Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/J7o401EGxNyZQi1c9Ex_vqer1mU.roa
File: J7o401EGxNyZQi1c9Ex_vqer1mU.roa (raw, json)
Hash identifier: gUMoArDF5SIEII59UjPq2WR026K9l1WVmmZfZh1wVbw=
Subject key identifier: 27:BA:38:D3:51:06:C4:DC:99:42:2D:5C:F4:4C:7F:BE:A7:AB:D6:65
Certificate issuer: /CN=c8f2345a3fea4b3dbf25cb120f1b7842536268cd
Certificate serial: 0195222668FC2113C7C9724C71CCF9E1B5BD
Authority key identifier: C8:F2:34:5A:3F:EA:4B:3D:BF:25:CB:12:0F:1B:78:42:53:62:68:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/J7o401EGxNyZQi1c9Ex_vqer1mU.roa
Signing time: Thu 20 Feb 2025 06:58:17 +0000
ROA not before: Thu 20 Feb 2025 06:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59478
IP address blocks: 91.241.192.0/20 maxlen: 20
91.241.196.0/23 maxlen: 23
91.241.208.0/20 maxlen: 20
91.241.224.0/20 maxlen: 20
91.241.240.0/20 maxlen: 20
91.241.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 12:28:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:26:68:fc:21:13:c7:c9:72:4c:71:cc:f9:e1:b5:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f2345a3fea4b3dbf25cb120f1b7842536268cd
Validity
Not Before: Feb 20 06:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27ba38d35106c4dc99422d5cf44c7fbea7abd665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:fa:dc:ba:0d:0a:95:81:f7:44:17:40:aa:
80:14:ff:0a:98:c8:83:2b:92:62:52:34:73:b5:e4:
d4:ac:01:a1:b3:11:e5:af:ca:9b:40:87:b0:d1:87:
57:0c:d3:ee:e9:7b:67:20:e5:f3:90:c2:5a:d3:df:
a7:a6:e1:a4:dc:7c:c8:31:ee:32:64:b9:32:77:14:
d9:63:ac:19:b5:04:d8:7e:06:ba:53:4c:4e:3f:98:
f7:50:c3:75:1a:75:05:6e:12:58:f8:94:4f:32:a9:
21:25:12:da:95:45:d4:b5:97:45:c9:b2:3f:ac:94:
b6:95:1a:a8:10:52:4f:f9:b0:be:d7:0a:c6:60:0e:
81:8f:b2:cc:d8:57:66:20:57:da:ab:79:01:90:bd:
ff:e6:ad:b5:fe:39:c8:ba:f8:08:f6:83:87:ff:74:
3e:af:52:06:e5:dc:03:79:13:da:f7:f8:f8:42:29:
ae:1b:7e:da:e3:18:5a:c9:b0:c9:5b:7d:37:eb:db:
3e:8d:55:ba:72:c0:7b:00:40:7f:c1:6e:22:e7:dc:
a3:20:34:7b:04:ae:35:91:5e:2b:b8:39:c0:d3:17:
96:33:0e:1e:65:b6:3b:c0:e0:79:fa:26:15:9b:32:
bb:63:ae:1b:77:81:bd:f2:60:f9:9e:10:ce:ca:52:
99:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BA:38:D3:51:06:C4:DC:99:42:2D:5C:F4:4C:7F:BE:A7:AB:D6:65
X509v3 Authority Key Identifier:
keyid:C8:F2:34:5A:3F:EA:4B:3D:BF:25:CB:12:0F:1B:78:42:53:62:68:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/J7o401EGxNyZQi1c9Ex_vqer1mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/48c28a-0848-4b0b-914a-0ea1e123417a/1/yPI0Wj_qSz2_JcsSDxt4QlNiaM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a1:de:06:3d:a7:0a:69:a3:51:de:13:0c:9e:8b:b4:34:c2:ad:
