Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/1-_c9xDvJBOjm4Vq9agrjrUQXwao.roa
File: 1-_c9xDvJBOjm4Vq9agrjrUQXwao.roa (raw, json)
Hash identifier: 8hJPIoKWYLrP2FOaPVczzLP6Ds/5/0cjEZXBIkAsfxE=
Subject key identifier: FB:F7:3D:C4:3B:C9:04:E8:E6:E1:5A:BD:6A:0A:E3:AD:44:17:C1:AA
Certificate issuer: /CN=3f39dd7bd73c3e1ba27d178d55c26f8a96cdb4a9
Certificate serial: 0190342F9F7C8AD51846EDFA1A8256E99D4E
Authority key identifier: 3F:39:DD:7B:D7:3C:3E:1B:A2:7D:17:8D:55:C2:6F:8A:96:CD:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pznde9c8PhuifReNVcJvipbNtKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/1-_c9xDvJBOjm4Vq9agrjrUQXwao.roa
Signing time: Thu 20 Jun 2024 05:47:34 +0000
ROA not before: Thu 20 Jun 2024 05:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198694
IP address blocks: 92.249.20.0/22 maxlen: 22
2a13:62c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 30 Jun 2024 21:42:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:2f:9f:7c:8a:d5:18:46:ed:fa:1a:82:56:e9:9d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f39dd7bd73c3e1ba27d178d55c26f8a96cdb4a9
Validity
Not Before: Jun 20 05:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbf73dc43bc904e8e6e15abd6a0ae3ad4417c1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:0b:88:86:60:52:33:c1:88:32:c8:b5:fc:
28:db:82:a0:ef:3d:85:a4:64:f3:1c:a1:e7:9c:98:
c7:ee:d5:40:a5:04:e5:78:f9:4d:5c:61:cc:bb:5b:
52:93:d7:8b:cb:4d:6c:4b:b9:73:a1:24:07:9d:bf:
41:6b:34:a9:df:6e:00:b3:e2:89:38:11:f3:0e:63:
d8:55:13:a6:90:95:45:2c:7e:61:ed:9e:6f:2a:37:
6c:a9:7a:74:29:d1:59:4b:46:1b:15:e3:5f:2d:51:
52:bb:2f:3f:62:71:01:bc:73:2d:b3:b9:d3:20:8a:
d0:93:96:a0:ae:1f:68:0a:19:5c:77:32:75:e4:d0:
2c:78:f7:46:d3:8b:f5:0f:06:1d:a9:7c:74:d3:81:
95:f4:0c:fc:e8:7f:be:f2:16:4b:e5:64:0a:5c:16:
f1:fb:45:02:06:a9:d3:f3:19:d9:20:71:8b:70:da:
78:ad:8a:14:4b:c7:a9:22:b5:1a:82:e1:f4:8e:0f:
b0:3f:18:94:74:9a:e2:63:6a:d1:15:b7:6d:e6:46:
98:7b:55:a2:2c:46:64:25:9a:90:2e:de:90:84:f7:
7d:9b:57:c0:ad:ca:ab:36:15:b9:51:42:55:8d:d3:
3c:91:f6:f0:9e:20:32:44:20:b6:71:2b:d8:d3:82:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F7:3D:C4:3B:C9:04:E8:E6:E1:5A:BD:6A:0A:E3:AD:44:17:C1:AA
X509v3 Authority Key Identifier:
keyid:3F:39:DD:7B:D7:3C:3E:1B:A2:7D:17:8D:55:C2:6F:8A:96:CD:B4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pznde9c8PhuifReNVcJvipbNtKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/1-_c9xDvJBOjm4Vq9agrjrUQXwao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/621edd-1b5a-46ac-ba13-04f9e616af60/1/Pznde9c8PhuifReNVcJvipbNtKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.20.0/22
