Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/44b2b2-b45a-4053-be29-2724f92bd56e/1/2_fq_sO4tenA-s5amyJbA8l4mqA.roa
File: 2_fq_sO4tenA-s5amyJbA8l4mqA.roa (raw, json)
Hash identifier: VVaux8KMN35jd13QoMgUJWmtgFh3B3LyZu2v6tEjzcY=
Subject key identifier: DB:F7:EA:FE:C3:B8:B5:E9:C0:FA:CE:5A:9B:22:5B:03:C9:78:9A:A0
Certificate issuer: /CN=201fe6981ebcbc923c8e49f48452441d080e66f0
Certificate serial: 018CC5007B4E126C99A447552F1422486004
Authority key identifier: 20:1F:E6:98:1E:BC:BC:92:3C:8E:49:F4:84:52:44:1D:08:0E:66:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_mmB68vJI8jkn0hFJEHQgOZvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/44b2b2-b45a-4053-be29-2724f92bd56e/1/2_fq_sO4tenA-s5amyJbA8l4mqA.roa
Signing time: Mon 01 Jan 2024 12:29:52 +0000
ROA not before: Mon 01 Jan 2024 12:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197796
IP address blocks: 91.227.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7b:4e:12:6c:99:a4:47:55:2f:14:22:48:60:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe6981ebcbc923c8e49f48452441d080e66f0
Validity
Not Before: Jan 1 12:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbf7eafec3b8b5e9c0face5a9b225b03c9789aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:04:3a:6c:98:4a:cc:d7:e4:1f:df:ab:ce:
0e:08:43:c7:62:e5:39:6f:0d:37:e5:35:57:b9:df:
58:44:9e:fb:e9:e8:f8:3f:5d:f7:af:3f:7a:3f:65:
02:6a:5f:8e:45:89:f7:2a:83:63:1e:e1:c9:6e:b9:
fa:db:b1:cf:2c:c9:28:45:41:52:eb:ff:d1:0b:28:
63:7d:e3:f0:4a:d7:7d:8e:ce:7d:9a:10:8f:d7:07:
34:91:e5:d4:e7:e2:80:31:76:65:1a:6c:24:a1:2d:
5a:b3:47:60:51:f2:84:52:79:5e:c8:36:a3:39:c7:
3d:b9:d1:97:6d:9a:7e:74:dc:29:7f:a5:9a:2d:18:
bb:27:9f:aa:f0:7c:32:9e:0b:ad:c7:e3:51:ef:24:
30:a0:4f:e8:df:6a:71:21:52:eb:4f:10:92:1f:1d:
9d:38:d6:1f:11:14:17:8c:4b:6b:a3:c9:92:32:0d:
eb:52:a6:a0:a9:ef:d8:03:53:a6:eb:ab:e4:4b:55:
a0:1d:ae:e2:e4:61:8f:4d:dd:bc:46:ae:0d:4d:68:
54:31:57:cb:50:dd:20:d2:08:52:1f:6b:e8:76:25:
69:bf:19:2f:fc:da:0a:1b:3f:77:5e:48:2a:9a:26:
7f:f3:be:88:a3:55:47:9c:ad:14:94:6b:ea:ae:5f:
a7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F7:EA:FE:C3:B8:B5:E9:C0:FA:CE:5A:9B:22:5B:03:C9:78:9A:A0
X509v3 Authority Key Identifier:
keyid:20:1F:E6:98:1E:BC:BC:92:3C:8E:49:F4:84:52:44:1D:08:0E:66:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_mmB68vJI8jkn0hFJEHQgOZvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/44b2b2-b45a-4053-be29-2724f92bd56e/1/2_fq_sO4tenA-s5amyJbA8l4mqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/44b2b2-b45a-4053-be29-2724f92bd56e/1/IB_mmB68vJI8jkn0hFJEHQgOZvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.43.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ae:52:57:91:9f:a1:6e:bd:6a:f4:9c:26:cc:5f:0b:64:c3:
