Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/a051a8-32a8-448f-a032-926968271fb2/1/kwnFvChmyTSmLl2lQ-ry4exqTcQ.roa
File: kwnFvChmyTSmLl2lQ-ry4exqTcQ.roa (raw, json)
Hash identifier: 9yd5t6OlZJVeNAzKIdELunWUrOsC17gV1LMcptq9FNw=
Subject key identifier: 93:09:C5:BC:28:66:C9:34:A6:2E:5D:A5:43:EA:F2:E1:EC:6A:4D:C4
Certificate issuer: /CN=e86adb23ca8df1e472c259f5e09cfe89ae250112
Certificate serial: 018CC425057691B874E6C31C6E31BD2D2B8F
Authority key identifier: E8:6A:DB:23:CA:8D:F1:E4:72:C2:59:F5:E0:9C:FE:89:AE:25:01:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6GrbI8qN8eRywln14Jz-ia4lARI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/a051a8-32a8-448f-a032-926968271fb2/1/kwnFvChmyTSmLl2lQ-ry4exqTcQ.roa
Signing time: Mon 01 Jan 2024 08:30:09 +0000
ROA not before: Mon 01 Jan 2024 08:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52034
IP address blocks: 91.220.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:05:76:91:b8:74:e6:c3:1c:6e:31:bd:2d:2b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e86adb23ca8df1e472c259f5e09cfe89ae250112
Validity
Not Before: Jan 1 08:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9309c5bc2866c934a62e5da543eaf2e1ec6a4dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8e:68:68:ce:20:d0:b8:ef:76:fe:04:c4:26:
b7:93:96:b0:fc:5f:f5:7d:5a:ea:53:55:f7:ab:7f:
58:57:b8:c3:e7:6a:d9:b8:de:64:95:e3:1c:5d:fa:
85:0d:16:ec:21:df:3a:b8:4d:fa:1f:20:2f:27:ab:
4b:c2:80:32:80:cf:ad:8c:ad:40:31:83:9b:64:17:
85:28:08:69:63:1f:73:5e:a6:15:21:b3:9d:89:df:
22:d5:53:c5:aa:32:37:9d:41:1d:b8:99:1f:76:57:
32:df:4d:ca:7d:de:3a:b8:f6:16:b2:98:81:73:38:
f0:72:4d:42:63:2f:69:15:29:cb:df:f2:0c:da:8e:
32:b8:59:ad:d4:65:57:b5:ac:11:a7:97:0d:bc:df:
98:96:aa:14:ba:1c:6c:54:a4:fb:cb:25:a5:61:49:
34:f7:0e:f3:fc:05:43:89:f3:fb:6d:d3:78:c2:0c:
4c:6d:75:19:c2:c9:07:74:9d:e1:24:ee:a7:b6:04:
d0:7b:f7:5e:e5:d2:19:d0:71:d6:94:5c:cb:84:96:
75:13:f1:83:3d:29:b7:a4:0e:5e:b3:d0:cc:63:c2:
9c:1f:62:f6:9a:41:d1:e6:f0:a9:2a:99:a3:98:0d:
a0:3b:af:77:07:c5:f3:7d:83:74:0e:9b:07:19:52:
e8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:09:C5:BC:28:66:C9:34:A6:2E:5D:A5:43:EA:F2:E1:EC:6A:4D:C4
X509v3 Authority Key Identifier:
keyid:E8:6A:DB:23:CA:8D:F1:E4:72:C2:59:F5:E0:9C:FE:89:AE:25:01:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6GrbI8qN8eRywln14Jz-ia4lARI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a051a8-32a8-448f-a032-926968271fb2/1/kwnFvChmyTSmLl2lQ-ry4exqTcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a051a8-32a8-448f-a032-926968271fb2/1/6GrbI8qN8eRywln14Jz-ia4lARI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.246.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:12:8c:b6:28:44:6f:f1:b8:43:15:6c:34:fc:aa:09:a8:e9:
