Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/AC2HT1R7kNEsf_BtqA7RfGKurZg.roa
File: AC2HT1R7kNEsf_BtqA7RfGKurZg.roa (raw, json)
Hash identifier: qAd/J0LpMFbj1VqjnOwQRHFK6vG0TKQ2ShgxDLdz8+A=
Subject key identifier: 00:2D:87:4F:54:7B:90:D1:2C:7F:F0:6D:A8:0E:D1:7C:62:AE:AD:98
Certificate issuer: /CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Certificate serial: 018CC2DAFAB4664B4988E418C7964D073D51
Authority key identifier: 6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/AC2HT1R7kNEsf_BtqA7RfGKurZg.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210165
IP address blocks: 91.225.1.0/24 maxlen: 24
2a12:3440::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fa:b4:66:4b:49:88:e4:18:c7:96:4d:07:3d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ef4874994de7a14e4b584f6d2b96b2d991b1e91
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=002d874f547b90d12c7ff06da80ed17c62aead98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6b:05:2f:88:9b:5f:96:87:33:26:6a:01:ba:
a1:ec:2d:03:bf:76:c6:25:ba:28:73:2b:39:fb:07:
e0:d5:3b:b7:db:4f:17:31:f1:0c:b1:da:82:ae:af:
40:9d:db:ed:2c:94:2b:91:1d:99:23:8d:a1:da:2c:
b5:2d:fb:f5:60:2c:dd:9c:2b:7b:fd:98:ee:43:3e:
b3:86:aa:1c:3f:43:61:b9:0d:f0:21:e6:86:96:d4:
d6:a1:d7:56:18:74:2c:21:a7:6b:4b:25:c4:e0:58:
dc:f6:a5:ed:21:df:fe:97:9f:94:59:85:13:86:79:
cd:67:7f:72:2e:06:40:35:ea:55:36:c4:ae:41:c3:
ad:68:72:65:13:c6:4e:d1:c6:95:a7:a9:ec:0a:82:
1c:98:bb:3b:c3:d0:e2:f5:5b:8d:79:c0:58:af:0c:
13:f9:66:01:df:cf:3d:bc:93:53:0a:a4:e0:d5:1b:
42:c2:31:84:ea:fd:d8:d3:c8:b7:1d:7f:f7:fc:3e:
be:d0:b9:e7:90:3b:66:f0:2f:32:73:a4:dc:da:1f:
a9:de:95:eb:3b:03:6f:36:76:3b:ac:b2:59:e9:af:
e1:71:b1:81:78:26:12:0a:c7:26:6d:14:5f:4a:5d:
dc:b8:13:23:96:ee:60:85:15:80:89:32:f4:8e:83:
31:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2D:87:4F:54:7B:90:D1:2C:7F:F0:6D:A8:0E:D1:7C:62:AE:AD:98
X509v3 Authority Key Identifier:
keyid:6E:F4:87:49:94:DE:7A:14:E4:B5:84:F6:D2:B9:6B:2D:99:1B:1E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bvSHSZTeehTktYT20rlrLZkbHpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/AC2HT1R7kNEsf_BtqA7RfGKurZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/311508-d5a2-4dc5-bc93-50e746424630/1/bvSHSZTeehTktYT20rlrLZkbHpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.1.0/24
IPv6:
2a12:3440::/29
Signature Algorithm: sha256WithRSAEncryption
