Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1xbspQ1A7KhPP5v2s4I73VJV7ng.roa
File: 1xbspQ1A7KhPP5v2s4I73VJV7ng.roa (raw, json)
Hash identifier: yr/SXxWx+DPOAV3le/7AUgxfUk65TJPCG+JaJtExJOI=
Subject key identifier: D7:16:EC:A5:0D:40:EC:A8:4F:3F:9B:F6:B3:82:3B:DD:52:55:EE:78
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCFF733AB7A82DCF08ADFDC2F2E12
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1xbspQ1A7KhPP5v2s4I73VJV7ng.roa
Signing time: Tue 02 Jan 2024 10:32:58 +0000
ROA not before: Tue 02 Jan 2024 10:32:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44768
IP address blocks: 91.120.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cf:f7:33:ab:7a:82:dc:f0:8a:df:dc:2f:2e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d716eca50d40eca84f3f9bf6b3823bdd5255ee78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:29:ef:17:2c:d0:fc:f8:f0:87:49:ff:e5:21:
b7:8b:fb:7d:53:e7:11:83:35:29:87:04:5a:b8:6f:
5a:28:75:5d:55:4e:f6:bd:10:8b:6d:14:2c:ea:35:
c4:1a:06:68:5e:8a:6d:66:55:5d:a1:54:86:38:0b:
a9:59:2f:74:3a:f8:2a:a6:1e:53:30:10:86:fc:2a:
d5:a6:36:a1:64:e1:24:7a:87:a1:d9:c3:d5:16:eb:
2f:dd:de:65:89:f5:0c:1f:db:05:98:de:ef:6a:d6:
fa:72:98:79:6c:e6:63:4d:4c:9a:f5:c3:d4:ba:b8:
fa:30:6f:b4:04:f6:29:82:50:15:ad:8b:88:80:41:
14:ce:e4:05:03:19:6e:47:70:e9:c2:4f:b6:1a:62:
11:99:4b:08:35:10:33:f0:25:1c:77:39:9c:46:b1:
c5:f8:37:d2:c2:b0:99:17:f8:31:63:91:e2:54:57:
dd:f3:d1:70:b5:8a:35:ba:eb:26:82:03:6c:b0:04:
35:fe:e5:d1:9e:fb:45:f0:8f:64:a9:37:ad:2a:8a:
9e:14:dc:4c:40:7e:d6:d0:47:12:fd:1c:d7:2a:bc:
5d:f1:5f:25:25:32:0f:e1:9d:1e:8d:07:0f:70:cf:
31:d7:17:db:5a:13:b2:b2:28:e1:94:bb:69:e1:0d:
b2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:16:EC:A5:0D:40:EC:A8:4F:3F:9B:F6:B3:82:3B:DD:52:55:EE:78
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/1xbspQ1A7KhPP5v2s4I73VJV7ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.29.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6a:b0:00:2c:1c:44:dd:69:a1:a7:b8:46:48:d9:54:fe:92:
27:b2:5d:7a:04:bc:a0:5a:3b:a9:3e:f4:40:c0:92:88:a0:b1:
14:29:28:79:4a:57:89:95:c6:f6:01:37:7a:cb:64:90:e3:25:
08:b7:06:06:3f:c4:18:af:c5:14:e3:1b:22:e0:8f:58:e4:55:
fb:f7:6b:ba:b5:55:dd:1a:c3:56:86:c7:4b:4b:25:0b:8b:43:
09:51:69:7a:e6:75:5e:a4:87:5f:9f:92:07:a0:5c:23:e7:5d:
db:a3:16:01:b7:79:fa:11:4f:45:fd:8b:a0:07:05:89:a8:80:
a4:e8:98:a6:14:6f:59:64:d3:4b:d6:7b:40:4b:79:77:a7:18:
cb:27:d4:4d:7d:cc:ba:a2:93:4a:60:54:2f:16:3b:b5:7a:0d:
df:45:a9:e9:2c:2a:11:14:d3:54:54:eb:21:33:35:18:04:9e:
f9:86:c3:e4:dd:c2:a9:03:6b:6a:fc:2e:b9:9f:f3:0c:4e:5b:
93:eb:d9:9f:e3:74:d2:09:29:36:b6:bd:0c:f3:18:0c:03:cd:
d6:61:2d:71:e8:f2:36:90:f9:a6:42:67:c6:5d:80:b4:9c:ef:
ef:d1:26:d9:78:5d:2d:92:a9:27:45:b5:14:0a:34:a2:64:b4:
9f:3b:58:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu8/3M6t6gtzwit/cLy4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE2ZWNhNTBkNDBlY2E4NGYzZjliZjZiMzgyM2JkZDUyNTVlZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2invFyzQ/Pjwh0n/5SG3i/t9U+cR
gzUphwRauG9aKHVdVU72vRCLbRQs6jXEGgZoXoptZlVdoVSGOAupWS90Ovgqph5T
MBCG/CrVpjahZOEkeoeh2cPVFusv3d5lifUMH9sFmN7vatb6cph5bOZjTUya9cPU
urj6MG+0BPYpglAVrYuIgEEUzuQFAxluR3Dpwk+2GmIRmUsINRAz8CUcdzmcRrHF
+DfSwrCZF/gxY5HiVFfd89FwtYo1uusmggNssAQ1/uXRnvtF8I9kqTetKoqeFNxM
QH7W0EcS/RzXKrxd8V8lJTIP4Z0ejQcPcM8x1xfbWhOysijhlLtp4Q2y2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcW7KUNQOyoTz+b9rOCO91SVe54MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvMXhic3BRMUE3S2hQUDV2MnM0STczVkpWN25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW3gdMA0G
CSqGSIb3DQEBCwUAA4IBAQAOarAALBxE3Wmhp7hGSNlU/pInsl16BLygWjupPvRA
wJKIoLEUKSh5SleJlcb2ATd6y2SQ4yUItwYGP8QYr8UU4xsi4I9Y5FX792u6tVXd
GsNWhsdLSyULi0MJUWl65nVepIdfn5IHoFwj513boxYBt3n6EU9F/YugBwWJqICk
6JimFG9ZZNNL1ntAS3l3pxjLJ9RNfcy6opNKYFQvFju1eg3fRanpLCoRFNNUVOsh
MzUYBJ75hsPk3cKpA2tq/C65n/MMTluT69mf43TSCSk2tr0M8xgMA83WYS1x6PI2
kPmmQmfGXYC0nO/v0SbZeF0tkqknRbUUCjSiZLSfO1g9
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:42:29 2025 by rpki-client