Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/kAZZAMBtE1ZpHjl0bxDcccmClYA.roa
File: kAZZAMBtE1ZpHjl0bxDcccmClYA.roa (raw, json)
Hash identifier: XGNyiwEmPT07fBNguafCRVubopeCLFYvANSA6ri2vyw=
Subject key identifier: 90:06:59:00:C0:6D:13:56:69:1E:39:74:6F:10:DC:71:C9:82:95:80
Certificate issuer: /CN=4d6165e4f1813e4b3f5c48720631c7cc0b2374d2
Certificate serial: 018CC94E3B0A8C302056DBA48A3F05AD9B46
Authority key identifier: 4D:61:65:E4:F1:81:3E:4B:3F:5C:48:72:06:31:C7:CC:0B:23:74:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TWFl5PGBPks_XEhyBjHHzAsjdNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/kAZZAMBtE1ZpHjl0bxDcccmClYA.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196837
IP address blocks: 91.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3b:0a:8c:30:20:56:db:a4:8a:3f:05:ad:9b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d6165e4f1813e4b3f5c48720631c7cc0b2374d2
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90065900c06d1356691e39746f10dc71c9829580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:d0:fe:f4:ec:7a:6d:ec:36:9b:2b:c5:11:
e1:ee:03:d1:f1:74:e9:94:f1:4c:00:6d:a5:2d:78:
2f:3c:ee:e4:98:33:3d:50:98:5b:ae:43:79:d8:df:
2f:d0:b8:c9:67:c3:5a:e6:b2:ae:c8:cc:bc:39:71:
e6:8a:dd:18:ab:f4:62:a8:0c:eb:47:1a:ee:83:00:
13:a5:eb:6c:64:81:e5:45:70:da:f6:a6:e3:44:e4:
b0:d3:6b:22:80:9d:ea:94:92:e4:07:d1:61:48:c5:
21:66:8b:e9:35:2b:f9:8d:ee:74:02:ef:2f:29:df:
2f:dc:ee:dc:27:1a:38:72:2b:1c:73:7d:c1:c9:40:
81:5d:05:0f:13:53:52:71:9f:d7:5b:73:d1:1b:ef:
8b:58:4b:e8:74:cd:f7:45:5b:c1:2f:a6:20:6c:cc:
d4:be:91:44:1c:72:cd:02:1f:b7:e8:19:23:90:23:
f2:e1:e7:57:12:5b:7e:b5:e6:99:af:b4:c0:f6:bc:
29:1e:45:05:c0:4c:1c:4a:c6:57:c0:7e:b2:6c:7e:
fd:31:16:3c:06:23:6f:d0:52:33:94:63:ec:c4:04:
16:00:14:ab:6f:7d:9f:c6:ae:5a:91:1b:e3:01:ba:
e6:b7:e5:35:45:1f:9d:54:ed:13:52:5d:54:3c:bb:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:06:59:00:C0:6D:13:56:69:1E:39:74:6F:10:DC:71:C9:82:95:80
X509v3 Authority Key Identifier:
keyid:4D:61:65:E4:F1:81:3E:4B:3F:5C:48:72:06:31:C7:CC:0B:23:74:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TWFl5PGBPks_XEhyBjHHzAsjdNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/kAZZAMBtE1ZpHjl0bxDcccmClYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3ae541-57f4-4466-91d5-02a3be4773a3/1/TWFl5PGBPks_XEhyBjHHzAsjdNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.80.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:66:4f:74:46:74:39:bb:a9:2d:db:33:9b:ed:e9:b3:81:54:
