Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/jMpUEgHSZf2qOszwtc711nMPkbs.roa
File: jMpUEgHSZf2qOszwtc711nMPkbs.roa (raw, json)
Hash identifier: KVxroJGfZ6IooHrXhz1nFqpU1SJ2R+pcxgHHc+ctJ6Q=
Subject key identifier: 8C:CA:54:12:01:D2:65:FD:AA:3A:CC:F0:B5:CE:F5:D6:73:0F:91:BB
Certificate issuer: /CN=3b94a1d881dd4beb2fd31b76fa0d5d585a9b238f
Certificate serial: 0194221F8FA898ECB42545ADBF8AF59C9399
Authority key identifier: 3B:94:A1:D8:81:DD:4B:EB:2F:D3:1B:76:FA:0D:5D:58:5A:9B:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5Sh2IHdS-sv0xt2-g1dWFqbI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/jMpUEgHSZf2qOszwtc711nMPkbs.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39479
IP address blocks: 185.91.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 18 Apr 2025 08:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8f:a8:98:ec:b4:25:45:ad:bf:8a:f5:9c:93:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b94a1d881dd4beb2fd31b76fa0d5d585a9b238f
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cca541201d265fdaa3accf0b5cef5d6730f91bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:64:96:e4:b1:cd:84:95:ca:17:ab:10:23:d7:
5d:6d:95:aa:99:19:0b:f2:c5:e6:1c:79:d1:0e:17:
7f:db:f9:56:a9:a8:ba:77:67:04:78:5d:e6:7b:0f:
54:2e:1a:c9:8d:82:b7:1b:2e:34:69:1e:28:de:12:
c7:43:76:52:0e:7d:c0:14:56:6b:6a:22:74:d1:fd:
69:0a:35:3f:17:64:48:0d:27:13:4d:12:5d:e3:61:
26:9b:f9:70:34:ae:6e:68:d5:4b:b3:e0:85:4d:66:
3b:6c:7f:d1:1a:9e:ad:14:84:8a:6f:7c:5a:a7:68:
b6:53:ce:5f:63:4f:80:b2:cd:cd:30:29:1a:ab:c2:
54:7a:26:d9:d3:de:89:57:50:95:d4:e8:a7:0e:90:
fb:6b:4f:07:b5:11:10:6a:41:df:23:09:a3:3e:12:
36:eb:0f:6a:61:ad:98:96:eb:a2:78:bf:fe:3a:2c:
d5:a4:72:5c:0f:6b:74:19:f7:f8:d6:27:aa:7a:72:
28:e4:1f:b4:1a:da:05:c4:34:d9:c6:33:21:c0:a3:
e4:6a:b8:57:b7:50:b6:ba:56:c6:e0:f8:bf:35:27:
b8:2b:b5:fc:dd:42:86:84:f4:4b:78:5a:e8:21:c0:
b0:64:1d:d7:18:ab:6a:6a:85:c9:03:4c:b0:0c:5e:
cd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CA:54:12:01:D2:65:FD:AA:3A:CC:F0:B5:CE:F5:D6:73:0F:91:BB
X509v3 Authority Key Identifier:
keyid:3B:94:A1:D8:81:DD:4B:EB:2F:D3:1B:76:FA:0D:5D:58:5A:9B:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5Sh2IHdS-sv0xt2-g1dWFqbI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/jMpUEgHSZf2qOszwtc711nMPkbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/7c6b2d-ac42-487e-9c19-1618776bdaae/1/O5Sh2IHdS-sv0xt2-g1dWFqbI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.160.0/22
Signature Algorithm: sha256WithRSAEncryption
