8Pzja5AMfX+JJXoEVmZdD
cXzZ6cRYJY3RJkBfQCTPPnm4VNJOoqk6zyeI50h/NAtlCT30ZY2APWFUfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLOMU8XuBBfqsmJhKyMlHAOv2nOgMB8GA1UdIwQY
MBaAFNtBi88xlDF7nCiBGTGW/rWY/Z7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMt
ZTI5ZWUzZDkxMzk1LzEvczR4VHhlNEVGLXF5WW1Fckl5VWNBNl9hYzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iODk3YWQtNWQ0MS00MGEyLTkwYzMtZTI5ZWUzZDkxMzk1
LzEvMjBHTHp6R1VNWHVjS0lFWk1aYi10Wmo5bnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9G9AwQA
W9hQAwQAgAA3AwQCwjeYMA0EAgACMAcDBQMqDMtAMA0GCSqGSIb3DQEBCwUAA4IB
AQBrctjKfNNs4T+W+fY8Ek+ghyuuGaXQE/G2OfcrgjeHteI5HsUE6eKtNNP8chNQ
pr7cIgCFJLuMzxGpzFHV04RyCpN1tKkcdNQgF56w2I9nfy5XknF1eeBSnp1omFyI
h08k9IxwJghvCOOqDyMWFUoGJ5P4WyFngoEhCx6GfJ6PncK6Xw9M3XDGjMaabd71
YPD0liqXv3uU3NPzZ5JWCZU5xYzFZeWMjMx6fCrGQtFCeBtmCMTF2QpiXIjEtT4F
aARB2tbl4BugU57xVbpuXd4IHTUSRjl350zWJZ75eUb0XMX8QSjzFZ9XrvhWy2js
jz1frJh+tAyZrrN/4F27iit0
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:02:28 2025 by rpki-client