Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/vQpYaznukQu7j27945PA0020BQ8.roa
File: vQpYaznukQu7j27945PA0020BQ8.roa (raw, json)
Hash identifier: hoxDywjbyz3QAAqnRtTDuCR7n4iAgz4vpAPnNrBrsU8=
Subject key identifier: BD:0A:58:6B:39:EE:91:0B:BB:8F:6E:FD:E3:93:C0:D3:4D:B4:05:0F
Certificate issuer: /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Certificate serial: 0192513A75DE07A9745B13C475C6B96AA447
Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/vQpYaznukQu7j27945PA0020BQ8.roa
Signing time: Thu 03 Oct 2024 07:13:58 +0000
ROA not before: Thu 03 Oct 2024 07:13:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57720
IP address blocks: 91.234.149.0/24 maxlen: 24
2001:67c:7a8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:3a:75:de:07:a9:74:5b:13:c4:75:c6:b9:6a:a4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Validity
Not Before: Oct 3 07:13:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd0a586b39ee910bbb8f6efde393c0d34db4050f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7a:88:a8:3b:19:a5:33:ad:af:6e:70:9d:ea:
13:e7:e1:94:91:40:41:67:8a:c2:ed:7b:40:0d:22:
36:a4:49:f9:ea:21:c3:27:27:22:8d:86:51:63:39:
a2:18:5e:88:c7:ce:d0:2f:3f:c1:ad:4f:30:01:36:
a1:91:d5:74:db:93:7a:62:55:94:ef:d4:d0:fb:a0:
10:37:cb:ff:6e:97:a1:df:e3:0f:69:b3:2f:42:81:
7b:ef:01:e4:2a:d0:f3:76:a9:2b:c7:0d:b4:47:8b:
37:24:d4:33:97:ba:33:19:cb:03:75:43:c8:8e:f9:
06:fb:6c:b5:07:33:4e:43:78:b8:fa:70:8a:c5:9f:
40:17:75:a3:04:26:d8:ff:15:9c:1a:a5:62:f4:7d:
81:1e:17:bf:ce:5f:bb:07:5a:d5:a3:c8:10:cc:0d:
44:53:d7:d4:90:d7:55:19:39:d2:a9:5a:1d:d5:c0:
46:15:f0:d2:9e:4c:68:d7:26:af:ea:81:53:35:41:
c9:89:72:69:89:04:62:2a:23:af:99:4b:a1:b3:d4:
35:16:9c:bd:62:7f:67:39:a8:ab:37:3a:99:17:1d:
99:e6:60:5a:47:8b:01:40:fc:06:de:12:87:95:f3:
fc:c1:3f:7c:cd:34:ac:90:d8:a9:0a:f9:06:88:df:
f0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0A:58:6B:39:EE:91:0B:BB:8F:6E:FD:E3:93:C0:D3:4D:B4:05:0F
X509v3 Authority Key Identifier:
keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/vQpYaznukQu7j27945PA0020BQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.149.0/24
IPv6:
2001:67c:7a8::/48
Signature Algorithm: sha256WithRSAEncryption
30:02:ee:75:f5:7f:d5:06:be:88:00:68:32:27:72:df:d4:7d:
d4:ff:47:da:f9:4a:4f:d6:2e:35:7c:cc:f5:de:f7:fa:ce:ae:
6f:cd:f5:ca:19:36:94:d3:ba:66:86:1d:a4:f5:87:75:29:79:
76:af:eb:c1:61:0c:73:08:21:a1:f3:ef:f2:18:c3:39:05:95:
7f:35:29:e4:a4:ad:d8:b8:14:1f:3b:bf:08:a0:88:f6:0b:ba:
26:e2:b0:cf:0c:c1:bf:e8:ae:d9:1f:e3:bc:af:ad:ad:d1:6c:
4e:de:bb:fd:fc:fc:73:99:a2:7c:6d:40:75:d0:cd:14:34:a3:
62:c1:82:ec:96:6b:6a:a0:da:25:46:36:06:cd:a4:87:f4:e9:
a2:d7:d0:64:c6:03:c9:c4:2e:49:ce:bf:a8:bd:80:08:3e:0e:
f1:72:c9:34:0e:2d:75:7d:45:b1:1e:ea:9a:1d:b4:e8:5a:f5:
04:ea:7d:4a:90:9e:54:8d:18:94:ae:e7:0d:4a:d9:59:cf:ed:
b6:49:70:a5:ee:53:de:1e:f1:75:39:f9:19:11:bf:e4:1b:30:
ed:f9:17:19:37:db:a7:ee:b2:91:a8:93:c5:9a:9c:3f:aa:10:
c2:74:33:72:80:c3:8e:dc:79:f0:9c:dd:01:92:61:47:da:84:
f5:ce:54:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJROnXeB6l0WxPEdca5aqRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx
YTJmNzIwHhcNMjQxMDAzMDcxMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBhNTg2YjM5ZWU5MTBiYmI4ZjZlZmRlMzkzYzBkMzRkYjQwNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XqIqDsZpTOtr25wneoT5+GUkUBB
Z4rC7XtADSI2pEn56iHDJycijYZRYzmiGF6Ix87QLz/BrU8wATahkdV025N6YlWU
79TQ+6AQN8v/bpeh3+MPabMvQoF77wHkKtDzdqkrxw20R4s3JNQzl7ozGcsDdUPI
jvkG+2y1BzNOQ3i4+nCKxZ9AF3WjBCbY/xWcGqVi9H2BHhe/zl+7B1rVo8gQzA1E
U9fUkNdVGTnSqVod1cBGFfDSnkxo1yav6oFTNUHJiXJpiQRiKiOvmUuhs9Q1Fpy9
Yn9nOairNzqZFx2Z5mBaR4sBQPwG3hKHlfP8wT98zTSskNipCvkGiN/w/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL0KWGs57pELu49u/eOTwNNNtAUPMB8GA1UdIwQY
MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct
NzRlODQ5NjcxNjhiLzEvdlFwWWF6bnVrUXU3ajI3OTQ1UEEwMDIwQlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi
LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+qVMA8E
AgACMAkDBwAgAQZ8B6gwDQYJKoZIhvcNAQELBQADggEBADAC7nX1f9UGvogAaDIn
ct/UfdT/R9r5Sk/WLjV8zPXe9/rOrm/N9coZNpTTumaGHaT1h3UpeXav68FhDHMI
IaHz7/IYwzkFlX81KeSkrdi4FB87vwigiPYLuibisM8Mwb/ortkf47yvra3RbE7e
u/38/HOZonxtQHXQzRQ0o2LBguyWa2qg2iVGNgbNpIf06aLX0GTGA8nELknOv6i9
gAg+DvFyyTQOLXV9RbEe6podtOha9QTqfUqQnlSNGJSu5w1K2VnP7bZJcKXuU94e
8XU5+RkRv+QbMO35Fxk326fuspGok8WanD+qEMJ0M3KAw47cefCc3QGSYUfahPXO
VHg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:57 2025 by rpki-client