Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/DTf2XBa9Z86XZ0WY1Pa0xAT3a6c.roa
File: DTf2XBa9Z86XZ0WY1Pa0xAT3a6c.roa (raw, json)
Hash identifier: hpz/5zC3yLaaL1sxoyKCtW4GUYxhecRgy4w9J35sc5A=
Subject key identifier: 0D:37:F6:5C:16:BD:67:CE:97:67:45:98:D4:F6:B4:C4:04:F7:6B:A7
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0194D0D527DB958E05F2E6AF40360F5E0D77
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/DTf2XBa9Z86XZ0WY1Pa0xAT3a6c.roa
Signing time: Tue 04 Feb 2025 12:00:17 +0000
ROA not before: Tue 04 Feb 2025 12:00:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 91.132.160.0/24 maxlen: 24
91.132.161.0/24 maxlen: 24
91.132.162.0/24 maxlen: 24
91.132.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 10:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:d5:27:db:95:8e:05:f2:e6:af:40:36:0f:5e:0d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Feb 4 12:00:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d37f65c16bd67ce97674598d4f6b4c404f76ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:28:22:94:52:3c:d0:7f:38:cc:f1:42:6a:
e8:16:91:e7:b3:31:b9:55:50:5f:7c:34:bd:99:7b:
0b:05:0e:0c:d9:92:8d:96:26:0a:5a:35:fa:22:04:
fe:08:ea:8f:de:64:4f:4d:67:1a:12:48:f7:bb:cd:
60:ff:a4:24:55:49:15:f2:0e:a4:e6:bb:1f:b5:e1:
b3:30:66:24:56:0f:ba:dc:7e:ed:31:2b:8a:27:50:
7b:79:f7:d8:01:4b:0a:cc:60:82:3e:4d:dd:1c:05:
c7:ae:57:d9:d5:d2:61:7f:2d:3c:af:e8:6a:30:dd:
a9:34:5f:ae:08:eb:92:85:cf:74:19:e9:0e:5d:b3:
81:5a:90:38:49:f7:67:c6:00:69:f9:1e:b3:bf:a6:
53:04:02:24:16:01:5e:a4:89:0a:0e:1f:f9:47:0f:
42:aa:84:10:e5:5a:e2:8d:61:74:15:52:d2:46:90:
62:f8:89:0b:d0:30:e9:8c:0e:96:de:68:42:04:93:
db:e2:e7:85:0c:0d:53:83:b1:07:e2:93:91:2a:e6:
f1:d0:2a:fc:7c:32:c9:97:c3:56:43:8c:2e:80:ae:
19:17:0b:b5:31:c4:59:0a:ea:e5:1c:b9:9e:27:5a:
c1:f4:50:c3:e1:b7:3a:ea:26:7d:05:f9:76:51:6f:
20:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:37:F6:5C:16:BD:67:CE:97:67:45:98:D4:F6:B4:C4:04:F7:6B:A7
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/DTf2XBa9Z86XZ0WY1Pa0xAT3a6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.160.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:e5:0c:3c:72:22:38:a4:91:37:0c:e5:9a:b6:e7:f5:47:6e:
b1:d9:f7:18:33:e0:39:a4:0c:ac:1f:4c:d5:48:9e:90:8b:75:
b2:f2:38:73:31:2a:f7:d9:7f:a6:56:3d:ec:31:b0:3a:76:04:
6d:25:e8:1e:26:2d:24:b6:70:5f:23:b9:cc:9a:54:ce:c9:89:
6b:68:3d:53:d6:e2:1b:47:02:cf:c1:e9:96:47:9a:5d:5e:a5:
51:8a:04:e2:8e:16:9f:38:8e:59:a5:9a:68:72:2e:f7:3f:b0:
41:a0:ac:5b:65:92:80:2c:4b:6a:db:50:d4:99:34:bf:33:86:
9c:bb:1a:e6:1c:1c:a2:98:b9:02:32:33:11:f3:55:9b:ff:03:
9f:0a:dc:c5:5a:f6:1d:9e:3b:a5:c1:4c:3d:95:04:ee:81:bd:
4a:f2:b8:4b:16:ee:14:0e:79:16:1e:e4:b2:d7:e8:a6:0b:49:
84:e0:68:ae:3c:cb:b7:64:93:0a:72:8f:e2:b8:7f:cc:fc:07:
13:61:08:7b:df:98:48:7f:d6:04:c9:90:a8:91:10:76:df:89:
d1:79:13:2e:a8:30:c8:d4:98:a5:89:de:3a:93:e9:b6:e4:0d:
4f:5c:01:ae:bf:59:56:c8:89:36:c1:a6:b3:5a:bd:0d:69:8f:
a5:1c:86:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTQ1SfblY4F8uavQDYPXg13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMjA0MTIwMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM3ZjY1YzE2YmQ2N2NlOTc2NzQ1OThkNGY2YjRjNDA0Zjc2YmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/MoIpRSPNB/OMzxQmroFpHnszG5
VVBffDS9mXsLBQ4M2ZKNliYKWjX6IgT+COqP3mRPTWcaEkj3u81g/6QkVUkV8g6k
5rsfteGzMGYkVg+63H7tMSuKJ1B7effYAUsKzGCCPk3dHAXHrlfZ1dJhfy08r+hq
MN2pNF+uCOuShc90GekOXbOBWpA4SfdnxgBp+R6zv6ZTBAIkFgFepIkKDh/5Rw9C
qoQQ5VrijWF0FVLSRpBi+IkL0DDpjA6W3mhCBJPb4ueFDA1Tg7EH4pORKubx0Cr8
fDLJl8NWQ4wugK4ZFwu1McRZCurlHLmeJ1rB9FDD4bc66iZ9Bfl2UW8g9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA039lwWvWfOl2dFmNT2tMQE92unMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvRFRmMlhCYTlaODZYWjBXWTFQYTB4QVQzYTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SgMA0G
CSqGSIb3DQEBCwUAA4IBAQBb5Qw8ciI4pJE3DOWatuf1R26x2fcYM+A5pAysH0zV
SJ6Qi3Wy8jhzMSr32X+mVj3sMbA6dgRtJegeJi0ktnBfI7nMmlTOyYlraD1T1uIb
RwLPwemWR5pdXqVRigTijhafOI5ZpZpoci73P7BBoKxbZZKALEtq21DUmTS/M4ac
uxrmHByimLkCMjMR81Wb/wOfCtzFWvYdnjulwUw9lQTugb1K8rhLFu4UDnkWHuSy
1+imC0mE4GiuPMu3ZJMKco/iuH/M/AcTYQh735hIf9YEyZCokRB234nReRMuqDDI
1Jilid46k+m25A1PXAGuv1lWyIk2waazWr0NaY+lHIbn
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:49 2025 by rpki-client