Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/PSoW9vg9rPFpdBTy8bNDxvJwsmc.roa
File: PSoW9vg9rPFpdBTy8bNDxvJwsmc.roa (raw, json)
Hash identifier: d/GCVduNjRRT9gCXTLNOWEV25Y7adZKFVjqR5ODOrZY=
Subject key identifier: 3D:2A:16:F6:F8:3D:AC:F1:69:74:14:F2:F1:B3:43:C6:F2:70:B2:67
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5CF2535C02F5DF85C9246B22087E
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/PSoW9vg9rPFpdBTy8bNDxvJwsmc.roa
Signing time: Tue 02 Jan 2024 12:33:43 +0000
ROA not before: Tue 02 Jan 2024 12:33:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52139
IP address blocks: 91.222.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5c:f2:53:5c:02:f5:df:85:c9:24:6b:22:08:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d2a16f6f83dacf1697414f2f1b343c6f270b267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:66:1f:65:b9:fc:8c:e4:e6:81:05:41:5a:a5:
d7:78:b0:58:41:78:c5:50:e9:b3:00:f2:7b:54:6c:
95:ed:82:a3:49:d4:e0:94:4d:b6:2f:e1:99:f2:28:
b4:23:40:bd:92:b0:ea:8f:a8:3d:de:dc:7b:25:87:
c8:fa:e5:6d:7b:44:84:b7:b0:ef:08:0b:31:8a:6b:
11:4a:83:e6:4f:63:a3:b3:a3:84:fe:43:cc:45:c2:
ed:90:eb:33:1c:18:19:fb:d0:17:25:ce:7c:19:94:
4a:2e:3e:67:c2:88:15:9d:1a:c8:f8:16:20:15:67:
c9:10:20:05:71:ed:4b:23:69:63:12:e2:82:92:bb:
4c:d7:72:c7:58:76:99:26:9c:27:c7:fb:a9:11:d1:
c2:93:f8:24:8e:40:04:6a:d5:bc:36:80:1c:05:15:
96:70:5b:26:b4:4e:0a:41:94:18:a7:8b:77:45:2d:
d8:b9:1e:79:96:f6:5b:ea:dd:50:38:7a:71:0c:a5:
0b:f5:0a:e4:a5:aa:97:cf:2e:f7:10:4d:a6:06:94:
62:8d:3a:54:f7:08:9a:8e:1c:34:0a:98:a7:a3:c8:
c7:6f:fe:8d:7f:68:4a:a9:67:7d:cb:51:6f:02:54:
09:d4:b7:ff:1b:f9:0e:d7:7f:a3:00:d6:05:82:a6:
e8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2A:16:F6:F8:3D:AC:F1:69:74:14:F2:F1:B3:43:C6:F2:70:B2:67
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/PSoW9vg9rPFpdBTy8bNDxvJwsmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.104.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:87:04:1f:0d:ac:01:08:aa:93:6e:a3:06:a3:69:00:d5:56:
01:47:42:7a:23:23:21:18:e4:43:b7:2c:b3:49:cf:82:e7:19:
e3:15:8f:6c:7d:81:2c:9b:a0:77:51:26:24:aa:1e:5d:da:3c:
b2:3b:50:e8:af:4f:29:bf:55:d1:28:e6:87:5f:9f:59:d0:85:
88:82:34:d0:80:ba:7a:e2:0a:f9:6f:dc:ff:7e:41:57:89:ec:
1a:9d:31:25:fe:de:bc:92:fb:f1:9f:75:c4:83:25:fd:82:72:
70:28:30:81:89:6b:8c:23:37:80:99:c4:ee:99:f1:80:83:b2:
f5:2b:56:dc:09:ff:41:d2:6c:90:5c:17:a3:8b:96:7a:fe:f8:
42:23:12:4a:8d:2f:6d:ec:93:2e:b4:f7:85:ff:88:d9:4e:f8:
9e:96:ef:0e:df:f4:75:55:e5:7a:01:6c:6e:3d:af:29:98:4f:
10:8b:f6:ad:9b:22:24:28:fa:41:4a:f2:f7:f4:00:10:bd:20:
34:d7:94:11:8d:6d:93:0e:ca:90:7c:6f:d5:7f:62:f2:52:16:
73:3b:df:f5:d1:aa:6d:23:69:3a:0a:78:e9:61:18:8b:29:c1:
42:24:99:2f:64:ee:af:67:90:a0:c3:01:b0:56:13:8e:e0:03:
9a:56:3e:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKlzyU1wC9d+FySRrIgh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJhMTZmNmY4M2RhY2YxNjk3NDE0ZjJmMWIzNDNjNmYyNzBiMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWYfZbn8jOTmgQVBWqXXeLBYQXjF
UOmzAPJ7VGyV7YKjSdTglE22L+GZ8ii0I0C9krDqj6g93tx7JYfI+uVte0SEt7Dv
CAsximsRSoPmT2Ojs6OE/kPMRcLtkOszHBgZ+9AXJc58GZRKLj5nwogVnRrI+BYg
FWfJECAFce1LI2ljEuKCkrtM13LHWHaZJpwnx/upEdHCk/gkjkAEatW8NoAcBRWW
cFsmtE4KQZQYp4t3RS3YuR55lvZb6t1QOHpxDKUL9QrkpaqXzy73EE2mBpRijTpU
9wiajhw0Cpino8jHb/6Nf2hKqWd9y1FvAlQJ1Lf/G/kO13+jANYFgqbopQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0qFvb4PazxaXQU8vGzQ8bycLJnMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvUFNvVzl2ZzlyUEZwZEJUeThiTkR4dkp3c21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW95oMA0G
CSqGSIb3DQEBCwUAA4IBAQAehwQfDawBCKqTbqMGo2kA1VYBR0J6IyMhGORDtyyz
Sc+C5xnjFY9sfYEsm6B3USYkqh5d2jyyO1Dor08pv1XRKOaHX59Z0IWIgjTQgLp6
4gr5b9z/fkFXiewanTEl/t68kvvxn3XEgyX9gnJwKDCBiWuMIzeAmcTumfGAg7L1
K1bcCf9B0myQXBeji5Z6/vhCIxJKjS9t7JMutPeF/4jZTvielu8O3/R1VeV6AWxu
Pa8pmE8Qi/atmyIkKPpBSvL39AAQvSA015QRjW2TDsqQfG/Vf2LyUhZzO9/10apt
I2k6CnjpYRiLKcFCJJkvZO6vZ5CgwwGwVhOO4AOaVj55
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:23 2025 by rpki-client