Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/rJp1d6vx3kmhaVEHMNetUyR9Je0.roa
File: rJp1d6vx3kmhaVEHMNetUyR9Je0.roa (raw, json)
Hash identifier: bs7FZUELFSSOuLjMYrwfu5KAn8DMKHCLP/FY2bWPJRs=
Subject key identifier: AC:9A:75:77:AB:F1:DE:49:A1:69:51:07:30:D7:AD:53:24:7D:25:ED
Certificate issuer: /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial: 01946EF968E6E959B37BC208FD20EB10860F
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/rJp1d6vx3kmhaVEHMNetUyR9Je0.roa
Signing time: Thu 16 Jan 2025 11:57:06 +0000
ROA not before: Thu 16 Jan 2025 11:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.237.119.0/24 maxlen: 24
185.220.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 19:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:f9:68:e6:e9:59:b3:7b:c2:08:fd:20:eb:10:86:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
Validity
Not Before: Jan 16 11:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac9a7577abf1de49a169510730d7ad53247d25ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:79:f9:82:a3:1c:2c:ac:e1:96:5c:37:3c:95:
e5:14:30:11:87:47:5c:88:ba:9a:93:f9:c5:7e:c5:
ab:85:28:a8:47:44:f1:bb:00:8a:cb:e9:30:67:60:
2d:f1:27:6a:1e:05:69:60:af:c7:84:ed:d5:24:ba:
4c:01:17:4c:1f:21:b6:72:e1:8f:76:e8:e3:fc:ec:
d8:e7:79:25:ac:a0:92:f8:08:1e:80:48:a9:bf:d6:
16:ad:08:d8:d8:37:0b:65:8b:d4:05:d1:fc:b9:4e:
cf:78:46:9e:df:9b:4d:be:79:ab:ec:2e:f6:62:75:
0c:35:49:c3:1d:71:2a:54:2b:78:0b:62:e4:22:02:
d5:a2:76:b3:50:4e:44:c9:81:33:de:16:99:78:d9:
e9:b4:81:d7:6b:a2:fc:a4:a8:39:4a:fe:ff:e8:02:
5d:55:88:0a:4e:b0:70:2f:14:a6:4d:4e:74:d4:1e:
28:1d:a2:be:3d:fd:b0:fc:f4:d9:6e:55:47:57:44:
88:b4:7b:d7:c7:ab:1a:b7:42:74:5d:41:b0:7c:08:
e8:e7:a7:c9:2b:cc:bf:4c:f7:ba:cb:9d:66:71:15:
45:28:41:53:a0:8a:a0:52:64:94:4b:1d:a4:b6:b5:
b2:8e:f2:b8:20:26:cf:49:48:58:fa:71:7e:a8:1e:
65:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9A:75:77:AB:F1:DE:49:A1:69:51:07:30:D7:AD:53:24:7D:25:ED
X509v3 Authority Key Identifier:
keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/rJp1d6vx3kmhaVEHMNetUyR9Je0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.119.0/24
185.220.146.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:cd:1c:99:6b:de:89:7f:ae:27:c8:82:ab:0d:9d:b2:5f:98:
36:80:43:c0:8d:05:f9:bb:7c:95:89:e6:ce:04:47:64:98:e8:
7d:8b:fe:f7:22:28:ba:37:07:a7:a7:2f:4d:56:c7:73:29:91:
84:bd:45:b0:83:23:a0:4c:23:d6:fe:b2:e8:41:2c:d9:28:f7:
53:04:03:be:64:50:77:c7:0e:7d:86:b5:7c:5a:ae:87:bf:59:
66:5d:b4:e4:e8:cb:73:e3:93:29:46:a2:db:79:7f:9d:54:bf:
63:a1:1c:48:50:4a:31:bd:b5:a9:e1:13:8b:c9:e4:29:bb:f2:
ca:fb:f8:26:38:ca:e7:c8:93:2f:bb:af:3f:4c:82:bf:a4:80:
24:3a:c9:5e:e9:b7:95:8c:ce:ef:16:be:52:e5:c8:61:0d:92:
4f:d5:11:bc:52:cf:5f:35:03:7f:e7:05:d5:1c:dd:6a:38:ff:
56:f4:90:b4:ce:a9:00:14:8f:5f:ac:02:f4:32:51:5b:9c:bd:
5a:e5:3a:b2:3d:9c:ae:c3:8a:54:4b:6d:7a:29:a6:66:3d:15:
3c:5f:7a:f6:02:fd:9f:7f:39:5b:6f:17:19:63:d4:10:f1:26:
be:9f:46:a8:9f:d8:66:67:6d:e3:69:f2:85:d5:59:bb:a6:6e:
7d:a7:af:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRu+Wjm6Vmze8II/SDrEIYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjUwMTE2MTE1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlhNzU3N2FiZjFkZTQ5YTE2OTUxMDczMGQ3YWQ1MzI0N2QyNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHn5gqMcLKzhllw3PJXlFDARh0dc
iLqak/nFfsWrhSioR0TxuwCKy+kwZ2At8SdqHgVpYK/HhO3VJLpMARdMHyG2cuGP
dujj/OzY53klrKCS+AgegEipv9YWrQjY2DcLZYvUBdH8uU7PeEae35tNvnmr7C72
YnUMNUnDHXEqVCt4C2LkIgLVonazUE5EyYEz3haZeNnptIHXa6L8pKg5Sv7/6AJd
VYgKTrBwLxSmTU501B4oHaK+Pf2w/PTZblVHV0SItHvXx6sat0J0XUGwfAjo56fJ
K8y/TPe6y51mcRVFKEFToIqgUmSUSx2ktrWyjvK4ICbPSUhY+nF+qB5ldwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyadXer8d5JoWlRBzDXrVMkfSXtMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvckpwMWQ2dngza21oYVZFSE1OZXRVeVI5SmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+13AwQB
udySMA0GCSqGSIb3DQEBCwUAA4IBAQA7zRyZa96Jf64nyIKrDZ2yX5g2gEPAjQX5
u3yViebOBEdkmOh9i/73Iii6Nwenpy9NVsdzKZGEvUWwgyOgTCPW/rLoQSzZKPdT
BAO+ZFB3xw59hrV8Wq6Hv1lmXbTk6Mtz45MpRqLbeX+dVL9joRxIUEoxvbWp4ROL
yeQpu/LK+/gmOMrnyJMvu68/TIK/pIAkOsle6beVjM7vFr5S5chhDZJP1RG8Us9f
NQN/5wXVHN1qOP9W9JC0zqkAFI9frAL0MlFbnL1a5TqyPZyuw4pUS216KaZmPRU8
X3r2Av2ffzlbbxcZY9QQ8Sa+n0aon9hmZ23jafKF1Vm7pm59p68a
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:27:03 2025 by rpki-client