bc:44:54:73:f6:26:29:c4:06:3a:ff:2f:32:1b:ee:f2:3d:b4:
d4:b6:b7:d6:75:b2:0e:46:8b:22:00:b4:f2:fc:eb:cb:37:f6:
41:08:75:3e:3c:a5:b8:15:ac:22:9b:84:3e:4e:fb:a6:5a:50:
18:90:3b:c3:8f:60:ce:79:4b:a2:dd:1f:99:52:f4:6b:e8:6f:
dd:09:57:03:fd:fe:d3:26:b8:a7:79:d6:b7:71:8a:c7:cc:b8:
8d:6f:e6:1c:12:6f:fe:6d:23:14:59:e4:8a:3b:ed:29:9c:d2:
30:83:a6:12:76:39:bd:96:a0:f8:ca:6c:dd:e3:ee:6f:34:77:
65:17:47:55:70:52:f7:fd:52:c8:18:0d:5d:78:15:8c:e2:64:
03:b9:cf:ae:0b:e7:eb:34:6f:75:b7:bf:f9:0c:b6:8a:7a:a7:
6a:f1:3f:75:87:fc:80:04:cd:79:5b:ba:a0:46:29:04:ab:ad:
ef:72:1f:52:c4:d8:62:3c:57:5d:c0:a8:ec:5b:b9:81:de:a4:
90:a3:ca:4a:3e:83:75:30:f5:81:78:1b:dc:63:93:48:82:ee:
c9:aa:4c:b7:89:cd:f7:b0:b9:cb:30:f4:2c:cd:91:0b:f4:6c:
29:c6:72:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTjsKjDAgVtukij8FrZtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNjE2NWU0ZjE4MTNlNGIzZjVjNDg3MjA2MzFjN2NjMGIy
Mzc0ZDIwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDA2NTkwMGMwNmQxMzU2NjkxZTM5NzQ2ZjEwZGM3MWM5ODI5NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOvQ/vTsem3sNpsrxRHh7gPR8XTp
lPFMAG2lLXgvPO7kmDM9UJhbrkN52N8v0LjJZ8Na5rKuyMy8OXHmit0Yq/RiqAzr
RxrugwATpetsZIHlRXDa9qbjROSw02sigJ3qlJLkB9FhSMUhZovpNSv5je50Au8v
Kd8v3O7cJxo4ciscc33ByUCBXQUPE1NScZ/XW3PRG++LWEvodM33RVvBL6YgbMzU
vpFEHHLNAh+36BkjkCPy4edXElt+teaZr7TA9rwpHkUFwEwcSsZXwH6ybH79MRY8
BiNv0FIzlGPsxAQWABSrb32fxq5akRvjAbrmt+U1RR+dVO0TUl1UPLvV6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAGWQDAbRNWaR45dG8Q3HHJgpWAMB8GA1UdIwQY
MBaAFE1hZeTxgT5LP1xIcgYxx8wLI3TSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFdGbDVQR0JQa3NfWEVoeUJqSEh6QXNqZE5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zYWU1NDEtNTdmNC00NDY2LTkxZDUt
MDJhM2JlNDc3M2EzLzEva0FaWkFNQnRFMVpwSGpsMGJ4RGNjY21DbFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zYWU1NDEtNTdmNC00NDY2LTkxZDUtMDJhM2JlNDc3M2Ez
LzEvVFdGbDVQR0JQa3NfWEVoeUJqSEh6QXNqZE5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99QMA0G
CSqGSIb3DQEBCwUAA4IBAQC8Zk90RnQ5u6kt2zOb7emzgVS8RFRz9iYpxAY6/y8y
G+7yPbTUtrfWdbIORosiALTy/OvLN/ZBCHU+PKW4Fawim4Q+TvumWlAYkDvDj2DO
eUui3R+ZUvRr6G/dCVcD/f7TJrineda3cYrHzLiNb+YcEm/+bSMUWeSKO+0pnNIw
g6YSdjm9lqD4ymzd4+5vNHdlF0dVcFL3/VLIGA1deBWM4mQDuc+uC+frNG91t7/5
DLaKeqdq8T91h/yABM15W7qgRikEq63vch9SxNhiPFddwKjsW7mB3qSQo8pKPoN1
MPWBeBvcY5NIgu7Jqky3ic33sLnLMPQszZEL9GwpxnIm
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:47:51 2025 by rpki-client