9a:6d:b5:b3:b9:82:3a:8f:0d:4c:05:d6:1c:ab:3d:0a:ec:1e:
5f:01:fb:ce:a1:e3:f0:70:ad:91:99:72:bc:e8:08:c9:40:fb:
e4:ad:c2:a5:ca:cd:d9:e1:a9:8d:e6:92:c3:73:ce:56:93:4f:
d4:0c:66:bd:10:21:01:3e:18:8d:f6:1e:be:66:ea:92:00:79:
17:d4:7a:5e:23:9c:4d:b5:1d:db:90:d0:be:b4:dd:4e:f4:a8:
6a:82:7b:60:42:d2:f4:e4:aa:e3:ae:ae:55:9c:ae:c1:ec:56:
93:09:b0:ec:3b:19:6c:ad:39:4f:3c:a7:6b:d6:a3:d0:a8:3f:
c5:76:5e:c5:45:11:58:d7:87:2c:fd:6d:95:df:2a:d7:66:1d:
d6:2d:4f:83:9b:14:5f:bf:1c:dc:ba:4d:69:e3:7b:13:4c:86:
df:64:c1:a7:12:4c:cd:0f:48:20:3e:a4:10:60:d9:f5:00:35:
c9:49:f9:ab:10:8d:4e:c1:6c:77:41:90:51:3d:a2:cc:3b:59:
8a:13:c2:71:0c:3d:07:f9:48:c1:e6:6d:0b:cd:ab:51:c0:64:
0d:2b:74:18:41:e3:36:a4:c0:ce:aa:e7:6b:07:ff:c8:b0:c2:
b3:e6:80:c3:19:cb:69:a0:bc:ed:52:b2:6b:71:d5:2a:1a:08:
a2:50:74:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2vq0ZktJiOQYx5ZNBz1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZjQ4NzQ5OTRkZTdhMTRlNGI1ODRmNmQyYjk2YjJkOTkx
YjFlOTEwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDJkODc0ZjU0N2I5MGQxMmM3ZmYwNmRhODBlZDE3YzYyYWVhZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGsFL4ibX5aHMyZqAbqh7C0Dv3bG
Jboocys5+wfg1Tu3208XMfEMsdqCrq9AndvtLJQrkR2ZI42h2iy1Lfv1YCzdnCt7
/ZjuQz6zhqocP0NhuQ3wIeaGltTWoddWGHQsIadrSyXE4Fjc9qXtId/+l5+UWYUT
hnnNZ39yLgZANepVNsSuQcOtaHJlE8ZO0caVp6nsCoIcmLs7w9Di9VuNecBYrwwT
+WYB3889vJNTCqTg1RtCwjGE6v3Y08i3HX/3/D6+0LnnkDtm8C8yc6Tc2h+p3pXr
OwNvNnY7rLJZ6a/hcbGBeCYSCscmbRRfSl3cuBMjlu5ghRWAiTL0joMxtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAAth09Ue5DRLH/wbagO0Xxirq2YMB8GA1UdIwQY
MBaAFG70h0mU3noU5LWE9tK5ay2ZGx6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMt
NTBlNzQ2NDI0NjMwLzEvQUMySFQxUjdrTkVzZl9CdHFBN1JmR0t1clpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8zMTE1MDgtZDVhMi00ZGM1LWJjOTMtNTBlNzQ2NDI0NjMw
LzEvYnZTSFNaVGVlaFRrdFlUMjBybHJMWmtiSHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+EBMA0E
AgACMAcDBQMqEjRAMA0GCSqGSIb3DQEBCwUAA4IBAQCabbWzuYI6jw1MBdYcqz0K
7B5fAfvOoePwcK2RmXK86AjJQPvkrcKlys3Z4amN5pLDc85Wk0/UDGa9ECEBPhiN
9h6+ZuqSAHkX1HpeI5xNtR3bkNC+tN1O9KhqgntgQtL05Krjrq5VnK7B7FaTCbDs
OxlsrTlPPKdr1qPQqD/Fdl7FRRFY14cs/W2V3yrXZh3WLU+DmxRfvxzcuk1p43sT
TIbfZMGnEkzND0ggPqQQYNn1ADXJSfmrEI1OwWx3QZBRPaLMO1mKE8JxDD0H+UjB
5m0LzatRwGQNK3QYQeM2pMDOqudrB//IsMKz5oDDGctpoLztUrJrcdUqGgiiUHQ8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:08 2025 by rpki-client