Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/5f53a3-2260-41b0-a341-500432501743/1/usvVTjWIPp31x4cOsyfB3WN1ztA.roa
File: usvVTjWIPp31x4cOsyfB3WN1ztA.roa (raw, json)
Hash identifier: BzqGq9ALsNUxS2N8UCFoEXSHLMi3ALHWkmqgbN1UDSE=
Subject key identifier: BA:CB:D5:4E:35:88:3E:9D:F5:C7:87:0E:B3:27:C1:DD:63:75:CE:D0
Certificate issuer: /CN=fedae68910398c9d8ee756e168201dd9e8989b52
Certificate serial: 01938CB34C4E173392A3376DA89A81217607
Authority key identifier: FE:DA:E6:89:10:39:8C:9D:8E:E7:56:E1:68:20:1D:D9:E8:98:9B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_trmiRA5jJ2O51bhaCAd2eiYm1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/5f53a3-2260-41b0-a341-500432501743/1/usvVTjWIPp31x4cOsyfB3WN1ztA.roa
Signing time: Tue 03 Dec 2024 13:26:20 +0000
ROA not before: Tue 03 Dec 2024 13:26:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198133
IP address blocks: 91.246.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:55:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:b3:4c:4e:17:33:92:a3:37:6d:a8:9a:81:21:76:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fedae68910398c9d8ee756e168201dd9e8989b52
Validity
Not Before: Dec 3 13:26:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bacbd54e35883e9df5c7870eb327c1dd6375ced0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0d:1a:5f:eb:29:73:02:22:c6:79:4e:8a:a8:
8d:fc:37:9b:86:78:83:a4:06:1a:85:58:64:91:e2:
c9:d0:74:79:42:05:96:46:8e:e8:bc:42:b5:1e:a7:
fe:ee:80:c5:4a:65:0f:a8:f6:f0:84:b8:9b:09:e5:
35:57:e9:97:df:6d:f0:00:ac:53:ad:2c:a9:da:98:
a6:ed:dc:10:b4:7b:d1:14:01:f3:93:2e:3e:55:00:
b8:dc:3e:1a:91:16:9c:5f:05:46:0a:29:86:fe:29:
ac:bc:85:c3:3c:de:98:90:d6:27:41:12:14:75:46:
04:e3:bf:07:f8:9c:50:3f:16:9c:18:f0:32:ca:a4:
02:4a:ca:33:83:47:03:b7:03:f8:f0:44:9e:dd:46:
6f:b4:c4:79:15:a1:6c:ff:97:e4:61:7f:7f:9d:97:
63:4d:2d:ea:c1:7a:7d:71:28:7b:05:66:60:44:33:
69:c9:88:a3:db:15:3c:b1:82:cb:50:1c:62:b0:fe:
1a:e1:c6:00:a6:d1:f3:30:85:60:56:ca:44:0d:89:
88:e5:60:a0:25:f3:32:5d:24:62:55:c0:3c:e4:d7:
98:20:65:c9:d6:15:a5:7b:2a:86:73:9d:9f:d4:e1:
88:ed:45:7f:d9:f4:0e:85:9c:8d:9d:34:e3:d1:10:
9f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CB:D5:4E:35:88:3E:9D:F5:C7:87:0E:B3:27:C1:DD:63:75:CE:D0
X509v3 Authority Key Identifier:
keyid:FE:DA:E6:89:10:39:8C:9D:8E:E7:56:E1:68:20:1D:D9:E8:98:9B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_trmiRA5jJ2O51bhaCAd2eiYm1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/5f53a3-2260-41b0-a341-500432501743/1/usvVTjWIPp31x4cOsyfB3WN1ztA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/5f53a3-2260-41b0-a341-500432501743/1/_trmiRA5jJ2O51bhaCAd2eiYm1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.208.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:6b:9a:5e:eb:89:a2:e4:79:65:28:a3:41:42:fc:c4:64:6e:
