Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/kGpemEjWBQXBwVJmHVrBjYtwWq0.roa
File: kGpemEjWBQXBwVJmHVrBjYtwWq0.roa (raw, json)
Hash identifier: AIP17Nhbh0cffHmFk4OyK2Au9FWJlXWZHOTg2WlUvrk=
Subject key identifier: 90:6A:5E:98:48:D6:05:05:C1:C1:52:66:1D:5A:C1:8D:8B:70:5A:AD
Certificate issuer: /CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Certificate serial: 018E42BE821012C94C065261B12A8FFF126C
Authority key identifier: B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/kGpemEjWBQXBwVJmHVrBjYtwWq0.roa
Signing time: Fri 15 Mar 2024 15:32:45 +0000
ROA not before: Fri 15 Mar 2024 15:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 91.196.160.0/22 maxlen: 22
91.196.160.0/24 maxlen: 24
91.196.161.0/24 maxlen: 24
91.196.162.0/24 maxlen: 24
91.196.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 10:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:be:82:10:12:c9:4c:06:52:61:b1:2a:8f:ff:12:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b498c97b14c374a52833db6a4007b54b4662c5a9
Validity
Not Before: Mar 15 15:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=906a5e9848d60505c1c152661d5ac18d8b705aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:5e:b7:04:c8:a8:28:34:25:04:d7:d8:11:
b0:80:b1:0c:6b:9b:41:b8:4f:94:f2:0e:44:ee:62:
6d:77:a5:db:fa:74:34:32:45:26:78:3f:31:3d:f0:
13:7e:19:6e:79:ff:10:3a:d4:e1:c5:49:fa:da:90:
c7:cf:24:7b:29:96:ff:b3:44:ae:28:d9:49:7a:47:
c2:ad:55:c4:2d:47:42:6b:a2:04:f7:34:b7:4f:e8:
6c:43:29:88:14:cc:7c:8b:37:a2:91:4a:f0:e0:da:
1e:29:af:80:c1:5b:0a:6f:b1:7a:43:0b:75:69:8d:
e2:a3:c5:64:fe:55:3c:ea:6d:20:0b:55:f8:5e:b1:
ff:84:5b:42:e4:5f:a7:f7:71:3b:36:e6:8f:7b:2e:
2a:fa:76:07:7c:59:93:b7:e1:71:02:94:c1:62:d9:
3c:56:08:44:3c:3e:4a:e0:a8:cb:f6:82:17:1e:a9:
2e:bb:68:55:bc:19:58:ee:35:64:2d:cf:5e:d0:f5:
99:d3:81:dd:96:cf:5c:9c:60:ab:41:f2:ff:c5:1c:
10:a0:3c:29:f1:cc:27:7b:da:e6:cd:87:55:b0:0f:
46:3b:7f:18:70:4c:3c:07:dd:6e:33:64:2d:be:a3:
10:21:f9:fa:dd:84:c9:4c:fa:4b:40:72:a7:b7:4d:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6A:5E:98:48:D6:05:05:C1:C1:52:66:1D:5A:C1:8D:8B:70:5A:AD
X509v3 Authority Key Identifier:
keyid:B4:98:C9:7B:14:C3:74:A5:28:33:DB:6A:40:07:B5:4B:46:62:C5:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJjJexTDdKUoM9tqQAe1S0Zixak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/kGpemEjWBQXBwVJmHVrBjYtwWq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1470f5-c316-4fff-9c37-8654266457c6/1/tJjJexTDdKUoM9tqQAe1S0Zixak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:40:df:9f:29:a5:bc:d3:1a:83:09:cc:92:dd:fc:7d:41:ad:
