Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/oL2aReLbaZNNcxm7mNUQlszIzGk.roa
File: oL2aReLbaZNNcxm7mNUQlszIzGk.roa (raw, json)
Hash identifier: unWhMftotpw9TjzX+S/RNO+8fvIq1039WkCra6pyH6M=
Subject key identifier: A0:BD:9A:45:E2:DB:69:93:4D:73:19:BB:98:D5:10:96:CC:C8:CC:69
Certificate issuer: /CN=3e25ab6985f79ca9de06e98e8b9da245d8559ab6
Certificate serial: 019222DC800C412B15F25EAAD838CFFE2402
Authority key identifier: 3E:25:AB:69:85:F7:9C:A9:DE:06:E9:8E:8B:9D:A2:45:D8:55:9A:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiWraYX3nKneBumOi52iRdhVmrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/oL2aReLbaZNNcxm7mNUQlszIzGk.roa
Signing time: Tue 24 Sep 2024 07:08:48 +0000
ROA not before: Tue 24 Sep 2024 07:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211560
IP address blocks: 91.151.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:dc:80:0c:41:2b:15:f2:5e:aa:d8:38:cf:fe:24:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e25ab6985f79ca9de06e98e8b9da245d8559ab6
Validity
Not Before: Sep 24 07:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0bd9a45e2db69934d7319bb98d51096ccc8cc69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:eb:6d:a1:86:d8:d0:2d:b3:91:d4:97:df:f5:
1d:e4:bc:b7:d4:7d:89:22:fe:0e:c7:f9:5d:36:36:
fa:d8:99:c0:93:6b:67:c1:f3:64:ec:53:2b:08:b0:
b0:b4:b6:93:75:02:4f:1b:c3:b7:32:f7:50:c9:4a:
a1:72:7a:b0:f3:61:4d:b6:68:c5:23:48:a8:17:c4:
be:6c:0d:d9:11:93:b4:83:e0:2f:cb:5a:2e:fa:74:
15:93:fe:8f:f5:5b:63:f2:ac:76:f7:97:e7:15:bf:
2a:2f:72:70:ff:01:8e:4f:26:37:26:fd:8c:ef:64:
0c:84:5b:22:c6:c8:dc:f3:45:57:dd:e2:a1:c1:84:
48:99:db:f8:e9:57:50:c8:7a:68:12:84:24:4b:68:
f7:57:22:25:52:cc:79:0a:af:71:97:53:d3:2a:47:
b6:06:a6:4c:46:3f:48:6e:be:bf:3a:1e:da:e5:98:
6f:76:b3:de:ff:11:d5:a4:d4:ba:3b:cf:7f:ff:88:
3e:f0:3a:74:11:1e:46:74:ea:a0:6d:23:06:06:9d:
0c:71:91:61:71:dc:1a:2a:1f:3f:43:f3:83:03:8c:
9c:a1:ab:ca:26:05:50:65:ed:5c:91:2f:9e:e8:dc:
c1:b8:ff:03:b0:15:48:c8:a3:da:7a:56:b8:da:84:
f1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BD:9A:45:E2:DB:69:93:4D:73:19:BB:98:D5:10:96:CC:C8:CC:69
X509v3 Authority Key Identifier:
keyid:3E:25:AB:69:85:F7:9C:A9:DE:06:E9:8E:8B:9D:A2:45:D8:55:9A:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiWraYX3nKneBumOi52iRdhVmrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/oL2aReLbaZNNcxm7mNUQlszIzGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/22d175-c71d-4637-a090-b19ad5455bfd/1/PiWraYX3nKneBumOi52iRdhVmrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.94.0/24
