Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/c5j68Bd-wHFEp68Y5t8Qyup1Png.roa
File: c5j68Bd-wHFEp68Y5t8Qyup1Png.roa (raw, json)
Hash identifier: BSCmpu3VORi+RpLuJ3Qza1QtqnUCr+vE0DjfqbYwmyU=
Subject key identifier: 73:98:FA:F0:17:7E:C0:71:44:A7:AF:18:E6:DF:10:CA:EA:75:3E:78
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 018D36D519084C76DF6A43035A4F7E085A59
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/c5j68Bd-wHFEp68Y5t8Qyup1Png.roa
Signing time: Tue 23 Jan 2024 14:59:11 +0000
ROA not before: Tue 23 Jan 2024 14:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5607
IP address blocks: 91.103.34.0/24 maxlen: 24
94.119.4.0/22 maxlen: 22
94.119.8.0/21 maxlen: 21
94.119.16.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:d5:19:08:4c:76:df:6a:43:03:5a:4f:7e:08:5a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 23 14:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7398faf0177ec07144a7af18e6df10caea753e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:16:0f:e4:b1:1e:c2:37:3c:16:6d:b8:3f:b7:
d6:d5:10:c5:76:9b:19:8d:cb:0a:f0:43:19:4b:0b:
c7:69:85:a2:f4:68:90:00:82:fa:74:59:70:22:ce:
51:b6:9c:5a:85:25:83:c1:25:a2:16:71:9c:05:8f:
96:bb:c7:d8:d7:c6:54:ec:d1:6e:c5:b8:70:6e:76:
1a:f4:5b:3d:25:a0:89:7e:44:a8:58:d0:1d:ff:f5:
3e:eb:55:02:fb:ee:39:6a:3c:6e:89:75:a7:ea:ab:
74:09:1f:46:8d:30:e0:77:a0:cf:55:26:08:ba:d5:
93:94:b0:02:0f:09:84:7b:eb:0c:68:d2:1c:6a:28:
9a:57:3f:68:2d:27:b8:a1:e4:b8:ce:bc:a6:de:3f:
f0:25:bf:28:f2:e3:47:44:cc:dc:bf:e1:60:66:97:
37:8f:1a:41:83:09:1e:04:73:b0:9a:da:18:b0:f9:
65:a2:7c:a8:b0:b7:4e:e1:43:72:fa:b5:56:8a:d7:
7f:04:0b:89:8e:f4:c7:cc:ae:95:25:b2:3c:6e:19:
b4:5b:d4:52:e5:7f:31:57:3a:64:e8:81:25:6f:8d:
df:66:01:79:d0:69:5d:e0:4d:e6:7c:b6:8c:5b:35:
02:99:d1:07:a8:5c:cc:a4:f8:ae:63:d1:56:4a:e0:
1e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:98:FA:F0:17:7E:C0:71:44:A7:AF:18:E6:DF:10:CA:EA:75:3E:78
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/c5j68Bd-wHFEp68Y5t8Qyup1Png.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.34.0/24
94.119.4.0-94.119.23.255
Signature Algorithm: sha256WithRSAEncryption
ca:f2:85:33:e6:8d:47:ad:4d:47:fa:86:63:d3:93:17:0c:7f:
db:9b:15:e3:5b:18:9b:3a:b7:10:e7:a1:4c:b6:d5:2e:8b:7d:
ee:e5:3c:66:61:b8:66:ec:ef:88:96:42:3a:75:b9:03:c6:3b:
70:22:27:d2:1c:48:52:27:4c:bf:80:ba:b7:53:c7:ee:28:cb:
89:53:25:c5:ba:cf:be:7a:3c:8f:d3:cf:b7:df:10:02:43:30:
73:d8:7e:a1:30:c1:5c:91:7d:3e:72:7c:3d:bd:77:a6:81:3b:
1f:8b:30:4a:0b:5c:b4:cd:b6:4b:9a:3d:90:76:22:f5:38:ff:
f6:d9:96:4c:5c:78:dd:23:55:62:3e:4a:98:70:1a:d4:d3:74:
aa:b4:b3:87:e2:55:ea:56:90:2e:ea:3e:48:37:08:b2:f5:42:
67:2b:e3:4e:66:e6:42:44:41:20:e5:a4:f0:11:0f:93:89:b7:
15:1b:28:2d:16:b2:1f:3e:04:b5:74:8a:cb:85:d7:f8:62:d2:
51:a4:91:3d:87:c3:78:a8:41:e0:f9:30:0f:7c:d5:80:58:01:
15:8c:28:6e:ff:fa:f7:7d:23:24:69:9e:f9:11:fe:e9:a6:ec:
5d:33:eb:7d:2c:d1:2b:bf:38:54:5b:50:2a:b8:9a:cb:12:5f:
2b:63:02:da
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY021RkITHbfakMDWk9+CFpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDM5OTUyODliNmE1Y2E5NzJjNGI4N2I1ZTMxNDljMzJj
YjQ0MzAwHhcNMjQwMTIzMTQ1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzk4ZmFmMDE3N2VjMDcxNDRhN2FmMThlNmRmMTBjYWVhNzUzZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBYP5LEewjc8Fm24P7fW1RDFdpsZ
jcsK8EMZSwvHaYWi9GiQAIL6dFlwIs5RtpxahSWDwSWiFnGcBY+Wu8fY18ZU7NFu
xbhwbnYa9Fs9JaCJfkSoWNAd//U+61UC++45ajxuiXWn6qt0CR9GjTDgd6DPVSYI
utWTlLACDwmEe+sMaNIcaiiaVz9oLSe4oeS4zrym3j/wJb8o8uNHRMzcv+FgZpc3
jxpBgwkeBHOwmtoYsPllonyosLdO4UNy+rVWitd/BAuJjvTHzK6VJbI8bhm0W9RS
5X8xVzpk6IElb43fZgF50Gld4E3mfLaMWzUCmdEHqFzMpPiuY9FWSuAeGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHOY+vAXfsBxRKevGObfEMrqdT54MB8GA1UdIwQY
MBaAFL5DmVKJtqXKlyxLh7XjFJwyy0QwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTIt
MzA2MDQ1ZWZjZDY4LzEvYzVqNjhCZC13SEZFcDY4WTV0OFF5dXAxUG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTItMzA2MDQ1ZWZjZDY4
LzEvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW2ciMAwD
BAJedwQDBANedxAwDQYJKoZIhvcNAQELBQADggEBAMryhTPmjUetTUf6hmPTkxcM
f9ubFeNbGJs6txDnoUy21S6Lfe7lPGZhuGbs74iWQjp1uQPGO3AiJ9IcSFInTL+A
urdTx+4oy4lTJcW6z756PI/Tz7ffEAJDMHPYfqEwwVyRfT5yfD29d6aBOx+LMEoL
XLTNtkuaPZB2IvU4//bZlkxceN0jVWI+SphwGtTTdKq0s4fiVepWkC7qPkg3CLL1
Qmcr405m5kJEQSDlpPARD5OJtxUbKC0Wsh8+BLV0isuF1/hi0lGkkT2Hw3ioQeD5
MA981YBYARWMKG7/+vd9IyRpnvkR/umm7F0z630s0Su/OFRbUCq4mssSXytjAto=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:34 2025 by rpki-client