Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/a5d98f-fa7e-401f-808f-44a91ba17b08/1/bV-qhc1iXWVIdpRVXbCw-IjG_8k.roa
File: bV-qhc1iXWVIdpRVXbCw-IjG_8k.roa (raw, json)
Hash identifier: APy4bu9puTI7LF2iI/VEOT6mU/+/+OrWF7V03BXzy/U=
Subject key identifier: 6D:5F:AA:85:CD:62:5D:65:48:76:94:55:5D:B0:B0:F8:88:C6:FF:C9
Certificate issuer: /CN=90516379a042df7445e42efb3646d1f25a67d504
Certificate serial: 018CC5DC33B8FE5CA65FBE82BA4873B8B464
Authority key identifier: 90:51:63:79:A0:42:DF:74:45:E4:2E:FB:36:46:D1:F2:5A:67:D5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFFjeaBC33RF5C77NkbR8lpn1QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/a5d98f-fa7e-401f-808f-44a91ba17b08/1/bV-qhc1iXWVIdpRVXbCw-IjG_8k.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198348
IP address blocks: 91.233.230.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:33:b8:fe:5c:a6:5f:be:82:ba:48:73:b8:b4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90516379a042df7445e42efb3646d1f25a67d504
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d5faa85cd625d65487694555db0b0f888c6ffc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:41:e2:47:70:69:53:0a:aa:b2:e9:fe:34:
02:a8:55:58:f1:a2:19:d0:1f:d5:c6:b9:18:be:87:
90:a5:c2:53:3b:de:a0:17:33:bb:34:d3:e6:26:3e:
df:5b:39:55:f7:a3:22:ad:d4:e5:09:17:23:c3:90:
f0:39:70:41:22:a7:c2:1d:10:aa:6b:14:d1:56:36:
c6:f0:54:e2:73:03:e4:80:a6:cd:f2:f0:83:01:8e:
9c:1f:64:40:68:d2:d1:60:9d:02:b3:7e:2f:fc:0c:
d2:59:25:20:26:9e:91:1c:cd:0c:6d:51:57:24:81:
37:cb:4d:91:a0:0d:72:06:be:bf:71:9d:62:f5:d4:
63:cc:e6:10:05:c8:bf:7a:16:10:f6:40:da:e1:f6:
11:9d:55:53:9a:10:d8:31:81:0c:8b:49:22:4a:4d:
ab:84:48:06:90:20:0a:c8:72:95:24:68:ab:82:39:
fc:a7:60:fa:23:ab:74:d1:d8:56:e3:c7:23:18:31:
03:9a:22:95:2f:1c:7c:0f:87:67:6e:72:25:41:5a:
53:20:c8:95:47:1b:ec:83:53:94:84:3d:e6:08:31:
29:6e:2c:e3:a4:73:c5:33:71:da:3a:79:00:3a:71:
bb:e8:52:06:a6:19:36:dd:96:79:e3:67:a7:9f:c7:
c1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5F:AA:85:CD:62:5D:65:48:76:94:55:5D:B0:B0:F8:88:C6:FF:C9
X509v3 Authority Key Identifier:
keyid:90:51:63:79:A0:42:DF:74:45:E4:2E:FB:36:46:D1:F2:5A:67:D5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFFjeaBC33RF5C77NkbR8lpn1QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a5d98f-fa7e-401f-808f-44a91ba17b08/1/bV-qhc1iXWVIdpRVXbCw-IjG_8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/a5d98f-fa7e-401f-808f-44a91ba17b08/1/kFFjeaBC33RF5C77NkbR8lpn1QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.230.0/23
