Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/1b6kETI8Ott6CYTsOboMkIdS9No.roa
File: 1b6kETI8Ott6CYTsOboMkIdS9No.roa (raw, json)
Hash identifier: 2093R67ItDdtHNNed3UsioBdxzvlXBcnnS10+SNv4wI=
Subject key identifier: D5:BE:A4:11:32:3C:3A:DB:7A:09:84:EC:39:BA:0C:90:87:52:F4:DA
Certificate issuer: /CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Certificate serial: 018FEDEC26CDB0CEBCAF9123CC2F70FAFC92
Authority key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/1b6kETI8Ott6CYTsOboMkIdS9No.roa
Signing time: Thu 06 Jun 2024 14:20:27 +0000
ROA not before: Thu 06 Jun 2024 14:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 91.197.164.0/22 maxlen: 24
94.247.232.0/21 maxlen: 24
95.81.128.0/18 maxlen: 24
185.215.136.0/22 maxlen: 24
185.241.96.0/22 maxlen: 24
213.205.96.0/19 maxlen: 24
217.71.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 14:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:ec:26:cd:b0:ce:bc:af:91:23:cc:2f:70:fa:fc:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Validity
Not Before: Jun 6 14:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5bea411323c3adb7a0984ec39ba0c908752f4da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e0:40:7b:de:08:2d:f8:b4:6c:6e:d8:01:e6:
d0:4e:02:f0:16:95:59:44:04:fa:ce:f9:f9:ff:41:
d2:46:9c:30:d7:3c:8b:50:24:7b:ab:72:ce:b4:68:
a7:b6:fb:19:4c:78:c6:e7:c5:88:eb:f8:bf:43:f8:
72:7f:02:cf:87:b7:41:5a:c8:92:9e:dd:64:58:47:
5c:c3:4e:58:20:72:e0:99:48:86:f1:15:57:c5:2e:
74:fa:4f:aa:42:1e:63:a0:f9:47:08:ea:20:7e:3f:
cc:cf:16:53:47:b2:2c:bb:b8:ab:a9:b1:19:95:5a:
3f:d3:5e:07:a9:c6:03:6c:58:0c:23:6f:ed:0c:37:
eb:3c:cf:13:33:82:af:2d:aa:6d:f6:78:c3:ab:d5:
8e:4a:70:4d:92:f6:ba:19:c8:3d:33:66:8d:e4:de:
04:a9:23:5d:38:67:10:9c:e7:9e:59:60:89:c1:77:
d3:23:2a:df:82:ad:70:2c:72:a9:70:57:99:ce:8c:
02:4a:df:34:91:12:39:30:fb:13:19:40:4c:ef:4d:
8c:e8:a1:39:95:ff:28:93:89:19:80:e4:54:72:18:
7b:70:bd:fc:63:1d:90:90:25:5e:d8:53:4f:3f:26:
77:4c:0e:1f:0d:88:a0:aa:44:aa:09:d9:ed:ce:a3:
4a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BE:A4:11:32:3C:3A:DB:7A:09:84:EC:39:BA:0C:90:87:52:F4:DA
X509v3 Authority Key Identifier:
keyid:CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/1b6kETI8Ott6CYTsOboMkIdS9No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.164.0/22
94.247.232.0/21
95.81.128.0/18
185.215.136.0/22
185.241.96.0/22
213.205.96.0/19