92:8d:87:90:73:b7:ea:ea:1d:bd:de:ea:6d:57:32:bf:29:75:
68:f7:77:88:a7:51:8e:34:60:8f:41:dd:2e:90:b7:b7:67:7e:
a3:4d:87:b0:5c:ca:36:5d:ca:4f:99:65:9c:78:fd:ed:45:64:
ea:41:6f:33:2a:85:48:ab:d0:3c:eb:e3:2a:27:ee:81:5a:c1:
1a:c1:69:7a:2c:dd:b3:55:b9:5d:33:98:9d:e2:2c:df:31:2f:
88:1a:d0:ca:11:f6:f5:c8:83:d1:08:61:60:30:03:3c:4e:a9:
4d:31:c9:ee:b5:1b:f5:5e:0f:e0:0d:11:32:56:8a:ba:50:81:
52:69:7e:7f:ca:8b:d2:cc:71:54:1c:8e:bb:39:d8:3d:87:5b:
32:64:4f:d2:43:52:36:c0:f7:73:59:e7:20:1a:35:06:20:15:
49:9d:c1:2b:dd:65:8c:2a:62:3d:af:8b:5b:fa:9a:d4:f2:03:
eb:87:2c:c5:68:6f:0e:00:dd:20:11:ba:93:8f:e5:21:41:c0:
3b:ad:d3:56:74:13:61:51:25:04:6e:a9:44:45:e4:01:a2:49:
13:d9:aa:11:1a:54:2f:4c:58:dc:4f:08:44:62:73:f7:26:8f:
f1:b0:3c:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOMs0xOFzOSozdtqJqBIXYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZGFlNjg5MTAzOThjOWQ4ZWU3NTZlMTY4MjAxZGQ5ZTg5
ODliNTIwHhcNMjQxMjAzMTMyNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNiZDU0ZTM1ODgzZTlkZjVjNzg3MGViMzI3YzFkZDYzNzVjZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng0aX+spcwIixnlOiqiN/DebhniD
pAYahVhkkeLJ0HR5QgWWRo7ovEK1Hqf+7oDFSmUPqPbwhLibCeU1V+mX323wAKxT
rSyp2pim7dwQtHvRFAHzky4+VQC43D4akRacXwVGCimG/imsvIXDPN6YkNYnQRIU
dUYE478H+JxQPxacGPAyyqQCSsozg0cDtwP48ESe3UZvtMR5FaFs/5fkYX9/nZdj
TS3qwXp9cSh7BWZgRDNpyYij2xU8sYLLUBxisP4a4cYAptHzMIVgVspEDYmI5WCg
JfMyXSRiVcA85NeYIGXJ1hWleyqGc52f1OGI7UV/2fQOhZyNnTTj0RCfQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrL1U41iD6d9ceHDrMnwd1jdc7QMB8GA1UdIwQY
MBaAFP7a5okQOYydjudW4WggHdnomJtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RybWlSQTVqSjJPNTFiaGFDQWQyZWlZbTFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ZjUzYTMtMjI2MC00MWIwLWEzNDEt
NTAwNDMyNTAxNzQzLzEvdXN2VlRqV0lQcDMxeDRjT3N5ZkIzV04xenRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ZjUzYTMtMjI2MC00MWIwLWEzNDEtNTAwNDMyNTAxNzQz
LzEvX3RybWlSQTVqSjJPNTFiaGFDQWQyZWlZbTFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW/bQMA0G
CSqGSIb3DQEBCwUAA4IBAQBMa5pe64mi5HllKKNBQvzEZG6SjYeQc7fq6h293upt
VzK/KXVo93eIp1GONGCPQd0ukLe3Z36jTYewXMo2XcpPmWWceP3tRWTqQW8zKoVI
q9A86+MqJ+6BWsEawWl6LN2zVbldM5id4izfMS+IGtDKEfb1yIPRCGFgMAM8TqlN
McnutRv1Xg/gDREyVoq6UIFSaX5/yovSzHFUHI67Odg9h1syZE/SQ1I2wPdzWecg
GjUGIBVJncEr3WWMKmI9r4tb+prU8gPrhyzFaG8OAN0gEbqTj+UhQcA7rdNWdBNh
USUEbqlEReQBokkT2aoRGlQvTFjcTwhEYnP3Jo/xsDy7
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:10:41 2025 by rpki-client