Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/KIYZkezN5QmHMnhmK_JP-irILEE.roa
File: KIYZkezN5QmHMnhmK_JP-irILEE.roa (raw, json)
Hash identifier: DZxs93pbS8FD6OADkWv5qf6J6aX+C71R6ZavibEMpVs=
Subject key identifier: 28:86:19:91:EC:CD:E5:09:87:32:78:66:2B:F2:4F:FA:2A:C8:2C:41
Certificate issuer: /CN=9bae428ee8cd4604c1fbc141278ef0d75376282a
Certificate serial: 01946A61DF76FE90990D75FAFB18BF8E6050
Authority key identifier: 9B:AE:42:8E:E8:CD:46:04:C1:FB:C1:41:27:8E:F0:D7:53:76:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m65CjujNRgTB-8FBJ47w11N2KCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/KIYZkezN5QmHMnhmK_JP-irILEE.roa
Signing time: Wed 15 Jan 2025 14:33:06 +0000
ROA not before: Wed 15 Jan 2025 14:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61213
IP address blocks: 91.123.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:61:df:76:fe:90:99:0d:75:fa:fb:18:bf:8e:60:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bae428ee8cd4604c1fbc141278ef0d75376282a
Validity
Not Before: Jan 15 14:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28861991eccde509873278662bf24ffa2ac82c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:a8:86:c5:e9:f5:14:c0:df:c0:42:57:88:
97:d6:60:a6:c4:f6:3f:2e:80:5a:03:da:81:34:98:
72:61:2d:51:0a:ae:ff:2c:b6:60:b4:ef:03:83:c0:
eb:4c:75:bf:25:44:67:36:57:7a:64:41:58:03:15:
fb:6e:94:05:88:b2:65:9d:ce:b6:c3:1d:20:6b:d5:
9d:3d:da:d5:4f:b0:15:49:1a:c6:1f:75:a1:3e:e8:
d2:b3:55:57:9b:2c:b9:de:1f:bf:ae:5d:3a:50:0f:
50:be:67:85:c3:a7:ac:84:1c:07:26:07:aa:1a:bc:
07:31:5d:11:1b:fe:87:d4:7b:b1:9c:45:01:ce:8b:
90:f2:88:3b:be:15:f5:91:15:f5:3b:52:f3:10:04:
8d:4c:c7:ef:87:ec:08:49:8f:ce:d6:ec:2a:53:32:
0e:b4:5a:ee:81:e5:2b:bf:4f:29:0f:82:6a:db:0c:
f0:ee:ef:50:4f:cd:ee:f7:ae:8a:fa:3f:71:98:89:
eb:a9:79:05:44:41:e6:6d:44:70:b6:42:91:0d:ea:
9a:ba:04:66:86:98:8f:a7:8e:2a:e6:7a:b0:ca:69:
51:25:02:78:2b:4d:03:d0:d5:05:a7:30:1e:38:a8:
f3:dd:e5:e2:5b:4a:eb:ae:80:52:8b:03:98:fc:04:
28:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:86:19:91:EC:CD:E5:09:87:32:78:66:2B:F2:4F:FA:2A:C8:2C:41
X509v3 Authority Key Identifier:
keyid:9B:AE:42:8E:E8:CD:46:04:C1:FB:C1:41:27:8E:F0:D7:53:76:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m65CjujNRgTB-8FBJ47w11N2KCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/KIYZkezN5QmHMnhmK_JP-irILEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/00f5b4-dfd9-4eb2-afdb-138ed591efaa/1/m65CjujNRgTB-8FBJ47w11N2KCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.48.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:a1:09:55:f1:b5:e2:19:b3:1f:70:d9:db:0c:40:7b:19:c9:
