Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/x9mJhNPhABZF_opf-agz7gsnwp0.roa
File: x9mJhNPhABZF_opf-agz7gsnwp0.roa (raw, json)
Hash identifier: WDm5LxZqvYs7GjiDVlmkjt411Y5mjCisA93cVWCvy/0=
Subject key identifier: C7:D9:89:84:D3:E1:00:16:45:FE:8A:5F:F9:A8:33:EE:0B:27:C2:9D
Certificate issuer: /CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
Certificate serial: 018CC94E602D5CF3D1BF83386C6B3CE6DB69
Authority key identifier: A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/x9mJhNPhABZF_opf-agz7gsnwp0.roa
Signing time: Tue 02 Jan 2024 08:33:25 +0000
ROA not before: Tue 02 Jan 2024 08:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51979
IP address blocks: 91.222.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:60:2d:5c:f3:d1:bf:83:38:6c:6b:3c:e6:db:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9c187bc7a9e885335a7eb9b0a438fe811c03847
Validity
Not Before: Jan 2 08:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7d98984d3e1001645fe8a5ff9a833ee0b27c29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:7e:6c:79:ac:a0:86:59:ea:68:ec:e1:b4:
e1:90:63:09:a5:41:8f:06:a4:bc:9d:aa:ee:d1:69:
ff:db:db:dc:5d:54:4e:7a:e4:ce:20:ae:06:93:bd:
bd:f3:3e:d4:b5:4d:1b:9b:e3:e8:ab:45:12:dc:ba:
9b:c6:2b:f1:ab:0d:c2:d0:6f:7a:34:6f:ec:e8:60:
58:08:44:6b:98:66:9f:c0:a5:86:c6:4d:eb:0f:f6:
b7:10:8f:2b:65:7a:1f:84:86:81:6b:b8:08:42:be:
dc:c4:be:79:df:cf:86:6a:98:8e:ea:e7:a5:6a:d4:
a4:14:0f:6d:65:75:b7:e2:19:bf:34:42:36:95:e3:
7c:e1:1e:40:7a:ec:da:44:19:a6:0d:bd:d6:70:2e:
40:c6:23:63:82:90:dc:6a:42:01:cd:ac:4d:50:c1:
98:34:65:8e:79:00:0c:3d:14:50:02:87:4c:0b:de:
49:7d:fa:c8:bb:dd:62:84:7d:00:ff:46:58:62:1e:
85:1d:07:b6:dd:7f:3e:9f:1d:5d:92:eb:e5:16:01:
f3:c2:d5:2b:eb:ab:ff:da:fe:ee:c9:2e:27:01:f0:
22:50:53:5c:61:8a:d8:32:52:4d:1e:cd:fd:a4:3f:
f6:70:2e:4a:cf:66:fe:d6:3e:f0:84:86:79:54:66:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D9:89:84:D3:E1:00:16:45:FE:8A:5F:F9:A8:33:EE:0B:27:C2:9D
X509v3 Authority Key Identifier:
keyid:A9:C1:87:BC:7A:9E:88:53:35:A7:EB:9B:0A:43:8F:E8:11:C0:38:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcGHvHqeiFM1p-ubCkOP6BHAOEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/x9mJhNPhABZF_opf-agz7gsnwp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1b814a-d388-4c64-8302-370d1fd4254b/1/qcGHvHqeiFM1p-ubCkOP6BHAOEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.88.0/22
Signature Algorithm: sha256WithRSAEncryption
