Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/_A9zLZwtaIrDaGPF8NEiBQGJFGE.roa
File: _A9zLZwtaIrDaGPF8NEiBQGJFGE.roa (raw, json)
Hash identifier: PARtnrr2ArKdVaz7iVi2AqO13Lunvp7/3gZ9hpg3Si8=
Subject key identifier: FC:0F:73:2D:9C:2D:68:8A:C3:68:63:C5:F0:D1:22:05:01:89:14:61
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 018EA8B1F073A84A532388D1CD9D55D10487
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/_A9zLZwtaIrDaGPF8NEiBQGJFGE.roa
Signing time: Thu 04 Apr 2024 10:40:17 +0000
ROA not before: Thu 04 Apr 2024 10:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 91.196.160.0/22 maxlen: 22
91.196.160.0/24 maxlen: 24
91.196.161.0/24 maxlen: 24
91.196.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 07:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:b1:f0:73:a8:4a:53:23:88:d1:cd:9d:55:d1:04:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Apr 4 10:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc0f732d9c2d688ac36863c5f0d1220501891461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:52:d7:34:ba:43:97:8f:4b:a3:97:4d:aa:af:
89:06:06:c1:26:21:b5:5b:a0:f8:bd:a1:ae:b2:86:
d4:bf:b5:76:86:32:30:77:b4:c5:c0:f4:7d:83:b4:
4b:ca:67:a6:f4:67:a0:94:60:28:76:7d:9f:61:03:
8c:54:08:79:58:fe:5e:73:a4:c3:77:0a:46:25:46:
50:9c:eb:08:76:12:d2:20:93:e7:b6:db:4e:3f:bb:
18:62:51:5b:60:7c:5c:3d:e6:8f:16:20:66:71:17:
2b:e0:6b:ba:bf:15:2e:09:38:3e:26:5c:60:ac:15:
e0:b8:31:f1:02:29:22:99:28:17:05:46:d9:43:db:
c3:e3:e7:f5:07:52:f6:ea:3c:d4:30:c1:64:15:1c:
38:6a:1a:53:61:03:50:06:a4:af:7f:9d:87:8d:28:
cf:6a:17:09:fc:29:8f:fb:87:be:16:e9:e2:f0:18:
c9:3c:ed:0c:3d:21:3f:9c:af:f1:7c:98:f6:21:93:
f3:2f:52:f8:8f:5f:de:68:a0:09:c7:7c:52:20:2f:
c9:41:45:8a:ef:ec:9f:db:eb:8e:23:43:01:d9:4e:
c0:3b:74:0c:27:99:02:2a:d1:b7:78:07:6e:f3:a3:
b4:47:5b:33:f3:26:c9:53:a0:39:24:db:b2:be:e4:
7c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0F:73:2D:9C:2D:68:8A:C3:68:63:C5:F0:D1:22:05:01:89:14:61
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/_A9zLZwtaIrDaGPF8NEiBQGJFGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
47:2d:6d:08:67:0b:20:cd:a3:39:4d:ad:e9:53:a9:2f:0c:83:
7c:a0:71:b6:37:0e:12:0f:2c:20:58:8a:17:18:24:db:a5:56:
28:b5:ec:6a:d0:4c:75:e7:a1:49:5d:d9:7f:ee:96:ec:74:a6:
a1:bd:49:e6:39:30:b7:71:c6:de:b9:b7:8c:d6:21:b0:59:46:
06:fc:9c:1d:16:ee:8e:77:3a:03:bc:47:d5:25:70:69:09:25:
2a:f2:2f:76:76:05:46:78:f9:d5:9e:e9:0c:60:5a:45:76:05:
c2:8f:bd:c0:0a:67:cd:f7:ce:e5:33:96:06:47:97:0a:84:e1:
9e:d1:e0:ad:2c:c6:41:bd:90:fe:07:4c:87:ec:85:77:2f:8c:
46:89:55:1b:62:1d:d4:5f:e4:ad:13:5a:20:ff:80:66:42:16:
a7:b9:c6:09:3a:e8:18:9c:8e:b4:2f:52:2d:e2:be:7a:14:7d:
c7:73:2c:07:d6:e8:8c:dc:39:f3:a7:3b:57:c5:6b:c9:5f:36:
97:ec:28:17:0c:d7:4f:d1:e1:46:3d:de:b4:54:3e:2d:78:fd:
36:75:36:23:b9:b8:a8:0e:c2:55:db:a0:d9:07:41:3f:72:00:
9d:94:93:a1:89:42:e8:6d:49:c9:85:90:f2:e9:c9:d2:d4:e8:
d9:78:4a:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6osfBzqEpTI4jRzZ1V0QSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQwNDA0MTA0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzBmNzMyZDljMmQ2ODhhYzM2ODYzYzVmMGQxMjIwNTAxODkxNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVLXNLpDl49Lo5dNqq+JBgbBJiG1
W6D4vaGusobUv7V2hjIwd7TFwPR9g7RLymem9GeglGAodn2fYQOMVAh5WP5ec6TD
dwpGJUZQnOsIdhLSIJPntttOP7sYYlFbYHxcPeaPFiBmcRcr4Gu6vxUuCTg+Jlxg
rBXguDHxAikimSgXBUbZQ9vD4+f1B1L26jzUMMFkFRw4ahpTYQNQBqSvf52HjSjP
ahcJ/CmP+4e+Funi8BjJPO0MPSE/nK/xfJj2IZPzL1L4j1/eaKAJx3xSIC/JQUWK
7+yf2+uOI0MB2U7AO3QMJ5kCKtG3eAdu86O0R1sz8ybJU6A5JNuyvuR8HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwPcy2cLWiKw2hjxfDRIgUBiRRhMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEvX0E5ekxad3RhSXJEYUdQRjhORWlCUUdKRkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHLW0IZwsgzaM5Ta3pU6kvDIN8oHG2Nw4SDywgWIoX
GCTbpVYotexq0Ex156FJXdl/7pbsdKahvUnmOTC3ccbeubeM1iGwWUYG/JwdFu6O
dzoDvEfVJXBpCSUq8i92dgVGePnVnukMYFpFdgXCj73ACmfN987lM5YGR5cKhOGe
0eCtLMZBvZD+B0yH7IV3L4xGiVUbYh3UX+StE1og/4BmQhanucYJOugYnI60L1It
4r56FH3HcywH1uiM3DnzpztXxWvJXzaX7CgXDNdP0eFGPd60VD4teP02dTYjubio
DsJV26DZB0E/cgCdlJOhiULobUnJhZDy6cnS1OjZeEpv
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:43:32 2025 by rpki-client