Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/ayOjvRkeOcDT6bSnmpjTZ8OCVy0.roa
File: ayOjvRkeOcDT6bSnmpjTZ8OCVy0.roa (raw, json)
Hash identifier: 2hIvly46mP2WZZXvpiAPW28AEi7zVJ9rCH9M3fUQv2E=
Subject key identifier: 6B:23:A3:BD:19:1E:39:C0:D3:E9:B4:A7:9A:98:D3:67:C3:82:57:2D
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 0193F48A9C4BDDBE9D28E6EF76C53E2B33EC
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/ayOjvRkeOcDT6bSnmpjTZ8OCVy0.roa
Signing time: Mon 23 Dec 2024 17:22:24 +0000
ROA not before: Mon 23 Dec 2024 17:22:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202987
IP address blocks: 91.188.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:8a:9c:4b:dd:be:9d:28:e6:ef:76:c5:3e:2b:33:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Dec 23 17:22:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b23a3bd191e39c0d3e9b4a79a98d367c382572d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:04:18:cd:d8:84:68:0b:61:40:ec:d2:e6:ca:
1c:fa:11:ec:2b:c1:03:2b:5a:ff:da:0c:aa:78:70:
c3:44:e7:12:28:79:e6:4b:23:83:2f:c4:31:95:eb:
05:e7:5c:7b:a5:df:6f:59:36:e4:87:18:8b:19:72:
d8:ce:bf:ca:99:ca:98:1f:9c:ea:bd:02:38:7d:c7:
51:30:e8:38:02:d7:d6:18:52:d9:e3:b6:b0:a7:67:
ae:70:74:d1:04:94:f2:61:2b:2a:a6:b9:ab:05:d9:
c5:d8:b6:a1:ff:9f:11:8b:c2:02:68:23:f5:5d:31:
91:c4:c8:47:fc:8a:6e:5e:91:26:bd:1c:1a:81:91:
9e:83:e4:df:ae:f5:61:e4:bc:f0:65:6b:e4:67:44:
77:e5:37:49:a5:9e:d6:cf:55:e8:7b:e9:4c:7f:95:
35:2a:68:91:5f:79:bc:3c:54:84:5b:8c:15:f3:f8:
54:20:3c:87:db:6a:dc:21:ae:02:bc:1f:c0:6a:2e:
0d:68:59:a1:46:3f:9f:b7:23:2f:49:7e:c4:0c:9b:
6d:84:87:8b:22:cb:35:a7:56:84:69:c3:71:d6:f2:
43:1a:47:69:8b:ef:bc:5a:2c:da:a3:c8:84:57:7b:
b0:81:b7:e3:53:77:d1:48:d2:aa:fd:bd:ef:0c:ad:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:23:A3:BD:19:1E:39:C0:D3:E9:B4:A7:9A:98:D3:67:C3:82:57:2D
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/ayOjvRkeOcDT6bSnmpjTZ8OCVy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:52:8b:0e:7a:37:f0:4d:22:d7:bd:84:e7:17:eb:17:96:32:
bd:f9:29:3f:dd:76:a2:ea:f2:6b:81:4c:56:a5:de:bd:ac:b1:
cb:11:0e:8b:75:34:9e:d8:95:07:c1:5e:e6:b0:47:ad:9c:a2:
cc:fb:33:6f:44:14:5e:43:0c:24:1c:a0:74:f0:7e:84:a7:68:
b1:56:1e:05:7f:93:32:67:37:56:12:49:66:62:17:32:90:15:
9b:a7:ec:bb:1e:07:28:d6:61:6f:b3:da:42:b9:c9:0e:6f:08:
85:88:c0:0a:8e:0c:b0:d4:a7:ba:33:c9:fd:68:9d:dc:d2:1b:
86:a3:e9:0e:68:0a:f2:c3:69:5c:33:a6:ea:4a:c8:5d:86:e8:
9c:22:17:bb:c3:14:9a:e7:98:d1:1c:f2:be:53:1e:98:c9:f2:
f3:06:0e:17:f6:f9:49:69:01:5f:be:9b:fa:5c:a1:a0:ae:7d:
84:00:e7:ea:a3:26:57:1e:09:5a:5a:b9:c4:0f:6c:14:7d:c6:
6a:68:c5:24:f8:cb:a1:d9:48:e5:5b:bf:56:58:a1:6e:ae:3d:
02:18:ce:d3:dd:27:50:21:87:22:41:11:32:83:76:f2:de:d9:
3e:b8:7f:b5:95:82:36:0b:d8:09:88:cf:bf:d8:88:17:e9:0a:
99:c3:da:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP0ipxL3b6dKObvdsU+KzPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYzg2OTU3NzJmMGU2NGYzYjlhMTYyMTczM2NjMDI1MDZm
NzQ3MDIwHhcNMjQxMjIzMTcyMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIzYTNiZDE5MWUzOWMwZDNlOWI0YTc5YTk4ZDM2N2MzODI1NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgQYzdiEaAthQOzS5soc+hHsK8ED
K1r/2gyqeHDDROcSKHnmSyODL8QxlesF51x7pd9vWTbkhxiLGXLYzr/KmcqYH5zq
vQI4fcdRMOg4AtfWGFLZ47awp2eucHTRBJTyYSsqprmrBdnF2Lah/58Ri8ICaCP1
XTGRxMhH/IpuXpEmvRwagZGeg+TfrvVh5LzwZWvkZ0R35TdJpZ7Wz1Xoe+lMf5U1
KmiRX3m8PFSEW4wV8/hUIDyH22rcIa4CvB/Aai4NaFmhRj+ftyMvSX7EDJtthIeL
Iss1p1aEacNx1vJDGkdpi++8Wizao8iEV3uwgbfjU3fRSNKq/b3vDK3WUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsjo70ZHjnA0+m0p5qY02fDglctMB8GA1UdIwQY
MBaAFCvIaVdy8OZPO5oWIXM8wCUG90cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMt
NDNkNjZhMDMzMWVjLzEvYXlPanZSa2VPY0RUNmJTbm1walRaOE9DVnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYmZhOWItMDI5MS00OGUzLTgwNWMtNDNkNjZhMDMzMWVj
LzEvSzhocFYzTHc1azg3bWhZaGN6ekFKUWIzUndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7zRMA0G
CSqGSIb3DQEBCwUAA4IBAQAsUosOejfwTSLXvYTnF+sXljK9+Sk/3Xai6vJrgUxW
pd69rLHLEQ6LdTSe2JUHwV7msEetnKLM+zNvRBReQwwkHKB08H6Ep2ixVh4Ff5My
ZzdWEklmYhcykBWbp+y7Hgco1mFvs9pCuckObwiFiMAKjgyw1Ke6M8n9aJ3c0huG
o+kOaAryw2lcM6bqSshdhuicIhe7wxSa55jRHPK+Ux6YyfLzBg4X9vlJaQFfvpv6
XKGgrn2EAOfqoyZXHglaWrnED2wUfcZqaMUk+Muh2UjlW79WWKFurj0CGM7T3SdQ
IYciQREyg3by3tk+uH+1lYI2C9gJiM+/2IgX6QqZw9rx
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:04 2025 by rpki-client