Signature Algorithm: sha256WithRSAEncryption
03:6e:ee:90:ad:07:2a:a4:3d:ca:96:8d:bc:0b:93:67:20:7b:
23:35:cd:88:d3:d8:4a:9e:eb:53:67:95:22:e8:cf:e5:d7:f3:
cd:1a:40:bb:12:e3:19:e2:b5:bc:ea:ba:e3:34:8d:b5:2f:79:
ce:09:3f:7b:db:10:ed:9b:8b:ab:1c:da:ca:ad:b7:89:5f:cb:
f3:55:76:6d:52:30:cf:6f:76:30:ab:69:b9:91:33:69:9e:b5:
c9:a5:f8:d2:43:7e:37:90:0f:39:4b:53:dc:30:d9:6e:23:fd:
d7:43:33:23:21:0f:85:ee:e3:cc:86:83:21:67:c8:f2:17:a4:
b8:e7:40:a8:74:7d:40:83:b4:21:05:e5:7b:d1:a5:c0:39:0c:
b2:d0:c4:7a:af:f2:75:37:fb:2b:bd:cd:c7:38:65:3f:a4:bb:
4d:b4:5e:56:e6:31:3f:3b:6f:83:cd:8f:a1:0a:d7:ad:d1:91:
07:3e:d9:93:6c:9a:03:06:8c:01:53:70:d7:b0:c4:aa:df:3a:
86:44:53:36:60:98:83:f8:52:d1:e5:86:09:6e:41:75:90:91:
8b:3b:9b:73:39:19:54:b4:e4:45:27:85:52:cb:0b:8a:12:ed:
ec:db:2b:02:db:e8:b5:43:8c:2d:c7:27:61:4b:c3:a3:fc:61:
81:f8:26:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DO4/lymX76CukhzuLRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNTE2Mzc5YTA0MmRmNzQ0NWU0MmVmYjM2NDZkMWYyNWE2
N2Q1MDQwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVmYWE4NWNkNjI1ZDY1NDg3Njk0NTU1ZGIwYjBmODg4YzZmZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOhB4kdwaVMKqrLp/jQCqFVY8aIZ
0B/VxrkYvoeQpcJTO96gFzO7NNPmJj7fWzlV96MirdTlCRcjw5DwOXBBIqfCHRCq
axTRVjbG8FTicwPkgKbN8vCDAY6cH2RAaNLRYJ0Cs34v/AzSWSUgJp6RHM0MbVFX
JIE3y02RoA1yBr6/cZ1i9dRjzOYQBci/ehYQ9kDa4fYRnVVTmhDYMYEMi0kiSk2r
hEgGkCAKyHKVJGirgjn8p2D6I6t00dhW48cjGDEDmiKVLxx8D4dnbnIlQVpTIMiV
Rxvsg1OUhD3mCDEpbizjpHPFM3HaOnkAOnG76FIGphk23ZZ542enn8fB0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1fqoXNYl1lSHaUVV2wsPiIxv/JMB8GA1UdIwQY
MBaAFJBRY3mgQt90ReQu+zZG0fJaZ9UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZGamVhQkMzM1JGNUM3N05rYlI4bHBuMVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9hNWQ5OGYtZmE3ZS00MDFmLTgwOGYt
NDRhOTFiYTE3YjA4LzEvYlYtcWhjMWlYV1ZJZHBSVlhiQ3ctSWpHXzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9hNWQ5OGYtZmE3ZS00MDFmLTgwOGYtNDRhOTFiYTE3YjA4
LzEva0ZGamVhQkMzM1JGNUM3N05rYlI4bHBuMVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+nmMA0G
CSqGSIb3DQEBCwUAA4IBAQADbu6QrQcqpD3Klo28C5NnIHsjNc2I09hKnutTZ5Ui
6M/l1/PNGkC7EuMZ4rW86rrjNI21L3nOCT972xDtm4urHNrKrbeJX8vzVXZtUjDP
b3Ywq2m5kTNpnrXJpfjSQ343kA85S1PcMNluI/3XQzMjIQ+F7uPMhoMhZ8jyF6S4
50CodH1Ag7QhBeV70aXAOQyy0MR6r/J1N/srvc3HOGU/pLtNtF5W5jE/O2+DzY+h
Ctet0ZEHPtmTbJoDBowBU3DXsMSq3zqGRFM2YJiD+FLR5YYJbkF1kJGLO5tzORlU
tORFJ4VSywuKEu3s2ysC2+i1Q4wtxydhS8Oj/GGB+CZt
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:15 2025 by rpki-client