58:ca:8f:ce:29:de:ec:2d:ef:23:3a:20:ee:4f:e1:a7:e0:10:
4e:94:30:58:db:0e:99:dc:ae:ad:24:6d:fb:16:da:6a:6d:7f:
d1:e0:13:92:21:e0:c9:34:bc:19:d6:60:0f:0d:57:4e:b9:c7:
7d:0f:a9:a1:bf:f6:04:e1:43:c7:3d:78:0b:e1:e1:56:7f:76:
b6:ad:b4:36:18:e7:33:00:dd:fe:50:50:59:ff:1e:6d:0e:07:
ef:1c:77:52:11:32:aa:c8:e3:86:da:c4:4e:8a:c9:e8:ba:b8:
73:3e:20:89:41:c0:00:0a:70:7b:ac:ed:78:d0:9c:9c:0e:56:
73:8b:11:4c:02:e4:60:e9:32:10:a3:d2:7e:69:62:98:64:f4:
dd:49:6e:52:08:c7:73:a8:b1:6e:61:a1:f3:2f:fd:87:e2:82:
c1:32:d4:bb:c4:ab:7f:00:8e:c6:fa:36:bb:d3:af:b9:63:71:
f6:88:ad:2b:be:6b:c1:d3:70:3b:08:61:7f:70:a9:14:ca:2b:
6b:07:2d:28:4a:dd:11:9a:cf:51:c9:d1:6c:c3:0f:31:17:28:
34:bc:e6:59:c6:a6:41:df:e7:13:57:a5:7d:a4:0a:0f:b9:ee:
3a:a1:0e:36:4b:43:fd:67:3f:7e:9b:46:73:86:9b:fe:3f:de:
f4:1f:97:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4+omOy0JUWtv4r1nJOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTRhMWQ4ODFkZDRiZWIyZmQzMWI3NmZhMGQ1ZDU4NWE5
YjIzOGYwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NhNTQxMjAxZDI2NWZkYWEzYWNjZjBiNWNlZjVkNjczMGY5MWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWSW5LHNhJXKF6sQI9ddbZWqmRkL
8sXmHHnRDhd/2/lWqai6d2cEeF3mew9ULhrJjYK3Gy40aR4o3hLHQ3ZSDn3AFFZr
aiJ00f1pCjU/F2RIDScTTRJd42Emm/lwNK5uaNVLs+CFTWY7bH/RGp6tFISKb3xa
p2i2U85fY0+Ass3NMCkaq8JUeibZ096JV1CV1OinDpD7a08HtREQakHfIwmjPhI2
6w9qYa2YluuieL/+OizVpHJcD2t0Gff41ieqenIo5B+0GtoFxDTZxjMhwKPkarhX
t1C2ulbG4Pi/NSe4K7X83UKGhPRLeFroIcCwZB3XGKtqaoXJA0ywDF7NHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIzKVBIB0mX9qjrM8LXO9dZzD5G7MB8GA1UdIwQY
MBaAFDuUodiB3UvrL9MbdvoNXVhamyOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVTaDJJSGRTLXN2MHh0Mi1nMWRXRnFiSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS83YzZiMmQtYWM0Mi00ODdlLTljMTkt
MTYxODc3NmJkYWFlLzEvak1wVUVnSFNaZjJxT3N6d3RjNzExbk1Qa2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS83YzZiMmQtYWM0Mi00ODdlLTljMTktMTYxODc3NmJkYWFl
LzEvTzVTaDJJSGRTLXN2MHh0Mi1nMWRXRnFiSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVugMA0G
CSqGSIb3DQEBCwUAA4IBAQBYyo/OKd7sLe8jOiDuT+Gn4BBOlDBY2w6Z3K6tJG37
FtpqbX/R4BOSIeDJNLwZ1mAPDVdOucd9D6mhv/YE4UPHPXgL4eFWf3a2rbQ2GOcz
AN3+UFBZ/x5tDgfvHHdSETKqyOOG2sROisnourhzPiCJQcAACnB7rO140JycDlZz
ixFMAuRg6TIQo9J+aWKYZPTdSW5SCMdzqLFuYaHzL/2H4oLBMtS7xKt/AI7G+ja7
06+5Y3H2iK0rvmvB03A7CGF/cKkUyitrBy0oSt0Rms9RydFsww8xFyg0vOZZxqZB
3+cTV6V9pAoPue46oQ42S0P9Zz9+m0Zzhpv+P970H5d+
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:37:14 2025 by rpki-client