9c:ab:86:1f:e6:f0:2b:79:3b:0e:2d:9b:5f:a7:82:bb:ed:0b:
38:f9:89:4f:04:45:32:17:5c:2c:98:6d:59:a6:51:9f:6a:9d:
27:11:57:08:22:35:4b:22:d4:6c:05:5b:0e:91:75:ca:46:6d:
d0:4b:32:7b:21:aa:53:f2:c9:91:0b:1a:a0:fb:cf:e7:d4:eb:
97:f5:11:5a:1a:05:50:7b:64:da:08:bf:74:c6:dd:01:14:ed:
d2:b4:88:91:57:06:84:e6:20:c6:c8:03:e9:aa:34:7b:0f:f1:
84:05:b6:d9:54:cd:c8:4c:97:34:0b:6f:ba:ac:59:c2:a6:67:
50:bd:24:bd:52:fd:46:7d:73:8f:85:ef:29:67:f4:44:6f:9d:
41:71:9f:af:67:c2:73:20:d2:bf:65:d4:03:90:d6:5c:db:c7:
35:5b:de:09:ba:98:7c:57:a5:cd:ca:29:f0:35:cd:33:dc:30:
15:26:73:01:5a:77:0d:5b:8d:32:68:87:47:aa:bc:83:3d:be:
fb:c8:b0:3c:55:67:25:e9:14:bf:d3:20:63:66:f0:e9:3f:6d:
0d:d0:3b:31:08:e6:2d:aa:40:12:d9:b4:4a:fe:5c:3c:83:2c:
b4:05:24:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5CvoIQEslMBlJhsSqP/xJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OThjOTdiMTRjMzc0YTUyODMzZGI2YTQwMDdiNTRiNDY2
MmM1YTkwHhcNMjQwMzE1MTUzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDZhNWU5ODQ4ZDYwNTA1YzFjMTUyNjYxZDVhYzE4ZDhiNzA1YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEZetwTIqCg0JQTX2BGwgLEMa5tB
uE+U8g5E7mJtd6Xb+nQ0MkUmeD8xPfATfhluef8QOtThxUn62pDHzyR7KZb/s0Su
KNlJekfCrVXELUdCa6IE9zS3T+hsQymIFMx8izeikUrw4NoeKa+AwVsKb7F6Qwt1
aY3io8Vk/lU86m0gC1X4XrH/hFtC5F+n93E7NuaPey4q+nYHfFmTt+FxApTBYtk8
VghEPD5K4KjL9oIXHqkuu2hVvBlY7jVkLc9e0PWZ04Hdls9cnGCrQfL/xRwQoDwp
8cwne9rmzYdVsA9GO38YcEw8B91uM2QtvqMQIfn63YTJTPpLQHKnt03oXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBqXphI1gUFwcFSZh1awY2LcFqtMB8GA1UdIwQY
MBaAFLSYyXsUw3SlKDPbakAHtUtGYsWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzct
ODY1NDI2NjQ1N2M2LzEva0dwZW1FaldCUVhCd1ZKbUhWckJqWXR3V3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xNDcwZjUtYzMxNi00ZmZmLTljMzctODY1NDI2NjQ1N2M2
LzEvdEpqSmV4VERkS1VvTTl0cVFBZTFTMFppeGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBPQN+fKaW80xqDCcyS3fx9Qa2cq4Yf5vAreTsOLZtf
p4K77Qs4+YlPBEUyF1wsmG1ZplGfap0nEVcIIjVLItRsBVsOkXXKRm3QSzJ7IapT
8smRCxqg+8/n1OuX9RFaGgVQe2TaCL90xt0BFO3StIiRVwaE5iDGyAPpqjR7D/GE
BbbZVM3ITJc0C2+6rFnCpmdQvSS9Uv1GfXOPhe8pZ/REb51BcZ+vZ8JzINK/ZdQD
kNZc28c1W94Juph8V6XNyinwNc0z3DAVJnMBWncNW40yaIdHqryDPb77yLA8VWcl
6RS/0yBjZvDpP20N0DsxCOYtqkAS2bRK/lw8gyy0BSQB
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:06 2025 by rpki-client