Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nKhoMSEJJ3XAVoreR_6kgb-zwWg.roa
File: nKhoMSEJJ3XAVoreR_6kgb-zwWg.roa (raw, json)
Hash identifier: wgI61C/BISYXMcg1ito6MNgrv3FVjeKAuQTS1lre3fo=
Subject key identifier: 9C:A8:68:31:21:09:27:75:C0:56:8A:DE:47:FE:A4:81:BF:B3:C1:68
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F258EF8F12A854763112F50984AA7
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nKhoMSEJJ3XAVoreR_6kgb-zwWg.roa
Signing time: Tue 02 Jan 2024 04:29:36 +0000
ROA not before: Tue 02 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 20:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:25:8e:f8:f1:2a:85:47:63:11:2f:50:98:4a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca8683121092775c0568ade47fea481bfb3c168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:76:47:02:23:6c:0b:fa:df:88:b1:e0:31:cd:
c9:28:35:a4:c6:27:73:01:bc:2b:95:2b:6d:ab:97:
52:31:6e:a3:1a:54:1b:25:8c:8c:71:f5:4c:6f:74:
c8:a1:ba:2a:08:74:7e:c3:b7:c8:c5:5c:d2:c7:59:
47:5b:f3:98:63:8f:46:2e:ad:44:3b:71:dc:f2:4c:
3f:9c:29:26:e4:ad:9f:89:72:af:47:59:77:83:22:
df:fe:7d:2e:a3:e5:d1:0d:09:5d:9f:d4:aa:07:5b:
97:02:3d:1a:16:98:16:d9:93:a7:64:12:9d:13:02:
53:35:92:35:28:08:f1:ac:21:0f:11:73:70:a0:99:
dc:cb:80:b0:05:39:1c:c2:4f:7b:43:07:bf:f2:fa:
64:d9:8e:85:09:f5:41:a6:4b:b3:ef:6b:83:d8:e8:
2b:a3:e5:f7:d7:8d:16:c4:5b:7b:30:b3:a3:a4:24:
6a:fb:2c:46:f7:4a:5d:4e:0f:05:1e:e6:fc:93:7a:
52:13:bd:9e:4f:1c:f1:df:79:d0:09:0a:46:b5:7a:
8c:c2:d4:0f:cf:85:34:c7:6a:a0:03:f7:19:ca:72:
30:5e:6b:a9:a6:d6:e2:58:eb:8a:b7:1f:d9:7e:5f:
a8:61:85:66:f1:99:d3:f6:7a:7e:f8:8c:d4:07:55:
39:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A8:68:31:21:09:27:75:C0:56:8A:DE:47:FE:A4:81:BF:B3:C1:68
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/nKhoMSEJJ3XAVoreR_6kgb-zwWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.44.0/22
Signature Algorithm: sha256WithRSAEncryption
74:a3:5f:1a:7a:bb:f0:d7:43:35:f9:2f:c8:7d:cd:38:9e:fa:
e2:25:98:45:5a:99:16:51:27:8a:60:ed:96:19:30:b6:99:f3:
7b:04:a6:5d:28:7a:0d:1c:31:7a:1c:82:d9:3d:da:6b:01:b7:
b8:cf:2a:1d:9f:5a:3f:9d:5c:bd:a7:4d:71:29:0c:a7:2b:be:
33:db:f1:c8:0c:01:ca:a0:33:e0:93:16:63:57:66:da:9d:eb:
1a:dc:95:49:54:4b:70:f5:59:f2:cf:36:be:10:d6:d0:74:d3:
79:63:ec:9e:2e:80:35:bc:66:d1:ab:41:e9:fc:a2:7e:a3:d6:
37:72:93:e3:8a:53:a2:75:60:ee:cc:ad:02:57:28:6d:b9:1f:
0c:ff:76:b7:e4:c6:72:50:67:2c:d1:16:4e:9a:54:41:f5:09:
63:55:d0:3d:f1:34:a4:96:49:d3:88:b2:64:62:1e:38:d0:26:
da:96:e6:8f:4d:91:5d:ad:a1:af:e2:53:28:8f:1a:21:8a:ec:
3f:48:23:73:e2:f3:45:d6:0e:e9:c8:cd:e3:32:91:1c:54:06:
02:72:14:68:f4:c6:57:7d:42:55:46:2c:f9:fc:c1:5f:01:44:
06:a1:91:b2:7d:e4:a7:b1:f1:c3:c7:e7:27:14:2d:f0:02:d5:
e5:3b:ab:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbyWO+PEqhUdjES9QmEqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E4NjgzMTIxMDkyNzc1YzA1NjhhZGU0N2ZlYTQ4MWJmYjNjMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53ZHAiNsC/rfiLHgMc3JKDWkxidz
AbwrlSttq5dSMW6jGlQbJYyMcfVMb3TIoboqCHR+w7fIxVzSx1lHW/OYY49GLq1E
O3Hc8kw/nCkm5K2fiXKvR1l3gyLf/n0uo+XRDQldn9SqB1uXAj0aFpgW2ZOnZBKd
EwJTNZI1KAjxrCEPEXNwoJncy4CwBTkcwk97Qwe/8vpk2Y6FCfVBpkuz72uD2Ogr
o+X3140WxFt7MLOjpCRq+yxG90pdTg8FHub8k3pSE72eTxzx33nQCQpGtXqMwtQP
z4U0x2qgA/cZynIwXmupptbiWOuKtx/Zfl+oYYVm8ZnT9np++IzUB1U5lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyoaDEhCSd1wFaK3kf+pIG/s8FoMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbktob01TRUpKM1hBVm9yZVJfNmtnYi16d1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW1wsMA0G
CSqGSIb3DQEBCwUAA4IBAQB0o18aervw10M1+S/Ifc04nvriJZhFWpkWUSeKYO2W
GTC2mfN7BKZdKHoNHDF6HILZPdprAbe4zyodn1o/nVy9p01xKQynK74z2/HIDAHK
oDPgkxZjV2banesa3JVJVEtw9Vnyzza+ENbQdNN5Y+yeLoA1vGbRq0Hp/KJ+o9Y3
cpPjilOidWDuzK0CVyhtuR8M/3a35MZyUGcs0RZOmlRB9QljVdA98TSklknTiLJk
Yh440CbaluaPTZFdraGv4lMojxohiuw/SCNz4vNF1g7pyM3jMpEcVAYCchRo9MZX
fUJVRiz5/MFfAUQGoZGyfeSnsfHDx+cnFC3wAtXlO6uZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:13:18 2025 by rpki-client