Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b5C2TL8YPm4s0_jwE58Lef7m3R4.roa
File: b5C2TL8YPm4s0_jwE58Lef7m3R4.roa (raw, json)
Hash identifier: MOZKaSAn4TtZR02XTqkLJOz+Gi9BJjS63wYRq+Zhfzo=
Subject key identifier: 6F:90:B6:4C:BF:18:3E:6E:2C:D3:F8:F0:13:9F:0B:79:FE:E6:DD:1E
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01924305D5AEE5BEA95E3F11CF7855FDA3BB
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b5C2TL8YPm4s0_jwE58Lef7m3R4.roa
Signing time: Mon 30 Sep 2024 13:01:48 +0000
ROA not before: Mon 30 Sep 2024 13:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203464
IP address blocks: 91.223.117.0/24 maxlen: 24
91.231.227.0/24 maxlen: 24
91.232.55.0/24 maxlen: 24
91.233.201.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 13:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:05:d5:ae:e5:be:a9:5e:3f:11:cf:78:55:fd:a3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 30 13:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f90b64cbf183e6e2cd3f8f0139f0b79fee6dd1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:49:0a:ee:b4:77:22:ae:15:90:c5:f6:16:36:
45:b2:0d:e0:9d:70:bc:66:a8:05:c3:d2:ec:ff:29:
33:b5:ff:58:48:07:47:ee:5a:4d:c9:6a:f1:4e:e3:
0e:9d:7e:0b:e3:bc:9e:f8:98:ac:5a:25:64:0b:ef:
ac:ce:44:a0:13:d0:9c:9f:6c:b9:95:ef:8b:34:77:
c3:20:c3:4c:83:1a:0c:47:a3:00:a1:78:cf:a2:9d:
49:2b:c1:f1:f9:20:30:9a:2e:9a:7d:73:c8:c4:90:
dc:9f:6b:d2:e8:85:2c:26:b3:0c:a8:b6:65:60:23:
d0:05:c7:35:48:a4:9a:57:1f:40:49:44:9b:e7:4b:
2a:77:4e:a5:1d:85:43:5f:a7:bc:7a:e5:73:ce:b1:
79:ca:b4:1f:55:6f:10:8f:73:b3:d2:96:d1:be:9e:
81:63:46:0c:d6:66:2a:0f:78:e7:1c:30:b1:e7:df:
00:a4:54:ea:70:44:46:4a:32:46:0c:66:1f:6b:fe:
34:39:0d:ca:1e:46:77:96:6c:77:47:fa:a2:47:d1:
40:c0:6f:00:a0:00:6e:82:a8:2b:86:73:3b:43:e5:
d3:8a:4d:9a:6e:20:09:12:cd:17:a2:8b:91:0e:2f:
25:ee:61:54:69:3a:cb:86:fa:92:e7:e0:6c:22:bc:
d9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:90:B6:4C:BF:18:3E:6E:2C:D3:F8:F0:13:9F:0B:79:FE:E6:DD:1E
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/b5C2TL8YPm4s0_jwE58Lef7m3R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.117.0/24
91.231.227.0/24
91.232.55.0/24
91.233.201.0/24
91.237.193.0/24
91.238.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:da:e5:f0:19:08:53:da:dc:17:a9:2d:8b:7e:1c:5b:fa:85:
e2:4c:e0:1b:84:ff:84:62:4a:33:51:50:85:43:c2:21:6f:b6:
70:84:38:04:e9:d5:b5:35:b7:73:30:04:b0:5f:7a:be:de:96:
d4:79:04:e1:5b:61:a5:3e:d2:01:c4:1b:b9:47:c4:17:3b:8b:
05:a5:31:04:37:8a:d6:e9:08:38:8c:8d:48:3d:fe:4a:2c:61:
f3:39:74:d2:1e:6a:7c:51:6a:98:cd:6e:d3:49:4a:f0:7b:59:
40:b2:e6:bc:72:01:0a:f0:ac:ee:7e:bb:c7:dd:f8:b4:f3:86:
42:e4:12:d7:c7:28:ce:04:2c:39:05:10:60:b1:b4:cb:2b:ec:
94:c5:e6:ec:75:b9:c8:71:78:52:9a:2f:ca:f3:fd:0f:1f:03:
5a:5e:82:e7:58:25:d2:b2:51:ad:98:a5:66:58:df:ea:f4:b6:
f5:42:ba:6f:28:30:a4:a4:9e:5e:95:92:5c:f4:95:86:47:9d:
f3:0e:8d:42:37:88:95:77:8a:2e:d9:37:69:27:9b:24:a1:0a:
65:e1:4d:7a:e9:40:29:fb:e7:06:a6:77:36:4c:cf:b4:ae:03:
72:ef:09:c8:77:65:5f:57:db:4f:3e:ce:96:da:fc:b5:b1:94:
30:12:37:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJDBdWu5b6pXj8Rz3hV/aO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTMwMTMwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkwYjY0Y2JmMTgzZTZlMmNkM2Y4ZjAxMzlmMGI3OWZlZTZkZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEkK7rR3Iq4VkMX2FjZFsg3gnXC8
ZqgFw9Ls/ykztf9YSAdH7lpNyWrxTuMOnX4L47ye+JisWiVkC++szkSgE9Ccn2y5
le+LNHfDIMNMgxoMR6MAoXjPop1JK8Hx+SAwmi6afXPIxJDcn2vS6IUsJrMMqLZl
YCPQBcc1SKSaVx9ASUSb50sqd06lHYVDX6e8euVzzrF5yrQfVW8Qj3Oz0pbRvp6B
Y0YM1mYqD3jnHDCx598ApFTqcERGSjJGDGYfa/40OQ3KHkZ3lmx3R/qiR9FAwG8A
oABugqgrhnM7Q+XTik2abiAJEs0XoouRDi8l7mFUaTrLhvqS5+BsIrzZoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG+Qtky/GD5uLNP48BOfC3n+5t0eMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYjVDMlRMOFlQbTRzMF9qd0U1OExlZjdtM1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW991AwQA
W+fjAwQAW+g3AwQAW+nJAwQAW+3BAwQAW+4mMA0GCSqGSIb3DQEBCwUAA4IBAQA/
2uXwGQhT2twXqS2Lfhxb+oXiTOAbhP+EYkozUVCFQ8Ihb7ZwhDgE6dW1NbdzMASw
X3q+3pbUeQThW2GlPtIBxBu5R8QXO4sFpTEEN4rW6Qg4jI1IPf5KLGHzOXTSHmp8
UWqYzW7TSUrwe1lAsua8cgEK8KzufrvH3fi084ZC5BLXxyjOBCw5BRBgsbTLK+yU
xebsdbnIcXhSmi/K8/0PHwNaXoLnWCXSslGtmKVmWN/q9Lb1QrpvKDCkpJ5elZJc
9JWGR53zDo1CN4iVd4ou2TdpJ5skoQpl4U166UAp++cGpnc2TM+0rgNy7wnId2Vf
V9tPPs6W2vy1sZQwEjfx
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:12:05 2025 by rpki-client