Signature Algorithm: sha256WithRSAEncryption
37:96:27:02:35:2c:c0:1c:b3:1a:9f:70:20:76:f9:58:b2:5d:
37:13:09:49:cb:0d:37:36:7a:96:90:b7:c6:ca:69:ee:09:f6:
80:7b:8b:ad:83:90:2b:a3:45:81:27:5e:48:f1:9c:37:b4:0c:
54:65:4b:37:a3:19:68:d0:40:12:9e:0b:df:80:7f:8d:17:41:
5e:ad:ab:8e:b9:0d:d2:41:f7:16:45:f7:ad:8e:d9:1f:9e:33:
dd:62:43:82:09:f5:6e:de:45:bd:a1:14:40:0d:c4:4f:e2:83:
c7:b3:66:a8:80:9d:bd:15:e8:16:9c:ec:3e:d6:5d:70:7c:0d:
b9:d6:9d:7b:69:9d:f6:df:85:6b:44:61:e8:c2:fe:2a:57:fe:
ee:92:f7:90:a5:c3:03:a6:ab:d5:d1:f4:c8:37:6c:07:5b:d7:
17:4e:23:f8:bc:55:8a:2d:c9:e6:61:ea:87:4b:8e:67:fa:85:
de:ed:30:73:9f:06:68:69:ba:cd:d0:5e:68:4d:87:dc:a0:a0:
ea:34:ee:4e:34:1b:b7:36:eb:aa:6c:e4:0c:1c:63:4d:4b:a8:
05:d7:f3:7c:b2:2f:5d:57:af:4a:32:71:fd:25:e4:ce:45:18:
69:04:e2:8c:df:78:da:08:48:13:8c:81:e1:3e:46:89:c0:f0:
ba:82:72:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIi3IAMQSsV8l6q2DjP/iQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjVhYjY5ODVmNzljYTlkZTA2ZTk4ZThiOWRhMjQ1ZDg1
NTlhYjYwHhcNMjQwOTI0MDcwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJkOWE0NWUyZGI2OTkzNGQ3MzE5YmI5OGQ1MTA5NmNjYzhjYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuttoYbY0C2zkdSX3/Ud5Ly31H2J
Iv4Ox/ldNjb62JnAk2tnwfNk7FMrCLCwtLaTdQJPG8O3MvdQyUqhcnqw82FNtmjF
I0ioF8S+bA3ZEZO0g+Avy1ou+nQVk/6P9Vtj8qx295fnFb8qL3Jw/wGOTyY3Jv2M
72QMhFsixsjc80VX3eKhwYRImdv46VdQyHpoEoQkS2j3VyIlUsx5Cq9xl1PTKke2
BqZMRj9Ibr6/Oh7a5ZhvdrPe/xHVpNS6O89//4g+8Dp0ER5GdOqgbSMGBp0McZFh
cdwaKh8/Q/ODA4ycoavKJgVQZe1ckS+e6NzBuP8DsBVIyKPaela42oTxgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC9mkXi22mTTXMZu5jVEJbMyMxpMB8GA1UdIwQY
MBaAFD4lq2mF95yp3gbpjoudokXYVZq2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlXcmFZWDNuS25lQnVtT2k1MmlSZGhWbXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yMmQxNzUtYzcxZC00NjM3LWEwOTAt
YjE5YWQ1NDU1YmZkLzEvb0wyYVJlTGJhWk5OY3htN21OVVFsc3pJekdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yMmQxNzUtYzcxZC00NjM3LWEwOTAtYjE5YWQ1NDU1YmZk
LzEvUGlXcmFZWDNuS25lQnVtT2k1MmlSZGhWbXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5deMA0G
CSqGSIb3DQEBCwUAA4IBAQA3licCNSzAHLMan3AgdvlYsl03EwlJyw03NnqWkLfG
ymnuCfaAe4utg5Aro0WBJ15I8Zw3tAxUZUs3oxlo0EASngvfgH+NF0FerauOuQ3S
QfcWRfetjtkfnjPdYkOCCfVu3kW9oRRADcRP4oPHs2aogJ29FegWnOw+1l1wfA25
1p17aZ3234VrRGHowv4qV/7ukveQpcMDpqvV0fTIN2wHW9cXTiP4vFWKLcnmYeqH
S45n+oXe7TBznwZoabrN0F5oTYfcoKDqNO5ONBu3NuuqbOQMHGNNS6gF1/N8si9d
V69KMnH9JeTORRhpBOKM33jaCEgTjIHhPkaJwPC6gnIh
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:03:57 2025 by rpki-client