217.71.208.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:22:69:76:2e:e6:2b:e8:76:db:d9:c3:6b:00:50:dd:54:c1:
46:a3:28:e7:d9:ba:d5:78:f1:ea:d1:42:52:5e:bf:e1:7c:2e:
75:4d:62:f9:61:1a:29:4b:b9:49:6b:91:e2:c7:24:9c:f9:eb:
dd:00:c0:75:a5:23:90:73:d3:6c:58:9a:02:a3:94:f4:4f:4f:
19:f0:97:a8:fd:2d:e5:cd:ff:70:11:56:a7:e5:c8:25:6a:5d:
83:a7:37:9e:3d:9b:75:a8:f5:7f:19:65:ac:97:1a:a0:6a:a9:
f6:ad:b0:e7:0a:a9:37:e5:ac:41:d9:22:6b:9b:7a:a5:ba:97:
d9:ec:0c:59:3b:98:1f:df:30:6e:bc:1a:c7:0b:aa:54:d3:27:
70:59:38:3a:96:90:0e:9d:c7:8f:57:38:e5:66:30:41:b9:5c:
64:42:df:3f:af:7a:97:35:9c:13:79:f2:88:e3:e0:00:19:e2:
7e:eb:74:c1:ff:d9:f5:58:0f:8c:9a:3c:4e:2d:6a:a0:3d:40:
c7:b1:52:b0:58:cd:e2:4a:93:d2:a8:c9:2b:45:9b:bf:e2:19:
ae:df:1c:47:59:54:56:b8:34:dd:1a:2b:cf:fd:73:a2:dd:cf:
ba:98:7d:eb:71:3c:d9:a7:a6:77:e7:e8:6f:3d:13:b9:f2:10:
1f:3b:42:79
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/t7CbNsM68r5EjzC9w+vySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMGNhMzQ4YWM4OTFjMzM2ZDhjNzk0NWE1YmQ1YjMzMjVl
YjVmMGIwHhcNMjQwNjA2MTQyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJlYTQxMTMyM2MzYWRiN2EwOTg0ZWMzOWJhMGM5MDg3NTJmNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOBAe94ILfi0bG7YAebQTgLwFpVZ
RAT6zvn5/0HSRpww1zyLUCR7q3LOtGintvsZTHjG58WI6/i/Q/hyfwLPh7dBWsiS
nt1kWEdcw05YIHLgmUiG8RVXxS50+k+qQh5joPlHCOogfj/MzxZTR7Isu7irqbEZ
lVo/014HqcYDbFgMI2/tDDfrPM8TM4KvLapt9njDq9WOSnBNkva6Gcg9M2aN5N4E
qSNdOGcQnOeeWWCJwXfTIyrfgq1wLHKpcFeZzowCSt80kRI5MPsTGUBM702M6KE5
lf8ok4kZgORUchh7cL38Yx2QkCVe2FNPPyZ3TA4fDYigqkSqCdntzqNKrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNW+pBEyPDrbegmE7Dm6DJCHUvTaMB8GA1UdIwQY
MBaAFMsMo0isiRwzbYx5RaW9WzMl618LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEt
NDI1MjMyZmQ1NjQzLzEvMWI2a0VUSThPdHQ2Q1lUc09ib01rSWRTOU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEtNDI1MjMyZmQ1NjQz
LzEveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCW8WkAwQD
XvfoAwQGX1GAAwQCudeIAwQCufFgAwQF1c1gAwQD2UfQMA0GCSqGSIb3DQEBCwUA
A4IBAQBKIml2LuYr6Hbb2cNrAFDdVMFGoyjn2brVePHq0UJSXr/hfC51TWL5YRop
S7lJa5HixySc+evdAMB1pSOQc9NsWJoCo5T0T08Z8Jeo/S3lzf9wEVan5cglal2D
pzeePZt1qPV/GWWslxqgaqn2rbDnCqk35axB2SJrm3qlupfZ7AxZO5gf3zBuvBrH
C6pU0ydwWTg6lpAOncePVzjlZjBBuVxkQt8/r3qXNZwTefKI4+AAGeJ+63TB/9n1
WA+MmjxOLWqgPUDHsVKwWM3iSpPSqMkrRZu/4hmu3xxHWVRWuDTdGivP/XOi3c+6
mH3rcTzZp6Z35+hvPRO58hAfO0J5
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:16:15 2025 by rpki-client