Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/26cc6a-6f17-40a9-b987-6fc717175e58/1/ohN5Vr-pCrwgUkAocrgxMEe93NA.roa
File: ohN5Vr-pCrwgUkAocrgxMEe93NA.roa (raw, json)
Hash identifier: b/qdw7HLCo/xIt07t711pV0UMrv/tLCDBDQIIR+SdA4=
Subject key identifier: A2:13:79:56:BF:A9:0A:BC:20:52:40:28:72:B8:31:30:47:BD:DC:D0
Certificate issuer: /CN=b537115961c6abf5b87abe4a20053e4aca1b6ec2
Certificate serial: 018CC794E7D4A8955224F06480EC1A3EAA45
Authority key identifier: B5:37:11:59:61:C6:AB:F5:B8:7A:BE:4A:20:05:3E:4A:CA:1B:6E:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTcRWWHGq_W4er5KIAU-SsobbsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/26cc6a-6f17-40a9-b987-6fc717175e58/1/ohN5Vr-pCrwgUkAocrgxMEe93NA.roa
Signing time: Tue 02 Jan 2024 00:31:13 +0000
ROA not before: Tue 02 Jan 2024 00:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207413
IP address blocks: 91.194.140.0/23 maxlen: 24
91.194.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:e7:d4:a8:95:52:24:f0:64:80:ec:1a:3e:aa:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b537115961c6abf5b87abe4a20053e4aca1b6ec2
Validity
Not Before: Jan 2 00:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2137956bfa90abc2052402872b8313047bddcd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:e6:2e:6a:95:10:f6:08:c0:ea:b5:f9:1b:
72:5a:01:b8:7a:ee:09:45:e9:b1:b0:d0:48:80:b4:
a7:68:68:40:b4:75:6e:2b:56:af:b8:07:74:18:e3:
9c:43:09:7c:0a:fd:77:5f:62:31:80:b1:74:d9:c6:
05:a4:50:d1:2e:08:69:da:ea:ca:9e:b4:cd:28:58:
18:a2:85:77:14:93:98:dc:4a:a5:b1:71:63:99:29:
22:0f:da:0c:3b:26:da:4f:11:68:c8:5d:92:6d:2b:
d7:b5:50:09:1b:62:12:a2:91:a5:63:a5:18:2d:f1:
2c:99:57:f1:85:fb:ad:be:3f:3a:81:38:58:4b:2a:
af:6f:77:11:8d:96:18:55:2a:cd:d1:08:21:4c:f9:
24:4a:fa:da:65:e0:d6:59:15:ed:a6:59:46:f2:f3:
58:fd:7f:8e:5c:84:38:58:ea:37:d6:0c:ec:ee:0f:
53:13:92:08:58:bb:1c:cf:bb:02:f1:7c:ce:e1:f9:
aa:63:9e:5c:87:0c:e9:9b:4b:dd:52:bc:5c:a5:1a:
32:c9:89:29:21:ad:55:3e:42:81:a1:09:c8:81:d4:
41:02:1b:32:1a:0f:a3:b4:c1:83:ef:22:6f:48:1d:
d3:fd:1e:62:3b:e9:2d:01:8a:84:21:e5:11:22:5e:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:13:79:56:BF:A9:0A:BC:20:52:40:28:72:B8:31:30:47:BD:DC:D0
X509v3 Authority Key Identifier:
keyid:B5:37:11:59:61:C6:AB:F5:B8:7A:BE:4A:20:05:3E:4A:CA:1B:6E:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTcRWWHGq_W4er5KIAU-SsobbsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/26cc6a-6f17-40a9-b987-6fc717175e58/1/ohN5Vr-pCrwgUkAocrgxMEe93NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/26cc6a-6f17-40a9-b987-6fc717175e58/1/tTcRWWHGq_W4er5KIAU-SsobbsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.140.0/23