92:39:1c:51:4b:d2:db:06:6c:6d:61:19:6c:11:c5:2b:0d:ad:
81:de:7f:53:d7:6a:e2:5e:d1:46:b8:52:1a:5e:62:ea:e1:28:
af:11:ed:37:14:be:e1:6d:27:84:f6:aa:cd:91:14:c0:0f:cd:
97:b5:dd:25:77:91:3f:95:10:39:10:a0:cc:c1:6a:3e:05:da:
88:f1:ec:85:32:a9:e7:ea:37:d5:8e:70:43:c7:5f:d0:54:3d:
52:4b:57:ae:e7:bd:49:ee:98:fb:e1:8e:f6:0f:41:c4:ab:46:
74:9f:c2:6f:80:4c:df:ac:41:7d:d1:9a:e8:72:88:33:16:85:
15:90:80:a4:6f:a8:17:12:6f:e5:94:64:3b:a5:cb:37:c0:30:
ed:9d:74:ff:5e:87:65:74:ec:00:83:71:47:02:d5:9a:a1:e2:
e5:4c:c6:a5:f8:2e:1a:7b:9d:bc:6c:f7:1f:34:ee:1c:4c:30:
c3:b3:41:da:9c:8f:76:1c:74:64:7c:db:dc:a8:75:fe:5d:69:
f1:25:9d:98:c2:ac:a1:dd:89:90:ca:aa:fd:4b:d6:76:81:f8:
9a:cb:3e:a0:c0:dc:25:28:de:6a:89:67:f3:82:d0:b0:e4:f8:
5c:2a:da:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAHtOEmyZpEdVLxQiSGAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlNjk4MWViY2JjOTIzYzhlNDlmNDg0NTI0NDFkMDgw
ZTY2ZjAwHhcNMjQwMTAxMTIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY3ZWFmZWMzYjhiNWU5YzBmYWNlNWE5YjIyNWIwM2M5Nzg5YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO0EOmyYSszX5B/fq84OCEPHYuU5
bw035TVXud9YRJ776ej4P133rz96P2UCal+ORYn3KoNjHuHJbrn627HPLMkoRUFS
6//RCyhjfePwStd9js59mhCP1wc0keXU5+KAMXZlGmwkoS1as0dgUfKEUnleyDaj
Occ9udGXbZp+dNwpf6WaLRi7J5+q8Hwyngutx+NR7yQwoE/o32pxIVLrTxCSHx2d
ONYfERQXjEtro8mSMg3rUqagqe/YA1Om66vkS1WgHa7i5GGPTd28Rq4NTWhUMVfL
UN0g0ghSH2vodiVpvxkv/NoKGz93XkgqmiZ/876Io1VHnK0UlGvqrl+nAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNv36v7DuLXpwPrOWpsiWwPJeJqgMB8GA1UdIwQY
MBaAFCAf5pgevLySPI5J9IRSRB0IDmbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfbW1CNjh2Skk4amtuMGhGSkVIUWdPWnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80NGIyYjItYjQ1YS00MDUzLWJlMjkt
MjcyNGY5MmJkNTZlLzEvMl9mcV9zTzR0ZW5BLXM1YW15SmJBOGw0bXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80NGIyYjItYjQ1YS00MDUzLWJlMjktMjcyNGY5MmJkNTZl
LzEvSUJfbW1CNjh2Skk4amtuMGhGSkVIUWdPWnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+MrMA0G
CSqGSIb3DQEBCwUAA4IBAQATrlJXkZ+hbr1q9JwmzF8LZMOSORxRS9LbBmxtYRls
EcUrDa2B3n9T12riXtFGuFIaXmLq4SivEe03FL7hbSeE9qrNkRTAD82Xtd0ld5E/
lRA5EKDMwWo+BdqI8eyFMqnn6jfVjnBDx1/QVD1SS1eu571J7pj74Y72D0HEq0Z0
n8JvgEzfrEF90ZrocogzFoUVkICkb6gXEm/llGQ7pcs3wDDtnXT/XodldOwAg3FH
AtWaoeLlTMal+C4ae528bPcfNO4cTDDDs0HanI92HHRkfNvcqHX+XWnxJZ2Ywqyh
3YmQyqr9S9Z2gfiayz6gwNwlKN5qiWfzgtCw5PhcKtrA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:59 2025 by rpki-client