Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/beed93-4170-4f68-a392-28bf3d90bd7b/1/J5i5UGJ2oM3Wv9QBua0KFkA9PPg.roa
File: J5i5UGJ2oM3Wv9QBua0KFkA9PPg.roa (raw, json)
Hash identifier: H65xiRHkD5u9GzYuyb9s25lG5c9spG1Hf5ZvpuuE5wQ=
Subject key identifier: 27:98:B9:50:62:76:A0:CD:D6:BF:D4:01:B9:AD:0A:16:40:3D:3C:F8
Certificate issuer: /CN=79c7ea4d39f5cb5f45860a09ea3833ef8add6828
Certificate serial: 018CC3B72984277FA5CCD5D6B5499624D9AA
Authority key identifier: 79:C7:EA:4D:39:F5:CB:5F:45:86:0A:09:EA:38:33:EF:8A:DD:68:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ecfqTTn1y19FhgoJ6jgz74rdaCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/beed93-4170-4f68-a392-28bf3d90bd7b/1/J5i5UGJ2oM3Wv9QBua0KFkA9PPg.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197391
IP address blocks: 91.220.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:29:84:27:7f:a5:cc:d5:d6:b5:49:96:24:d9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79c7ea4d39f5cb5f45860a09ea3833ef8add6828
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2798b9506276a0cdd6bfd401b9ad0a16403d3cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dc:cf:ee:15:02:69:4b:97:c0:d5:e4:05:d8:
c8:cb:0c:74:24:de:a6:7c:ac:5c:96:78:8e:02:85:
cf:40:63:e6:b7:1c:25:87:04:5a:78:16:9a:a2:7b:
08:10:de:10:18:fa:b0:7a:8a:cc:21:e4:e3:eb:65:
04:9d:fb:4d:df:8b:b7:3a:aa:57:b9:20:ea:37:d3:
29:5b:4d:26:84:bd:f4:7c:b7:e9:0c:84:78:ba:2a:
b1:43:9a:f1:cd:60:8d:eb:da:f2:7f:db:6d:2c:61:
09:cd:47:e4:40:5e:80:36:09:cb:82:e9:8b:0f:f0:
10:26:d1:91:05:26:76:ed:bc:69:47:d1:28:a2:dc:
57:e5:45:dc:d5:f9:12:87:17:ca:f0:c6:39:fc:62:
f1:16:8a:b4:af:fe:b1:5f:d3:02:0e:dc:40:87:d3:
ce:5d:85:c1:0e:7d:5f:ef:44:e9:5f:54:e2:5d:71:
3c:2c:10:7e:4d:27:76:0a:8c:72:35:12:50:cc:f0:
df:51:78:84:97:87:e1:40:96:ef:d1:11:c2:ae:3b:
1d:f1:ec:61:ab:5f:4b:8b:a3:7b:e8:a8:cc:9f:79:
cf:34:53:66:bf:8e:32:d8:d5:49:90:a0:b6:be:01:
17:db:35:55:7a:9b:a5:a8:ed:cb:ce:86:1c:e9:4f:
1e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:98:B9:50:62:76:A0:CD:D6:BF:D4:01:B9:AD:0A:16:40:3D:3C:F8
X509v3 Authority Key Identifier:
keyid:79:C7:EA:4D:39:F5:CB:5F:45:86:0A:09:EA:38:33:EF:8A:DD:68:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ecfqTTn1y19FhgoJ6jgz74rdaCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/beed93-4170-4f68-a392-28bf3d90bd7b/1/J5i5UGJ2oM3Wv9QBua0KFkA9PPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/beed93-4170-4f68-a392-28bf3d90bd7b/1/ecfqTTn1y19FhgoJ6jgz74rdaCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.119.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d0:25:e4:a7:a3:b1:84:d4:3c:35:6e:f0:2e:1a:ff:47:b6:
