Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Bg93JFwINWxdkawOyHY8qWmPBDQ.roa
File: Bg93JFwINWxdkawOyHY8qWmPBDQ.roa (raw, json)
Hash identifier: X8+NWj7+BvAd/saRT6xxiZBBeHuHSgVwSstTt2jZPB8=
Subject key identifier: 06:0F:77:24:5C:08:35:6C:5D:91:AC:0E:C8:76:3C:A9:69:8F:04:34
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0194ACAFBF07DCA451F259D4E01D923207E1
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Bg93JFwINWxdkawOyHY8qWmPBDQ.roa
Signing time: Tue 28 Jan 2025 11:33:06 +0000
ROA not before: Tue 28 Jan 2025 11:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 91.132.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 03 Feb 2025 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:af:bf:07:dc:a4:51:f2:59:d4:e0:1d:92:32:07:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 28 11:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=060f77245c08356c5d91ac0ec8763ca9698f0434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2f:f9:30:dc:eb:90:e5:6b:0f:d3:77:18:57:
7b:58:6a:ee:4e:1e:92:e5:d8:d7:f5:c6:38:9b:6f:
a1:22:7c:77:05:cb:39:5a:fd:66:34:77:60:8c:c4:
28:7c:78:f8:b1:34:56:e1:c2:1a:2a:81:00:df:56:
e0:43:d7:01:cf:6e:c0:40:c5:da:17:c6:e0:47:55:
23:a9:ae:a2:16:2e:45:b6:ec:88:83:47:fb:c1:a1:
a0:d4:17:76:95:96:ce:33:c5:ac:e0:c5:99:91:62:
c3:1e:08:c8:57:15:13:d2:e9:8a:bf:f1:bb:a1:22:
6e:0a:31:e4:25:db:1f:73:98:68:30:b3:f0:a4:98:
75:13:76:94:a9:f5:d7:cb:ad:9a:33:cb:86:5a:6d:
3a:90:53:e4:21:46:68:16:27:26:a7:3e:47:5e:cb:
fd:eb:c3:68:46:bd:16:86:7d:77:9c:17:51:0d:6d:
70:ea:8c:51:44:19:01:1e:39:85:e2:eb:d4:89:3a:
cc:39:7c:3f:e5:0f:0d:b8:87:1a:36:6b:58:73:28:
c4:35:c3:5a:39:fa:5e:e7:45:b3:16:2e:55:70:a9:
fa:1e:18:4b:34:8b:0d:16:c9:8f:62:5f:cd:80:12:
63:23:92:bc:5e:a7:ee:d9:9c:b7:7a:9f:c5:e1:f5:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0F:77:24:5C:08:35:6C:5D:91:AC:0E:C8:76:3C:A9:69:8F:04:34
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/Bg93JFwINWxdkawOyHY8qWmPBDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.160.0/22
Signature Algorithm: sha256WithRSAEncryption
72:6d:ee:15:8f:8c:78:08:50:7a:58:81:98:44:8b:e1:6f:4d:
07:54:0f:28:e6:1e:41:09:d5:b7:4c:d7:3b:7f:97:3a:32:dc:
74:5f:bb:fe:85:58:70:d9:89:71:7e:13:03:21:8d:04:a9:92:
2a:29:10:13:45:46:88:66:71:6c:21:a1:38:cb:af:0f:0e:82:
da:49:fd:0d:9e:82:04:8b:e1:44:a2:21:dd:40:b4:09:b9:ef:
3a:8c:d9:a3:bd:b2:0f:8e:14:66:09:61:a5:a1:14:18:e1:08:
58:7a:ed:ff:ed:db:64:70:27:97:9f:c7:1b:ec:3b:64:35:4d:
49:d7:32:33:b5:4d:f5:27:e0:38:37:4b:be:4d:47:7a:9f:f5:
45:2d:8c:17:ef:39:d4:1c:82:85:68:90:e2:48:e5:fb:d7:4e:
a2:01:6c:82:63:80:62:68:f1:52:bc:67:4f:3e:33:56:99:d1:
08:d3:b7:db:82:87:aa:ef:f3:79:9c:c8:4a:4a:8b:ae:da:17:
f2:eb:19:40:a0:38:7b:fd:49:9b:42:6a:e6:fe:74:5b:f9:98:
6b:90:41:02:cf:ae:3a:2a:3f:75:75:67:2c:f3:77:79:51:ce:
a3:99:ed:2f:d0:9b:a7:8d:c8:d0:68:86:c9:8f:56:70:c0:1f:
80:91:7d:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSsr78H3KRR8lnU4B2SMgfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMTI4MTEzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjBmNzcyNDVjMDgzNTZjNWQ5MWFjMGVjODc2M2NhOTY5OGYwNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS/5MNzrkOVrD9N3GFd7WGruTh6S
5djX9cY4m2+hInx3Bcs5Wv1mNHdgjMQofHj4sTRW4cIaKoEA31bgQ9cBz27AQMXa
F8bgR1Ujqa6iFi5FtuyIg0f7waGg1Bd2lZbOM8Ws4MWZkWLDHgjIVxUT0umKv/G7
oSJuCjHkJdsfc5hoMLPwpJh1E3aUqfXXy62aM8uGWm06kFPkIUZoFicmpz5HXsv9
68NoRr0Whn13nBdRDW1w6oxRRBkBHjmF4uvUiTrMOXw/5Q8NuIcaNmtYcyjENcNa
Ofpe50WzFi5VcKn6HhhLNIsNFsmPYl/NgBJjI5K8Xqfu2Zy3ep/F4fXzIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYPdyRcCDVsXZGsDsh2PKlpjwQ0MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvQmc5M0pGd0lOV3hka2F3T3lIWThxV21QQkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBybe4Vj4x4CFB6WIGYRIvhb00HVA8o5h5BCdW3TNc7
f5c6Mtx0X7v+hVhw2YlxfhMDIY0EqZIqKRATRUaIZnFsIaE4y68PDoLaSf0NnoIE
i+FEoiHdQLQJue86jNmjvbIPjhRmCWGloRQY4QhYeu3/7dtkcCeXn8cb7DtkNU1J
1zIztU31J+A4N0u+TUd6n/VFLYwX7znUHIKFaJDiSOX7106iAWyCY4BiaPFSvGdP
PjNWmdEI07fbgoeq7/N5nMhKSouu2hfy6xlAoDh7/UmbQmrm/nRb+ZhrkEECz646
Kj91dWcs83d5Uc6jme0v0JunjcjQaIbJj1ZwwB+AkX2X
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:12 2025 by rpki-client