Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/sBeShjxnDhxRTvOlViISQA5DsZI.roa
File: sBeShjxnDhxRTvOlViISQA5DsZI.roa (raw, json)
Hash identifier: olk0oEcAlfP8ST3qtd1klAfm0k6qHj0lRrQ7jnxe2n8=
Subject key identifier: B0:17:92:86:3C:67:0E:1C:51:4E:F3:A5:56:22:12:40:0E:43:B1:92
Certificate issuer: /CN=282e432ed88bec1ad1454449632814d43996b1e0
Certificate serial: 018CC26D5E6F6163B9E397617A40C69A7C90
Authority key identifier: 28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/sBeShjxnDhxRTvOlViISQA5DsZI.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197639
IP address blocks: 91.223.204.0/24 maxlen: 24
2001:67c:620::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5e:6f:61:63:b9:e3:97:61:7a:40:c6:9a:7c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282e432ed88bec1ad1454449632814d43996b1e0
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b01792863c670e1c514ef3a5562212400e43b192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:52:c1:0b:05:bf:a2:c9:7b:c2:bc:c0:0c:5a:
2b:d8:e3:b3:35:1b:ac:ed:d6:44:4b:c2:f3:8e:28:
db:35:28:e7:7d:cb:99:f5:17:7d:4b:15:73:cd:c5:
6b:0a:1c:ec:53:02:ec:12:04:ea:a4:b3:18:c6:8c:
de:dd:df:3d:9c:a8:c8:96:19:8a:1d:a7:a9:d5:11:
3e:ac:e9:c5:0a:92:78:fb:49:ea:f1:73:ae:02:d3:
d9:88:03:ff:b7:00:e7:11:16:50:2a:4b:d0:e5:75:
79:33:1d:e7:47:ca:6a:87:d4:98:9e:cf:9f:b0:33:
3e:fa:00:69:8f:85:8f:75:be:cd:61:5c:8d:c6:90:
ee:70:c5:52:65:1e:57:0c:34:f6:2d:52:0d:72:9e:
d4:d3:08:05:05:11:79:f4:5d:6c:64:53:66:5f:6b:
68:6d:d7:e7:c4:a5:6e:ab:f7:2a:0d:fa:81:f4:ec:
95:c1:02:dd:48:bd:43:b9:f7:11:30:05:2d:14:55:
b6:7b:42:26:ae:11:4e:0c:ac:75:2b:7b:40:29:54:
fa:ed:3d:50:65:85:83:8b:30:6e:90:3a:2c:ca:0c:
28:c3:51:f7:28:2f:0d:ab:78:68:11:0d:9d:1d:eb:
f9:bf:d5:a0:27:00:7c:24:47:b1:ac:dd:b1:ac:84:
08:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:17:92:86:3C:67:0E:1C:51:4E:F3:A5:56:22:12:40:0E:43:B1:92
X509v3 Authority Key Identifier:
keyid:28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/sBeShjxnDhxRTvOlViISQA5DsZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.204.0/24
IPv6:
2001:67c:620::/48
Signature Algorithm: sha256WithRSAEncryption
5b:1b:44:c8:ad:a3:02:12:d2:8b:1f:d9:f7:c0:b9:f1:69:9f:
dd:28:d3:9b:43:43:df:34:39:31:12:5a:df:f6:7a:89:8c:c2:
90:8f:9a:aa:6a:19:02:7e:a0:fe:57:b4:61:f6:76:1b:91:8c:
f4:26:10:dc:ee:2d:bc:5b:77:f9:35:b6:0d:04:87:54:3a:c5:
81:e6:42:85:90:7f:d1:95:2b:6a:66:6f:c8:5e:1a:e8:78:ac:
9a:b1:e5:72:7b:01:63:a3:ad:27:ad:f6:9b:b8:5d:02:6e:60:
64:16:43:a7:91:8b:de:29:84:b8:17:15:c9:0f:bb:f2:86:2b:
68:df:f6:fc:df:6b:c4:09:7a:38:cd:27:ef:01:62:a3:aa:65:
4a:79:5a:6d:33:c8:6b:02:0e:61:cc:6b:b4:f7:7f:14:ee:46:
b2:ed:e2:ff:40:82:76:11:26:66:0e:bd:a5:a6:90:c3:a7:62:
be:41:6f:d4:26:57:0f:8d:02:23:47:6c:8b:5a:12:fb:00:45:
e6:9e:fe:1e:85:d8:83:1e:34:fa:c5:6f:e5:c9:dc:96:4d:ff:
c4:da:70:90:97:0f:25:2b:10:cf:5b:10:a5:8e:07:ed:eb:e5:
de:d3:07:7e:35:60:50:b1:90:02:bd:37:74:94:0b:fb:e4:36:
6d:7a:e1:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbV5vYWO545dhekDGmnyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmU0MzJlZDg4YmVjMWFkMTQ1NDQ0OTYzMjgxNGQ0Mzk5
NmIxZTAwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE3OTI4NjNjNjcwZTFjNTE0ZWYzYTU1NjIyMTI0MDBlNDNiMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVLBCwW/osl7wrzADFor2OOzNRus
7dZES8LzjijbNSjnfcuZ9Rd9SxVzzcVrChzsUwLsEgTqpLMYxoze3d89nKjIlhmK
Haep1RE+rOnFCpJ4+0nq8XOuAtPZiAP/twDnERZQKkvQ5XV5Mx3nR8pqh9SYns+f
sDM++gBpj4WPdb7NYVyNxpDucMVSZR5XDDT2LVINcp7U0wgFBRF59F1sZFNmX2to
bdfnxKVuq/cqDfqB9OyVwQLdSL1DufcRMAUtFFW2e0ImrhFODKx1K3tAKVT67T1Q
ZYWDizBukDosygwow1H3KC8Nq3hoEQ2dHev5v9WgJwB8JEexrN2xrIQI8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLAXkoY8Zw4cUU7zpVYiEkAOQ7GSMB8GA1UdIwQY
MBaAFCguQy7Yi+wa0UVESWMoFNQ5lrHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2Mt
ZmMwYWE3MmU4ZWFkLzEvc0JlU2hqeG5EaHhSVHZPbFZpSVNRQTVEc1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2MtZmMwYWE3MmU4ZWFk
LzEvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9/MMA8E
AgACMAkDBwAgAQZ8BiAwDQYJKoZIhvcNAQELBQADggEBAFsbRMitowIS0osf2ffA
ufFpn90o05tDQ980OTESWt/2eomMwpCPmqpqGQJ+oP5XtGH2dhuRjPQmENzuLbxb
d/k1tg0Eh1Q6xYHmQoWQf9GVK2pmb8heGuh4rJqx5XJ7AWOjrSet9pu4XQJuYGQW
Q6eRi94phLgXFckPu/KGK2jf9vzfa8QJejjNJ+8BYqOqZUp5Wm0zyGsCDmHMa7T3
fxTuRrLt4v9AgnYRJmYOvaWmkMOnYr5Bb9QmVw+NAiNHbItaEvsAReae/h6F2IMe
NPrFb+XJ3JZN/8TacJCXDyUrEM9bEKWOB+3r5d7TB341YFCxkAK9N3SUC/vkNm16
4Q0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:43 2025 by rpki-client