IPv6:
2a13:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:f6:ac:66:c1:bb:78:94:72:66:7a:fa:ff:44:c5:2d:da:3e:
51:b3:a5:d0:05:4a:7c:60:7b:85:2e:ad:d0:e8:a8:97:3b:f7:
e5:59:1a:35:14:39:57:06:2e:31:af:bf:06:be:fa:86:d9:62:
9e:22:95:80:ce:ed:20:26:d6:63:88:9e:6f:46:9a:4f:4c:f9:
7f:9f:85:74:8d:5f:22:1d:9a:49:e7:db:79:5b:29:e7:5c:bf:
4c:47:12:3f:c0:8b:16:43:4e:75:e5:2b:cc:ab:41:19:7f:89:
6b:ab:52:3e:67:02:17:70:c2:42:93:57:5b:b3:d6:e8:0e:80:
e1:f4:e7:d6:ad:c7:a3:06:c6:90:74:c5:37:72:9c:b6:42:d9:
54:a4:e3:07:0e:61:4b:4f:a7:56:d2:f6:50:41:23:fe:2e:89:
ef:71:8a:2e:09:15:2c:45:32:63:5c:70:10:38:0c:d4:4d:3c:
eb:cf:ee:63:e5:02:67:2a:d9:a0:66:e4:61:f1:c2:b0:26:ce:
20:61:13:40:02:a0:bb:a4:c5:03:b1:bf:a5:10:19:81:3f:81:
8a:cf:63:a4:ba:e6:c6:9c:8e:50:ec:23:da:83:2a:ff:6d:b2:
e0:85:b8:db:53:de:f7:9c:80:fb:21:16:87:bd:97:f8:8d:aa:
ce:4b:1d:3e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZA0L598itUYRu36GoJW6Z1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzlkZDdiZDczYzNlMWJhMjdkMTc4ZDU1YzI2ZjhhOTZj
ZGI0YTkwHhcNMjQwNjIwMDU0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmY3M2RjNDNiYzkwNGU4ZTZlMTVhYmQ2YTBhZTNhZDQ0MTdjMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo8LiIZgUjPBiDLItfwo24Kg7z2F
pGTzHKHnnJjH7tVApQTlePlNXGHMu1tSk9eLy01sS7lzoSQHnb9BazSp324As+KJ
OBHzDmPYVROmkJVFLH5h7Z5vKjdsqXp0KdFZS0YbFeNfLVFSuy8/YnEBvHMts7nT
IIrQk5agrh9oChlcdzJ15NAsePdG04v1DwYdqXx004GV9Az86H++8hZL5WQKXBbx
+0UCBqnT8xnZIHGLcNp4rYoUS8epIrUaguH0jg+wPxiUdJriY2rRFbdt5kaYe1Wi
LEZkJZqQLt6QhPd9m1fArcqrNhW5UUJVjdM8kfbwniAyRCC2cSvY04IMIQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPv3PcQ7yQTo5uFavWoK461EF8GqMB8GA1UdIwQY
MBaAFD853XvXPD4bon0XjVXCb4qWzbSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpuZGU5YzhQaHVpZlJlTlZjSnZpcGJOdEtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82MjFlZGQtMWI1YS00NmFjLWJhMTMt
MDRmOWU2MTZhZjYwLzEvMS1fYzl4RHZKQk9qbTRWcTlhZ3JqclVRWHdhby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2IvNjIxZWRkLTFiNWEtNDZhYy1iYTEzLTA0ZjllNjE2YWY2
MC8xL1B6bmRlOWM4UGh1aWZSZU5WY0p2aXBiTnRLay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlz5FDAN
BAIAAjAHAwUAKhNiwDANBgkqhkiG9w0BAQsFAAOCAQEAuvasZsG7eJRyZnr6/0TF
Ldo+UbOl0AVKfGB7hS6t0Oiolzv35VkaNRQ5VwYuMa+/Br76htliniKVgM7tICbW
Y4ieb0aaT0z5f5+FdI1fIh2aSefbeVsp51y/TEcSP8CLFkNOdeUrzKtBGX+Ja6tS
PmcCF3DCQpNXW7PW6A6A4fTn1q3HowbGkHTFN3KctkLZVKTjBw5hS0+nVtL2UEEj
/i6J73GKLgkVLEUyY1xwEDgM1E0868/uY+UCZyrZoGbkYfHCsCbOIGETQAKgu6TF
A7G/pRAZgT+Bis9jpLrmxpyOUOwj2oMq/22y4IW421Pe95yA+yEWh72X+I2qzksd
Pg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:27:29 2025 by rpki-client