ee:5c:cb:a9:06:13:33:d3:30:a5:b5:4a:7b:a8:7e:55:9a:f9:
f2:87:36:08:c8:76:ab:cc:a5:16:f0:0d:e9:fc:c1:15:1b:34:
dc:69:c3:a4:b5:02:84:a8:29:e9:60:20:f6:8f:04:c7:81:ed:
03:94:80:8a:77:0a:cc:e6:83:70:b7:75:a1:1e:39:f0:1c:bf:
6d:39:63:98:6e:49:29:25:45:50:81:df:0a:63:cd:e0:24:5b:
d2:72:dc:00:9a:9d:4a:4f:f4:8f:7d:41:29:8d:59:4b:1e:87:
32:89:34:54:be:eb:6f:29:87:66:d8:f2:fe:be:ef:1c:7c:c5:
98:37:19:27:a0:40:3d:9a:c6:05:35:42:69:83:6d:01:99:36:
56:59:7a:0a:d6:09:32:75:e2:7f:6c:40:63:0d:e1:b8:8e:31:
54:a3:ff:c0:11:7d:13:90:c6:db:c8:45:4d:86:a0:b8:ca:f9:
6a:3b:17:29:fd:2a:65:2e:4f:aa:48:9e:42:cc:21:8c:ee:81:
b0:86:23:f1:ac:67:34:87:33:19:8f:70:0f:83:07:26:97:91:
57:f4:67:4b:69:f7:de:06:76:cf:be:a7:70:97:7e:23:ab:8f:
14:ef:4e:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtymEJ3+lzNXWtUmWJNmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YzdlYTRkMzlmNWNiNWY0NTg2MGEwOWVhMzgzM2VmOGFk
ZDY4MjgwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk4Yjk1MDYyNzZhMGNkZDZiZmQ0MDFiOWFkMGExNjQwM2QzY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndzP7hUCaUuXwNXkBdjIywx0JN6m
fKxclniOAoXPQGPmtxwlhwRaeBaaonsIEN4QGPqweorMIeTj62UEnftN34u3OqpX
uSDqN9MpW00mhL30fLfpDIR4uiqxQ5rxzWCN69ryf9ttLGEJzUfkQF6ANgnLgumL
D/AQJtGRBSZ27bxpR9EootxX5UXc1fkShxfK8MY5/GLxFoq0r/6xX9MCDtxAh9PO
XYXBDn1f70TpX1TiXXE8LBB+TSd2CoxyNRJQzPDfUXiEl4fhQJbv0RHCrjsd8exh
q19Li6N76KjMn3nPNFNmv44y2NVJkKC2vgEX2zVVepulqO3LzoYc6U8ePwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeYuVBidqDN1r/UAbmtChZAPTz4MB8GA1UdIwQY
MBaAFHnH6k059ctfRYYKCeo4M++K3WgoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWNmcVRUbjF5MTlGaGdvSjZqZ3o3NHJkYUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iZWVkOTMtNDE3MC00ZjY4LWEzOTIt
MjhiZjNkOTBiZDdiLzEvSjVpNVVHSjJvTTNXdjlRQnVhMEtGa0E5UFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iZWVkOTMtNDE3MC00ZjY4LWEzOTItMjhiZjNkOTBiZDdi
LzEvZWNmcVRUbjF5MTlGaGdvSjZqZ3o3NHJkYUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9x3MA0G
CSqGSIb3DQEBCwUAA4IBAQA80CXkp6OxhNQ8NW7wLhr/R7buXMupBhMz0zCltUp7
qH5VmvnyhzYIyHarzKUW8A3p/MEVGzTcacOktQKEqCnpYCD2jwTHge0DlICKdwrM
5oNwt3WhHjnwHL9tOWOYbkkpJUVQgd8KY83gJFvSctwAmp1KT/SPfUEpjVlLHocy
iTRUvutvKYdm2PL+vu8cfMWYNxknoEA9msYFNUJpg20BmTZWWXoK1gkydeJ/bEBj
DeG4jjFUo//AEX0TkMbbyEVNhqC4yvlqOxcp/SplLk+qSJ5CzCGM7oGwhiPxrGc0
hzMZj3APgwcml5FX9GdLaffeBnbPvqdwl34jq48U7059
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:11:03 2025 by rpki-client