dd:bd:01:c4:48:9b:7f:6f:46:3f:5e:7d:77:8b:4c:cd:90:1c:
78:82:92:4f:80:ff:06:ef:de:11:84:a1:38:ea:dc:1e:09:a2:
e7:00:91:42:55:f0:c0:1f:4f:30:38:67:d6:79:c1:c7:b6:55:
48:33:06:4a:44:24:5f:e7:92:f6:e6:c2:08:0f:58:f6:97:1c:
2f:79:49:3f:82:23:d4:59:4d:f9:ea:3f:2c:0f:45:ad:29:02:
71:2d:49:41:f5:f7:21:34:84:81:97:f8:23:62:98:2a:38:3d:
63:e0:16:13:4a:58:6c:6a:0d:10:c0:24:d9:c7:4f:46:43:07:
f4:4f:63:00:4a:9a:f1:45:d9:05:8d:0a:d1:3e:c3:89:dd:5b:
fc:2c:af:ed:35:a4:07:41:d8:e8:de:b8:b5:5c:d7:7c:3f:10:
78:5b:0a:5b:98:d3:05:09:44:db:d1:6a:48:4d:5e:54:c4:c3:
34:6a:dd:f7:96:0b:f5:b7:b8:36:00:b9:9c:0d:4b:59:79:50:
33:dd:73:6e:89:fb:bb:23:0a:de:04:33:f3:e8:35:29:d3:4a:
f7:d2:04:9f:a9:94:85:7e:3a:6f:56:5c:69:52:4f:91:a8:59:
3a:20:2e:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUiJmj8IRPHyXJMccz54bW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjIzNDVhM2ZlYTRiM2RiZjI1Y2IxMjBmMWI3ODQyNTM2
MjY4Y2QwHhcNMjUwMjIwMDY1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JhMzhkMzUxMDZjNGRjOTk0MjJkNWNmNDRjN2ZiZWE3YWJkNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9n63LoNCpWB90QXQKqAFP8KmMiD
K5JiUjRzteTUrAGhsxHlr8qbQIew0YdXDNPu6XtnIOXzkMJa09+npuGk3HzIMe4y
ZLkydxTZY6wZtQTYfga6U0xOP5j3UMN1GnUFbhJY+JRPMqkhJRLalUXUtZdFybI/
rJS2lRqoEFJP+bC+1wrGYA6Bj7LM2FdmIFfaq3kBkL3/5q21/jnIuvgI9oOH/3Q+
r1IG5dwDeRPa9/j4QimuG37a4xhaybDJW30369s+jVW6csB7AEB/wW4i59yjIDR7
BK41kV4ruDnA0xeWMw4eZbY7wOB5+iYVmzK7Y64bd4G98mD5nhDOylKZLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCe6ONNRBsTcmUItXPRMf76nq9ZlMB8GA1UdIwQY
MBaAFMjyNFo/6ks9vyXLEg8beEJTYmjNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBJMFdqX3FTejJfSmNzU0R4dDRRbE5pYU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC80OGMyOGEtMDg0OC00YjBiLTkxNGEt
MGVhMWUxMjM0MTdhLzEvSjdvNDAxRUd4TnlaUWkxYzlFeF92cWVyMW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC80OGMyOGEtMDg0OC00YjBiLTkxNGEtMGVhMWUxMjM0MTdh
LzEveVBJMFdqX3FTejJfSmNzU0R4dDRRbE5pYU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW/HAMA0G
CSqGSIb3DQEBCwUAA4IBAQCh3gY9pwppo1HeEwyei7Q0wq3dvQHESJt/b0Y/Xn13
i0zNkBx4gpJPgP8G794RhKE46tweCaLnAJFCVfDAH08wOGfWecHHtlVIMwZKRCRf
55L25sIID1j2lxwveUk/giPUWU356j8sD0WtKQJxLUlB9fchNISBl/gjYpgqOD1j
4BYTSlhsag0QwCTZx09GQwf0T2MASprxRdkFjQrRPsOJ3Vv8LK/tNaQHQdjo3ri1
XNd8PxB4WwpbmNMFCUTb0WpITV5UxMM0at33lgv1t7g2ALmcDUtZeVAz3XNuifu7
IwreBDPz6DUp00r30gSfqZSFfjpvVlxpUk+RqFk6IC6j
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:18:06 2025 by rpki-client