ac:39:49:f0:9e:84:f5:13:08:34:56:a6:6e:59:df:ea:7e:2c:
2c:bb:26:ce:6b:9e:3e:c4:8d:50:41:53:a9:7b:ce:66:e0:37:
db:0f:e1:5b:59:53:4e:54:5b:54:33:8f:a5:cd:9f:4d:3b:b6:
fc:45:08:b6:70:e3:b7:69:f8:97:13:9d:72:76:08:f0:a8:88:
c6:57:bc:4d:b1:b6:15:82:bf:02:cf:09:86:e0:19:4e:76:2d:
3c:a1:41:ed:16:0c:74:95:91:3d:e1:e0:08:85:8b:05:12:ac:
0e:0c:b6:3d:2c:1c:3a:00:de:a0:de:0a:73:76:23:56:a9:96:
b2:20:e8:ba:b2:42:49:bf:75:9c:d2:85:c4:ec:5c:3e:f6:12:
fb:da:7d:50:2d:95:a5:87:e2:7d:b1:ce:aa:78:88:8c:8e:5e:
80:2d:ca:29:43:af:b4:08:85:66:66:73:de:29:27:46:10:19:
65:11:01:24:54:0c:94:3f:db:42:4a:b2:84:b0:2f:95:0d:d7:
c9:5a:ac:a6:ea:3a:47:0d:a3:d7:53:31:07:43:e7:fa:eb:ea:
f0:11:ab:95:c0:3b:d8:c6:90:65:39:06:fb:63:6e:34:cf:7b:
6b:0f:31:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQV2kbh05sMcbjG9LSuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NmFkYjIzY2E4ZGYxZTQ3MmMyNTlmNWUwOWNmZTg5YWUy
NTAxMTIwHhcNMjQwMTAxMDgzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA5YzViYzI4NjZjOTM0YTYyZTVkYTU0M2VhZjJlMWVjNmE0ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo5oaM4g0Ljvdv4ExCa3k5aw/F/1
fVrqU1X3q39YV7jD52rZuN5kleMcXfqFDRbsId86uE36HyAvJ6tLwoAygM+tjK1A
MYObZBeFKAhpYx9zXqYVIbOdid8i1VPFqjI3nUEduJkfdlcy303Kfd46uPYWspiB
czjwck1CYy9pFSnL3/IM2o4yuFmt1GVXtawRp5cNvN+YlqoUuhxsVKT7yyWlYUk0
9w7z/AVDifP7bdN4wgxMbXUZwskHdJ3hJO6ntgTQe/de5dIZ0HHWlFzLhJZ1E/GD
PSm3pA5es9DMY8KcH2L2mkHR5vCpKpmjmA2gO693B8XzfYN0DpsHGVLoUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMJxbwoZsk0pi5dpUPq8uHsak3EMB8GA1UdIwQY
MBaAFOhq2yPKjfHkcsJZ9eCc/omuJQESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkdyYkk4cU44ZVJ5d2xuMTRKei1pYTRsQVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9hMDUxYTgtMzJhOC00NDhmLWEwMzIt
OTI2OTY4MjcxZmIyLzEva3duRnZDaG15VFNtTGwybFEtcnk0ZXhxVGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9hMDUxYTgtMzJhOC00NDhmLWEwMzItOTI2OTY4MjcxZmIy
LzEvNkdyYkk4cU44ZVJ5d2xuMTRKei1pYTRsQVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9z2MA0G
CSqGSIb3DQEBCwUAA4IBAQB9Eoy2KERv8bhDFWw0/KoJqOmsOUnwnoT1Ewg0VqZu
Wd/qfiwsuybOa54+xI1QQVOpe85m4DfbD+FbWVNOVFtUM4+lzZ9NO7b8RQi2cOO3
afiXE51ydgjwqIjGV7xNsbYVgr8CzwmG4BlOdi08oUHtFgx0lZE94eAIhYsFEqwO
DLY9LBw6AN6g3gpzdiNWqZayIOi6skJJv3Wc0oXE7Fw+9hL72n1QLZWlh+J9sc6q
eIiMjl6ALcopQ6+0CIVmZnPeKSdGEBllEQEkVAyUP9tCSrKEsC+VDdfJWqym6jpH
DaPXUzEHQ+f66+rwEauVwDvYxpBlOQb7Y240z3trDzG8
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:45:31 2025 by rpki-client