Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IzQ0HyLFSXqAlSOLNZR1FrQGnm4.roa
File: IzQ0HyLFSXqAlSOLNZR1FrQGnm4.roa (raw, json)
Hash identifier: rljjC/WyaMRGeF1RPxZ49UnwvjnG6IyWtpua8lFCUvU=
Subject key identifier: 23:34:34:1F:22:C5:49:7A:80:95:23:8B:35:94:75:16:B4:06:9E:6E
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCA52E722A638B0C477EE4DADEC05
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IzQ0HyLFSXqAlSOLNZR1FrQGnm4.roa
Signing time: Tue 02 Jan 2024 10:32:56 +0000
ROA not before: Tue 02 Jan 2024 10:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24690
IP address blocks: 91.120.58.0/24 maxlen: 24
194.88.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ca:52:e7:22:a6:38:b0:c4:77:ee:4d:ad:ec:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2334341f22c5497a8095238b35947516b4069e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f6:3e:55:54:e0:28:c5:89:c5:49:79:16:64:
06:5b:b6:9f:84:88:f8:22:5b:c3:f5:c0:9f:30:f4:
86:cb:a8:83:f8:20:ad:0a:96:74:0a:ad:fb:18:71:
c3:88:66:fa:d9:0e:c0:ce:f6:f7:b2:81:60:3b:a3:
ff:53:7e:80:e7:50:fc:8d:b7:64:d5:ba:77:e4:73:
95:e0:95:05:cd:bf:d0:88:b8:86:93:85:af:07:de:
f8:b2:73:b3:13:50:e5:e5:6f:1c:54:16:94:e2:9e:
3a:ff:a3:7a:cc:5f:3f:b5:6e:e9:0c:4f:91:66:90:
bb:b2:0b:45:96:c4:43:e2:d1:0a:ef:57:9a:fe:48:
a3:f3:f7:f3:fe:53:e3:f7:4f:e8:02:ee:f3:66:8e:
1d:0e:54:24:71:41:37:12:e8:a5:e7:be:7e:87:80:
0d:ab:6b:17:16:90:ba:97:41:c7:ea:8b:c1:46:a0:
7f:06:9e:90:91:01:86:25:65:14:c7:8c:7f:30:f9:
57:1e:48:42:cc:72:ca:e6:08:f6:aa:d0:af:23:20:
c0:84:79:36:27:5a:2b:ac:03:2b:34:a8:d9:19:bb:
42:d2:d2:6c:5f:99:26:53:dc:54:23:98:23:c3:86:
c7:b9:62:0a:38:79:5c:7a:da:72:2e:cc:bd:10:d7:
c3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:34:34:1F:22:C5:49:7A:80:95:23:8B:35:94:75:16:B4:06:9E:6E
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IzQ0HyLFSXqAlSOLNZR1FrQGnm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.58.0/24
194.88.40.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a4:39:0f:70:ef:25:b0:ae:db:23:6f:0a:d9:16:0b:44:c2:
48:4d:98:de:94:f7:72:56:87:8a:00:4a:9d:7a:dd:c7:14:8b:
b8:3c:00:b0:d0:ab:32:d2:34:55:69:56:7e:ac:e3:ee:6a:81:
e5:b8:7f:06:be:40:7f:21:44:8d:3e:d9:f3:37:a0:83:90:73:
91:6d:0e:1c:89:ee:26:2a:e8:2e:ff:11:4f:bd:97:f0:ee:60:
93:e3:d6:49:b3:14:74:1a:aa:94:01:16:fd:78:99:a6:b1:49:
d0:ee:98:0e:a7:a8:3c:2f:01:ff:78:78:15:2b:0d:02:3a:43:
23:32:e0:16:6d:b8:d9:48:4d:f8:01:d8:87:1e:0b:67:70:f0:
dd:16:1f:ad:a9:a1:da:0a:31:9f:18:d5:9c:c5:f6:37:0b:97:
63:a2:50:de:1d:fe:a9:73:1d:75:cb:70:93:b6:a2:18:32:6b:
54:b3:4e:73:9c:70:fb:c9:89:d3:db:9e:d5:91:f7:93:e5:52:
65:c3:df:c2:af:42:48:7c:a4:b5:0f:4b:09:38:4c:cc:67:76:
d4:c6:82:3f:77:83:22:ee:08:57:85:be:ef:31:9d:59:6c:4f:
0b:fe:61:16:fe:81:c4:d2:80:f3:88:a5:16:c4:cf:fd:10:f7:
4e:97:21:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu8pS5yKmOLDEd+5NrewFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzM0MzQxZjIyYzU0OTdhODA5NTIzOGIzNTk0NzUxNmI0MDY5ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfY+VVTgKMWJxUl5FmQGW7afhIj4
IlvD9cCfMPSGy6iD+CCtCpZ0Cq37GHHDiGb62Q7Azvb3soFgO6P/U36A51D8jbdk
1bp35HOV4JUFzb/QiLiGk4WvB974snOzE1Dl5W8cVBaU4p46/6N6zF8/tW7pDE+R
ZpC7sgtFlsRD4tEK71ea/kij8/fz/lPj90/oAu7zZo4dDlQkcUE3Euil575+h4AN
q2sXFpC6l0HH6ovBRqB/Bp6QkQGGJWUUx4x/MPlXHkhCzHLK5gj2qtCvIyDAhHk2
J1orrAMrNKjZGbtC0tJsX5kmU9xUI5gjw4bHuWIKOHlcetpyLsy9ENfDDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCM0NB8ixUl6gJUjizWUdRa0Bp5uMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvSXpRMEh5TEZTWHFBbFNPTE5aUjFGclFHbm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW3g6AwQA
wlgoMA0GCSqGSIb3DQEBCwUAA4IBAQAKpDkPcO8lsK7bI28K2RYLRMJITZjelPdy
VoeKAEqdet3HFIu4PACw0Ksy0jRVaVZ+rOPuaoHluH8GvkB/IUSNPtnzN6CDkHOR
bQ4cie4mKugu/xFPvZfw7mCT49ZJsxR0GqqUARb9eJmmsUnQ7pgOp6g8LwH/eHgV
Kw0COkMjMuAWbbjZSE34AdiHHgtncPDdFh+tqaHaCjGfGNWcxfY3C5djolDeHf6p
cx11y3CTtqIYMmtUs05znHD7yYnT257VkfeT5VJlw9/Cr0JIfKS1D0sJOEzMZ3bU
xoI/d4Mi7ghXhb7vMZ1ZbE8L/mEW/oHE0oDziKUWxM/9EPdOlyFg
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:42:28 2025 by rpki-client