Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kSBJzyZr-ZofduawtydEh6PEKGo.roa
File: kSBJzyZr-ZofduawtydEh6PEKGo.roa (raw, json)
Hash identifier: X+6iPys43U63PeaU07LZ4r0CoirG94fu/Ti4sljtKt0=
Subject key identifier: 91:20:49:CF:26:6B:F9:9A:1F:76:E6:B0:B7:27:44:87:A3:C4:28:6A
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01907BB7C3767A240D11F270A6D535F0D1E0
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kSBJzyZr-ZofduawtydEh6PEKGo.roa
Signing time: Thu 04 Jul 2024 03:09:18 +0000
ROA not before: Thu 04 Jul 2024 03:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 74.124.204.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:b7:c3:76:7a:24:0d:11:f2:70:a6:d5:35:f0:d1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 4 03:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=912049cf266bf99a1f76e6b0b7274487a3c4286a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0b:02:e4:d5:db:11:c2:3b:af:60:aa:3b:70:
d0:b9:98:5b:c7:c0:8d:d6:6b:05:75:e7:55:fc:d1:
f8:41:2b:68:1b:da:ca:1e:12:45:25:8e:95:70:62:
06:8d:23:c2:5b:29:0d:ac:a6:7b:a3:32:5e:53:fd:
e7:89:56:9f:ab:6e:84:f0:d3:41:2c:e8:c8:1a:9f:
c6:4a:71:d1:d3:77:b7:11:6e:f3:b3:3f:a3:e1:e3:
0b:57:91:d1:86:1c:96:19:87:14:7c:20:62:de:16:
02:c9:40:e5:d0:44:a7:c0:b5:be:73:10:d9:97:65:
5a:9b:ad:44:3b:1f:d4:73:ad:bf:80:5b:ae:6b:7a:
c5:7c:07:a3:50:3d:b9:6c:fd:94:90:e4:cb:19:73:
34:4b:94:22:d9:6e:b3:5f:8e:d5:0c:9d:e0:92:51:
b9:55:c7:64:6f:3c:26:9f:06:a0:7f:67:c4:66:b2:
90:28:f0:1e:be:30:0d:59:e9:ee:23:ff:a8:13:19:
16:c9:93:c5:9f:a0:bd:16:91:6d:27:21:d2:29:95:
75:4e:73:24:58:40:15:0f:06:cb:db:3b:13:ca:9d:
58:6e:07:83:6b:fc:06:99:6c:2a:de:c3:9c:f7:75:
e1:34:d3:51:64:9a:02:e5:34:65:24:8d:d8:a4:e3:
03:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:20:49:CF:26:6B:F9:9A:1F:76:E6:B0:B7:27:44:87:A3:C4:28:6A
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kSBJzyZr-ZofduawtydEh6PEKGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.124.204.0/22
178.216.184.0/21
Signature Algorithm: sha256WithRSAEncryption
84:90:d7:ec:f1:94:70:38:9a:89:ca:6d:9c:99:b1:d5:66:26:
4d:69:9c:1f:83:50:63:0a:8a:6e:75:3d:90:c9:fa:5f:af:bc:
75:b9:1e:b2:2b:ba:54:ec:5b:09:be:11:56:09:bf:98:e3:a5:
de:0d:12:0c:29:29:31:b8:23:44:17:3e:70:77:ef:bd:46:68:
a2:48:f8:ef:b9:1f:26:da:58:a4:eb:be:ea:27:21:0f:79:88:
5e:b7:78:6d:5d:fb:24:98:8e:13:14:04:f9:d1:56:ef:01:6c:
1a:5b:fd:e0:ba:1e:92:4e:2c:e1:e2:49:cd:a6:f8:2c:7c:49:
93:11:f6:cf:eb:02:01:6b:22:12:07:c8:5b:c2:69:68:44:55:
3e:12:93:66:93:bc:00:af:d3:3b:db:f6:48:b2:f6:c8:5f:f3:
e2:e9:03:00:21:ba:de:ba:6d:a5:e7:93:a4:7a:60:df:00:dc:
27:34:8e:39:03:cb:89:f7:e6:20:78:4d:5c:74:fd:86:af:d2:
65:ba:de:18:53:13:96:f7:12:80:86:d7:ff:3b:4f:ec:51:0b:
d8:8f:11:59:15:14:da:43:5d:dc:d8:3d:5d:c4:f1:51:c3:65:
0d:75:f3:94:78:5c:b4:69:42:04:e9:7a:31:b6:75:0f:e4:24:
18:3d:6e:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZB7t8N2eiQNEfJwptU18NHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzA0MDMwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTIwNDljZjI2NmJmOTlhMWY3NmU2YjBiNzI3NDQ4N2EzYzQyODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQsC5NXbEcI7r2CqO3DQuZhbx8CN
1msFdedV/NH4QStoG9rKHhJFJY6VcGIGjSPCWykNrKZ7ozJeU/3niVafq26E8NNB
LOjIGp/GSnHR03e3EW7zsz+j4eMLV5HRhhyWGYcUfCBi3hYCyUDl0ESnwLW+cxDZ
l2Vam61EOx/Uc62/gFuua3rFfAejUD25bP2UkOTLGXM0S5Qi2W6zX47VDJ3gklG5
Vcdkbzwmnwagf2fEZrKQKPAevjANWenuI/+oExkWyZPFn6C9FpFtJyHSKZV1TnMk
WEAVDwbL2zsTyp1YbgeDa/wGmWwq3sOc93XhNNNRZJoC5TRlJI3YpOMDZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJEgSc8ma/maH3bmsLcnRIejxChqMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEva1NCSnp5WnItWm9mZHVhd3R5ZEVoNlBFS0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCSnzMAwQD
sti4MA0GCSqGSIb3DQEBCwUAA4IBAQCEkNfs8ZRwOJqJym2cmbHVZiZNaZwfg1Bj
CopudT2Qyfpfr7x1uR6yK7pU7FsJvhFWCb+Y46XeDRIMKSkxuCNEFz5wd++9Rmii
SPjvuR8m2lik677qJyEPeYhet3htXfskmI4TFAT50VbvAWwaW/3guh6STizh4knN
pvgsfEmTEfbP6wIBayISB8hbwmloRFU+EpNmk7wAr9M72/ZIsvbIX/Pi6QMAIbre
um2l55OkemDfANwnNI45A8uJ9+YgeE1cdP2Gr9Jlut4YUxOW9xKAhtf/O0/sUQvY
jxFZFRTaQ13c2D1dxPFRw2UNdfOUeFy0aUIE6XoxtnUP5CQYPW6E
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:43 2025 by rpki-client