91.194.166.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:5c:23:2f:9c:9a:e7:30:fb:35:c4:4e:63:b0:ba:66:c5:de:
2c:0d:b5:6b:b0:50:93:47:8e:21:c0:dd:58:0f:ce:64:a5:52:
48:df:3c:6b:d4:a8:7b:b3:e8:d1:e2:9b:ac:b7:76:9b:8e:fc:
75:1f:25:12:71:6e:4f:46:7b:25:41:35:2b:61:bc:20:1e:4a:
3c:c6:cb:57:5a:c4:4d:e3:ce:54:34:ec:66:9e:c1:a1:3f:b7:
d6:80:a2:f8:b2:a4:14:74:14:2b:3a:d4:ef:cb:03:76:58:1c:
cd:05:8e:15:ae:62:69:d5:57:3c:02:cd:f4:a0:05:38:e1:16:
15:4d:67:4f:54:48:9e:fa:d0:84:58:dd:25:2d:3e:73:67:bf:
cd:1f:11:c8:83:09:d7:8b:99:19:24:d6:7f:e0:c3:1d:4f:f4:
e6:a3:d1:ad:96:a6:34:41:a7:6a:fd:48:57:b2:49:a3:13:02:
be:93:c3:70:19:a3:1c:0e:81:7f:22:e9:93:07:99:da:bf:52:
d7:d8:af:35:b8:e1:2d:d6:2b:a3:de:66:22:4c:ec:d0:36:9c:
e4:25:7e:58:0e:c2:f2:a0:46:67:55:50:b9:6c:12:17:87:b8:
5c:19:c0:cc:55:c9:ba:b9:7f:b2:32:4f:86:e7:73:76:80:3f:
c1:81:90:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlOfUqJVSJPBkgOwaPqpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzcxMTU5NjFjNmFiZjViODdhYmU0YTIwMDUzZTRhY2Ex
YjZlYzIwHhcNMjQwMTAyMDAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEzNzk1NmJmYTkwYWJjMjA1MjQwMjg3MmI4MzEzMDQ3YmRkY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn43mLmqVEPYIwOq1+RtyWgG4eu4J
RemxsNBIgLSnaGhAtHVuK1avuAd0GOOcQwl8Cv13X2IxgLF02cYFpFDRLghp2urK
nrTNKFgYooV3FJOY3EqlsXFjmSkiD9oMOybaTxFoyF2SbSvXtVAJG2ISopGlY6UY
LfEsmVfxhfutvj86gThYSyqvb3cRjZYYVSrN0QghTPkkSvraZeDWWRXtpllG8vNY
/X+OXIQ4WOo31gzs7g9TE5IIWLscz7sC8XzO4fmqY55chwzpm0vdUrxcpRoyyYkp
Ia1VPkKBoQnIgdRBAhsyGg+jtMGD7yJvSB3T/R5iO+ktAYqEIeURIl78kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKITeVa/qQq8IFJAKHK4MTBHvdzQMB8GA1UdIwQY
MBaAFLU3EVlhxqv1uHq+SiAFPkrKG27CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRjUldXSEdxX1c0ZXI1S0lBVS1Tc29iYnNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8yNmNjNmEtNmYxNy00MGE5LWI5ODct
NmZjNzE3MTc1ZTU4LzEvb2hONVZyLXBDcndnVWtBb2NyZ3hNRWU5M05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8yNmNjNmEtNmYxNy00MGE5LWI5ODctNmZjNzE3MTc1ZTU4
LzEvdFRjUldXSEdxX1c0ZXI1S0lBVS1Tc29iYnNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW8KMAwQB
W8KmMA0GCSqGSIb3DQEBCwUAA4IBAQC2XCMvnJrnMPs1xE5jsLpmxd4sDbVrsFCT
R44hwN1YD85kpVJI3zxr1Kh7s+jR4pust3abjvx1HyUScW5PRnslQTUrYbwgHko8
xstXWsRN485UNOxmnsGhP7fWgKL4sqQUdBQrOtTvywN2WBzNBY4VrmJp1Vc8As30
oAU44RYVTWdPVEie+tCEWN0lLT5zZ7/NHxHIgwnXi5kZJNZ/4MMdT/Tmo9GtlqY0
Qadq/UhXskmjEwK+k8NwGaMcDoF/IumTB5nav1LX2K81uOEt1iuj3mYiTOzQNpzk
JX5YDsLyoEZnVVC5bBIXh7hcGcDMVcm6uX+yMk+G53N2gD/BgZAp
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:54:41 2025 by rpki-client