Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/Jx5Iq1NqrQ22Px26jC41rReDmfs.roa
File: Jx5Iq1NqrQ22Px26jC41rReDmfs.roa (raw, json)
Hash identifier: Xvst1jFiqqpPMtZ8rxM51yatT4RC+z87EnIxcczfucA=
Subject key identifier: 27:1E:48:AB:53:6A:AD:0D:B6:3F:1D:BA:8C:2E:35:AD:17:83:99:FB
Certificate issuer: /CN=8e6d75b4e4986faccb614b334e45d5e039352a9c
Certificate serial: 018CC8015902E8E8FE9E2B680E81B5390075
Authority key identifier: 8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/Jx5Iq1NqrQ22Px26jC41rReDmfs.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20691
IP address blocks: 91.209.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:59:02:e8:e8:fe:9e:2b:68:0e:81:b5:39:00:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e6d75b4e4986faccb614b334e45d5e039352a9c
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=271e48ab536aad0db63f1dba8c2e35ad178399fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:70:c5:2c:ba:f1:f9:3a:28:7e:f3:2c:0c:fd:
23:a7:9e:ec:9f:3f:79:89:5a:99:48:82:5b:6c:3e:
57:f2:68:86:99:17:19:49:88:58:f9:ab:92:79:4f:
9b:f3:83:d5:14:c4:da:11:46:3c:81:81:6a:9e:93:
2e:c7:f6:06:a7:fe:46:5a:3b:53:68:11:48:51:af:
02:6f:fc:ce:d1:8d:28:1a:35:ab:c8:66:89:8a:f0:
42:40:54:05:38:17:4b:93:9a:5f:9e:24:df:39:75:
df:5d:e5:6d:a3:a8:5c:59:c4:df:aa:d4:a1:bd:a0:
32:88:e2:6f:10:20:78:ec:e8:23:1a:5b:7c:96:99:
23:9c:57:98:67:ee:af:64:90:8e:80:57:5d:de:27:
70:b2:75:ad:c8:65:9e:65:2b:6f:08:93:10:8b:de:
7e:c0:4f:75:82:7a:c3:43:ae:31:a8:8c:74:27:23:
5f:d6:fb:56:20:53:28:ed:d6:f7:aa:7b:5f:91:2f:
fd:f2:a6:94:f4:9a:58:87:5f:9b:e3:5a:f2:89:75:
1a:f8:5f:ee:9b:c6:54:d9:f6:1d:b4:08:e0:9a:9c:
ec:0f:e7:f1:a3:76:da:03:63:82:d9:20:50:cb:29:
12:6a:5d:67:2b:21:d2:da:4e:72:c4:2a:a3:3b:13:
44:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1E:48:AB:53:6A:AD:0D:B6:3F:1D:BA:8C:2E:35:AD:17:83:99:FB
X509v3 Authority Key Identifier:
keyid:8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/Jx5Iq1NqrQ22Px26jC41rReDmfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/jm11tOSYb6zLYUszTkXV4Dk1Kpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.188.0/24
Signature Algorithm: sha256WithRSAEncryption
85:0a:bd:8c:41:f5:f9:24:83:fe:65:b9:dd:03:ca:6e:76:a5:
56:8b:75:8a:3f:63:e1:56:d6:e4:c7:21:16:4a:c1:ee:ee:88:
8b:e1:7d:42:4d:a6:f7:fd:f5:36:95:15:2d:a3:ed:88:1f:76:
6a:7a:b9:19:3f:53:91:a9:1a:f9:1a:a4:20:ce:f9:5c:2f:86:
f7:b9:75:f8:c0:f7:1f:66:b3:77:a9:4a:c2:7d:ed:af:c2:47:
ec:6d:5e:3c:42:99:80:67:8d:ab:fb:30:a4:5c:f6:c3:c4:cb:
f5:50:bb:65:13:5d:5c:52:5f:72:73:da:30:91:27:01:dd:84:
23:49:88:57:fe:a6:c4:c1:79:54:52:c8:3f:76:b3:8a:d7:ed:
c5:1a:ef:54:23:9d:bd:bd:16:80:77:5d:54:0d:d3:c0:1b:cf:
7f:5a:02:10:43:c9:e6:80:e4:e6:43:ce:ee:8b:bb:6a:1f:24:
03:da:c8:16:35:57:56:09:b2:30:30:3c:56:81:12:1b:2e:63:
85:37:88:52:f9:a0:f9:a9:50:60:02:f0:84:c1:b2:9a:73:3e:
b9:44:ef:ca:f2:69:3e:3a:a4:74:8b:36:6c:6e:80:b8:97:a0:
d2:8c:5c:8e:01:de:24:99:ca:fe:84:d8:f1:5a:a0:a6:09:a9:
eb:57:79:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAVkC6Oj+nitoDoG1OQB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNmQ3NWI0ZTQ5ODZmYWNjYjYxNGIzMzRlNDVkNWUwMzkz
NTJhOWMwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzFlNDhhYjUzNmFhZDBkYjYzZjFkYmE4YzJlMzVhZDE3ODM5OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXDFLLrx+ToofvMsDP0jp57snz95
iVqZSIJbbD5X8miGmRcZSYhY+auSeU+b84PVFMTaEUY8gYFqnpMux/YGp/5GWjtT
aBFIUa8Cb/zO0Y0oGjWryGaJivBCQFQFOBdLk5pfniTfOXXfXeVto6hcWcTfqtSh
vaAyiOJvECB47OgjGlt8lpkjnFeYZ+6vZJCOgFdd3idwsnWtyGWeZStvCJMQi95+
wE91gnrDQ64xqIx0JyNf1vtWIFMo7db3qntfkS/98qaU9JpYh1+b41ryiXUa+F/u
m8ZU2fYdtAjgmpzsD+fxo3baA2OC2SBQyykSal1nKyHS2k5yxCqjOxNEHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCceSKtTaq0Ntj8duowuNa0Xg5n7MB8GA1UdIwQY
MBaAFI5tdbTkmG+sy2FLM05F1eA5NSqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam0xMXRPU1liNnpMWVVzelRrWFY0RGsxS3B3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9hY2E5OTQtZjNjMC00NWE0LWE2NDIt
NmQ3NjAyZDI0YzgzLzEvSng1SXExTnFyUTIyUHgyNmpDNDFyUmVEbWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9hY2E5OTQtZjNjMC00NWE0LWE2NDItNmQ3NjAyZDI0Yzgz
LzEvam0xMXRPU1liNnpMWVVzelRrWFY0RGsxS3B3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9G8MA0G
CSqGSIb3DQEBCwUAA4IBAQCFCr2MQfX5JIP+ZbndA8pudqVWi3WKP2PhVtbkxyEW
SsHu7oiL4X1CTab3/fU2lRUto+2IH3ZqerkZP1ORqRr5GqQgzvlcL4b3uXX4wPcf
ZrN3qUrCfe2vwkfsbV48QpmAZ42r+zCkXPbDxMv1ULtlE11cUl9yc9owkScB3YQj
SYhX/qbEwXlUUsg/drOK1+3FGu9UI529vRaAd11UDdPAG89/WgIQQ8nmgOTmQ87u
i7tqHyQD2sgWNVdWCbIwMDxWgRIbLmOFN4hS+aD5qVBgAvCEwbKacz65RO/K8mk+
OqR0izZsboC4l6DSjFyOAd4kmcr+hNjxWqCmCanrV3na
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:52 2025 by rpki-client