93:99:50:51:c3:09:3c:59:7a:90:d6:17:9d:8e:f8:08:fd:02:
32:85:ca:90:2e:27:3e:12:b1:f2:b2:b7:1a:5e:52:df:78:d5:
76:c0:7b:15:84:94:b5:56:eb:54:4b:54:10:7e:31:62:fe:b1:
32:93:d2:12:ba:fd:46:b4:13:35:97:3e:e4:b7:ed:42:73:68:
b4:08:b3:80:53:ec:3e:c2:d9:1c:f9:db:86:8b:fc:2f:30:da:
18:99:60:be:a5:9a:47:55:be:93:36:6e:74:0c:c2:98:df:ff:
87:a6:82:8d:2e:ba:59:a9:0e:d6:b0:14:fa:8b:66:b5:49:7d:
63:5a:7e:8d:6f:6a:fa:60:a5:b9:7f:1c:06:6e:c6:8b:7c:8d:
34:2b:f8:fe:20:63:07:db:0e:25:ba:c8:27:73:b6:f6:12:60:
81:14:77:4c:a0:94:64:92:54:0f:0e:9b:c3:cd:8d:fc:45:44:
34:7e:f3:44:1e:e7:0c:e9:e0:1f:42:2b:f3:66:ba:d5:8b:73:
70:2c:cf:d1:9b:15:a8:1f:0c:f5:d3:02:76:6e:5f:5c:a3:7a:
45:95:74:21:49:8f:73:22:7f:e4:04:56:61:dc:87:fe:c0:fe:
d8:be:87:c0:e0:c3:98:8c:c8:15:cf:c4:27:3b:de:b7:26:1b:
5a:9b:90:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmAtXPPRv4M4bGs85ttpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YzE4N2JjN2E5ZTg4NTMzNWE3ZWI5YjBhNDM4ZmU4MTFj
MDM4NDcwHhcNMjQwMTAyMDgzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q5ODk4NGQzZTEwMDE2NDVmZThhNWZmOWE4MzNlZTBiMjdjMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq5+bHmsoIZZ6mjs4bThkGMJpUGP
BqS8naru0Wn/29vcXVROeuTOIK4Gk7298z7UtU0bm+Poq0US3Lqbxivxqw3C0G96
NG/s6GBYCERrmGafwKWGxk3rD/a3EI8rZXofhIaBa7gIQr7cxL5538+GapiO6uel
atSkFA9tZXW34hm/NEI2leN84R5AeuzaRBmmDb3WcC5AxiNjgpDcakIBzaxNUMGY
NGWOeQAMPRRQAodMC95JffrIu91ihH0A/0ZYYh6FHQe23X8+nx1dkuvlFgHzwtUr
66v/2v7uyS4nAfAiUFNcYYrYMlJNHs39pD/2cC5Kz2b+1j7whIZ5VGZf9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfZiYTT4QAWRf6KX/moM+4LJ8KdMB8GA1UdIwQY
MBaAFKnBh7x6nohTNafrmwpDj+gRwDhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNHSHZIcWVpRk0xcC11YkNrT1A2QkhBT0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYjgxNGEtZDM4OC00YzY0LTgzMDIt
MzcwZDFmZDQyNTRiLzEveDltSmhOUGhBQlpGX29wZi1hZ3o3Z3Nud3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xYjgxNGEtZDM4OC00YzY0LTgzMDItMzcwZDFmZDQyNTRi
LzEvcWNHSHZIcWVpRk0xcC11YkNrT1A2QkhBT0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW95YMA0G
CSqGSIb3DQEBCwUAA4IBAQCTmVBRwwk8WXqQ1hedjvgI/QIyhcqQLic+ErHysrca
XlLfeNV2wHsVhJS1VutUS1QQfjFi/rEyk9ISuv1GtBM1lz7kt+1Cc2i0CLOAU+w+
wtkc+duGi/wvMNoYmWC+pZpHVb6TNm50DMKY3/+HpoKNLrpZqQ7WsBT6i2a1SX1j
Wn6Nb2r6YKW5fxwGbsaLfI00K/j+IGMH2w4lusgnc7b2EmCBFHdMoJRkklQPDpvD
zY38RUQ0fvNEHucM6eAfQivzZrrVi3NwLM/RmxWoHwz10wJ2bl9co3pFlXQhSY9z
In/kBFZh3If+wP7YvofA4MOYjMgVz8QnO963Jhtam5Aa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:51 2025 by rpki-client