Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/FyjX8IotBSY3C9yiFC8YInQwevI.roa
File: FyjX8IotBSY3C9yiFC8YInQwevI.roa (raw, json)
Hash identifier: CwyWxJnG1tdd/Pzl4RW6reKdipfJpZ7+JMzZIfmA4u8=
Subject key identifier: 17:28:D7:F0:8A:2D:05:26:37:0B:DC:A2:14:2F:18:22:74:30:7A:F2
Certificate issuer: /CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Certificate serial: 019424B2675C72D108BD8DAD62F59B42B209
Authority key identifier: 62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/FyjX8IotBSY3C9yiFC8YInQwevI.roa
Signing time: Thu 02 Jan 2025 01:47:39 +0000
ROA not before: Thu 02 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 91.239.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 18:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:67:5c:72:d1:08:bd:8d:ad:62:f5:9b:42:b2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Validity
Not Before: Jan 2 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1728d7f08a2d0526370bdca2142f182274307af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3c:98:a4:67:eb:89:9b:65:9e:36:e0:56:44:
88:7d:d9:f8:d2:76:ab:65:25:18:98:09:56:ce:23:
8f:71:d0:5d:77:66:20:bb:96:93:af:cb:da:d2:d1:
e5:36:97:06:11:e5:e9:59:c0:d8:f4:2b:2c:cf:a1:
3d:1c:7e:4e:6a:eb:fc:22:57:17:e9:fa:e8:0a:ba:
6f:4f:a8:b3:2a:f0:2e:67:d1:cc:b2:36:8b:4e:fe:
fa:64:da:c7:a8:02:43:f3:1a:82:db:d6:7a:4c:d7:
39:6c:c1:62:16:69:9c:7b:5f:6d:20:d4:b9:2d:c7:
d1:49:66:0f:cd:28:b0:b9:1b:85:ed:2c:c2:9f:f6:
e1:2a:18:de:f6:6c:26:d7:79:a4:61:84:e7:16:a4:
25:a1:2b:c0:a8:4f:1a:88:f1:18:82:4b:89:1b:d4:
96:03:3d:ee:35:7b:5f:ce:a0:24:47:b5:89:21:92:
71:87:06:e3:db:8c:6d:c6:40:d2:67:f0:5e:98:e3:
45:6d:8b:d2:6c:c2:51:63:43:b2:e1:e9:4c:90:cc:
c8:56:2e:e8:f8:a5:ca:4e:5f:d1:8e:02:a0:76:08:
1c:28:8f:ae:f6:e3:44:3d:17:0a:b1:8a:6a:a7:e0:
59:88:b4:d5:d5:27:e9:a3:56:b2:77:d9:3a:15:93:
90:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:28:D7:F0:8A:2D:05:26:37:0B:DC:A2:14:2F:18:22:74:30:7A:F2
X509v3 Authority Key Identifier:
keyid:62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/FyjX8IotBSY3C9yiFC8YInQwevI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:65:a3:4d:7b:4e:7d:fa:df:1a:cb:18:90:13:58:25:cf:de:
4a:09:03:b1:30:2f:a5:3b:fa:44:c8:94:92:b5:d2:99:35:bc:
e6:68:19:f6:85:13:b4:24:d4:e7:0c:33:a2:61:9e:71:50:b0:
01:d7:92:60:d9:c6:fc:cd:84:68:64:f7:08:b1:23:0d:f4:e5:
d9:65:1d:75:5d:68:38:90:4c:27:00:00:1d:bf:d7:6a:14:82:
b0:d2:27:ad:7c:eb:ee:62:05:46:de:06:1b:f8:b3:15:57:7e:
71:aa:f2:fd:7b:62:0a:fd:7e:d2:3e:b3:d7:32:74:34:24:57:
03:7d:18:88:eb:d9:e6:b0:0f:3e:ae:9f:36:f9:4f:78:c8:dc:
c9:f7:2c:c9:17:9b:7b:34:84:bb:af:5d:88:f3:08:d4:34:98:
06:2a:80:6d:3c:bd:5c:b7:c4:eb:74:c8:01:3c:04:a7:e0:11:
b5:c3:f0:b7:53:85:6d:36:23:dc:fa:23:f7:89:02:c3:7d:3b:
11:52:f0:6e:a5:99:62:97:4a:ff:19:b3:03:55:5e:fe:3e:a9:
a6:03:7e:07:c2:74:4d:b9:62:f4:b4:6a:c4:45:64:1f:e6:bd:
14:6a:f0:b5:39:98:31:cc:b2:42:18:e9:2a:ee:44:cc:94:b1:
4d:9f:17:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksmdcctEIvY2tYvWbQrIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVhYTU3YzY3YWViNWJhZmQ5OTc5M2FiNDg0Njg1MGE3
OTZjMjgwHhcNMjUwMTAyMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzI4ZDdmMDhhMmQwNTI2MzcwYmRjYTIxNDJmMTgyMjc0MzA3YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTyYpGfriZtlnjbgVkSIfdn40nar
ZSUYmAlWziOPcdBdd2Ygu5aTr8va0tHlNpcGEeXpWcDY9Cssz6E9HH5Oauv8IlcX
6froCrpvT6izKvAuZ9HMsjaLTv76ZNrHqAJD8xqC29Z6TNc5bMFiFmmce19tINS5
LcfRSWYPzSiwuRuF7SzCn/bhKhje9mwm13mkYYTnFqQloSvAqE8aiPEYgkuJG9SW
Az3uNXtfzqAkR7WJIZJxhwbj24xtxkDSZ/BemONFbYvSbMJRY0Oy4elMkMzIVi7o
+KXKTl/RjgKgdggcKI+u9uNEPRcKsYpqp+BZiLTV1Sfpo1ayd9k6FZOQXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBco1/CKLQUmNwvcohQvGCJ0MHryMB8GA1UdIwQY
MBaAFGK+qlfGeutbr9mXk6tIRoUKeWwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUt
OTg4MGYwNGRiOTRhLzEvRnlqWDhJb3RCU1kzQzl5aUZDOFlJblF3ZXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUtOTg4MGYwNGRiOTRh
LzEvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW++9MA0G
CSqGSIb3DQEBCwUAA4IBAQBcZaNNe059+t8ayxiQE1glz95KCQOxMC+lO/pEyJSS
tdKZNbzmaBn2hRO0JNTnDDOiYZ5xULAB15Jg2cb8zYRoZPcIsSMN9OXZZR11XWg4
kEwnAAAdv9dqFIKw0ietfOvuYgVG3gYb+LMVV35xqvL9e2IK/X7SPrPXMnQ0JFcD
fRiI69nmsA8+rp82+U94yNzJ9yzJF5t7NIS7r12I8wjUNJgGKoBtPL1ct8TrdMgB
PASn4BG1w/C3U4VtNiPc+iP3iQLDfTsRUvBupZlil0r/GbMDVV7+PqmmA34HwnRN
uWL0tGrERWQf5r0UavC1OZgxzLJCGOkq7kTMlLFNnxcx
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:21:00 2025 by rpki-client