8a:b1:16:6a:55:3f:77:08:19:a3:3b:a2:c5:39:5d:a6:34:87:
95:78:54:49:1f:87:a7:c5:ae:18:8a:a5:a8:1d:f3:bb:95:74:
07:10:df:3a:9b:07:88:6a:f2:a4:fe:0a:34:90:a2:38:24:18:
cb:7f:7b:ca:d4:08:d6:40:4d:e3:58:59:e4:07:b2:0d:91:eb:
b3:5e:99:fb:59:c7:dc:4d:bd:81:b7:72:a4:38:84:cc:70:50:
99:ec:73:b7:b9:62:17:7a:0c:33:3c:94:8a:33:d8:84:65:dd:
fc:58:40:e8:e3:b3:95:3e:9d:aa:e7:24:9c:2d:68:0d:57:12:
e0:19:79:40:0c:a4:bf:1a:7b:c1:55:41:d7:ac:fa:cc:b5:96:
66:bd:52:27:ef:45:92:2a:50:25:da:9c:07:3b:d4:13:32:39:
4d:ff:17:3f:e0:77:f4:2c:ab:5e:55:fb:25:7c:c6:65:ea:a5:
cf:af:f2:42:c2:e3:6b:0a:d5:b2:f2:2d:c5:11:d6:46:7a:80:
c4:29:c9:45:65:7f:a3:db:d1:18:85:a4:11:6a:5f:f1:bc:fe:
0e:87:96:8c:32:ea:27:f1:88:56:bd:02:4c:fd:81:7f:ba:8a:
e0:4c:ef:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRqYd92/pCZDXX6+xi/jmBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYWU0MjhlZThjZDQ2MDRjMWZiYzE0MTI3OGVmMGQ3NTM3
NjI4MmEwHhcNMjUwMTE1MTQzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg2MTk5MWVjY2RlNTA5ODczMjc4NjYyYmYyNGZmYTJhYzgyYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2yohsXp9RTA38BCV4iX1mCmxPY/
LoBaA9qBNJhyYS1RCq7/LLZgtO8Dg8DrTHW/JURnNld6ZEFYAxX7bpQFiLJlnc62
wx0ga9WdPdrVT7AVSRrGH3WhPujSs1VXmyy53h+/rl06UA9QvmeFw6eshBwHJgeq
GrwHMV0RG/6H1HuxnEUBzouQ8og7vhX1kRX1O1LzEASNTMfvh+wISY/O1uwqUzIO
tFrugeUrv08pD4Jq2wzw7u9QT83u966K+j9xmInrqXkFREHmbURwtkKRDeqaugRm
hpiPp44q5nqwymlRJQJ4K00D0NUFpzAeOKjz3eXiW0rrroBSiwOY/AQoYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiGGZHszeUJhzJ4ZivyT/oqyCxBMB8GA1UdIwQY
MBaAFJuuQo7ozUYEwfvBQSeO8NdTdigqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTY1Q2p1ak5SZ1RCLThGQko0N3cxMU4yS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8wMGY1YjQtZGZkOS00ZWIyLWFmZGIt
MTM4ZWQ1OTFlZmFhLzEvS0lZWmtlek41UW1ITW5obUtfSlAtaXJJTEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8wMGY1YjQtZGZkOS00ZWIyLWFmZGItMTM4ZWQ1OTFlZmFh
LzEvbTY1Q2p1ak5SZ1RCLThGQko0N3cxMU4yS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEW3swMA0G
CSqGSIb3DQEBCwUAA4IBAQCPoQlV8bXiGbMfcNnbDEB7GcmKsRZqVT93CBmjO6LF
OV2mNIeVeFRJH4enxa4YiqWoHfO7lXQHEN86mweIavKk/go0kKI4JBjLf3vK1AjW
QE3jWFnkB7INkeuzXpn7WcfcTb2Bt3KkOITMcFCZ7HO3uWIXegwzPJSKM9iEZd38
WEDo47OVPp2q5yScLWgNVxLgGXlADKS/GnvBVUHXrPrMtZZmvVIn70WSKlAl2pwH
O9QTMjlN/xc/4Hf0LKteVfslfMZl6qXPr/JCwuNrCtWy8i3FEdZGeoDEKclFZX+j
29EYhaQRal/xvP4Oh5aMMuon8YhWvQJM/YF/uorgTO9u
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:56 2025 by rpki-client