Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/kN8RYKLLmNfTF0OqAJgkhy933dc.roa
File: kN8RYKLLmNfTF0OqAJgkhy933dc.roa (raw, json)
Hash identifier: AzIgVVK0v93ERwGCaxJKTgYNJ0W8o+EaeeX5kEllRLA=
Subject key identifier: 90:DF:11:60:A2:CB:98:D7:D3:17:43:AA:00:98:24:87:2F:77:DD:D7
Certificate issuer: /CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Certificate serial: 019424B265693420BB8ED77D563817D68D2C
Authority key identifier: 62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/kN8RYKLLmNfTF0OqAJgkhy933dc.roa
Signing time: Thu 02 Jan 2025 01:47:38 +0000
ROA not before: Thu 02 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34918
IP address blocks: 91.239.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 18:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:65:69:34:20:bb:8e:d7:7d:56:38:17:d6:8d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Validity
Not Before: Jan 2 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90df1160a2cb98d7d31743aa009824872f77ddd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:08:76:99:bd:7f:64:fe:79:58:4b:7b:2e:21:
cb:e9:74:1b:b8:60:1c:b0:7a:d0:8d:97:40:a7:ca:
65:0e:26:02:ee:49:b0:b3:c1:95:d3:c1:18:5d:5d:
38:14:fa:9e:01:f5:3a:4c:41:e2:5d:59:d2:72:fe:
a2:26:98:3c:18:ec:b9:c3:f3:1a:5e:70:cc:c2:e7:
71:7e:e7:44:74:ea:fd:2d:d6:de:ca:21:b8:dd:fb:
b7:af:2a:c9:fd:6a:b0:ba:ed:7a:65:ef:0d:31:eb:
b2:00:89:32:1a:5f:18:7b:45:b4:9c:17:f3:c4:a3:
d7:a9:d8:b7:e8:fc:26:7a:7c:b9:c9:a1:c1:bd:d7:
14:38:d2:0c:73:06:c2:b2:51:25:e9:8f:9d:27:29:
49:a2:07:a2:ff:23:ce:16:26:27:a9:00:bf:fe:a6:
ff:d8:c5:7d:65:e9:a6:82:16:9e:56:03:26:be:18:
06:c0:95:97:54:ba:91:1a:8b:3e:81:c1:66:8e:4a:
50:80:29:3f:2a:29:96:d3:c5:f1:9f:73:24:2e:b1:
c6:2f:ad:49:db:17:4a:84:46:29:e3:6c:c5:0d:53:
f5:04:60:c0:d0:05:5f:a9:17:0f:31:85:39:71:52:
29:a6:02:84:6a:7c:ca:9c:18:a7:75:4e:a9:21:d6:
77:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DF:11:60:A2:CB:98:D7:D3:17:43:AA:00:98:24:87:2F:77:DD:D7
X509v3 Authority Key Identifier:
keyid:62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/kN8RYKLLmNfTF0OqAJgkhy933dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.189.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:46:bf:64:55:80:ca:2d:bb:d1:9f:0d:0e:ba:62:c5:7a:60:
05:e9:8a:dd:93:23:74:7c:5c:b5:a5:0c:a2:c5:1f:60:fb:ce:
29:22:06:b0:b2:2d:4b:2f:2c:1c:f2:08:dd:3b:c6:92:b8:ad:
72:c3:b0:16:c8:4e:a9:9c:a5:71:c8:8e:b3:3c:71:6b:7d:c3:
6c:a1:25:ed:55:cc:fb:d8:3f:56:c0:47:34:14:da:44:c6:65:
0d:3e:95:d5:63:83:02:a8:eb:4c:96:8f:f0:a8:d4:62:45:44:
cd:34:e9:ec:c8:a8:ff:6e:59:94:4a:50:3d:83:df:0e:9b:be:
f9:cc:a5:aa:91:da:ec:ad:4a:12:b0:cd:24:95:47:38:66:5e:
18:6a:79:ef:7c:3f:94:71:a8:01:d5:d5:82:52:5d:18:e8:0f:
fd:2d:e0:aa:f8:8d:1e:fb:65:6f:23:f0:75:16:e4:d9:ad:a2:
83:fd:9d:0b:2f:52:fa:45:d2:55:cb:c6:29:b1:83:29:fa:c2:
fe:78:ae:19:01:21:ae:21:7d:ef:c2:86:b2:d4:92:8f:ee:12:
6d:67:a8:11:2a:a7:f4:c4:ce:e1:d3:52:9b:9e:7b:7e:7e:83:
f2:14:0b:ab:f8:8a:5b:32:49:48:67:da:4a:d8:f1:13:bd:2d:
a4:dd:ce:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksmVpNCC7jtd9VjgX1o0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVhYTU3YzY3YWViNWJhZmQ5OTc5M2FiNDg0Njg1MGE3
OTZjMjgwHhcNMjUwMTAyMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGRmMTE2MGEyY2I5OGQ3ZDMxNzQzYWEwMDk4MjQ4NzJmNzdkZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQh2mb1/ZP55WEt7LiHL6XQbuGAc
sHrQjZdAp8plDiYC7kmws8GV08EYXV04FPqeAfU6TEHiXVnScv6iJpg8GOy5w/Ma
XnDMwudxfudEdOr9LdbeyiG43fu3ryrJ/Wqwuu16Ze8NMeuyAIkyGl8Ye0W0nBfz
xKPXqdi36Pwmeny5yaHBvdcUONIMcwbCslEl6Y+dJylJogei/yPOFiYnqQC//qb/
2MV9ZemmghaeVgMmvhgGwJWXVLqRGos+gcFmjkpQgCk/KimW08Xxn3MkLrHGL61J
2xdKhEYp42zFDVP1BGDA0AVfqRcPMYU5cVIppgKEanzKnBindU6pIdZ33wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDfEWCiy5jX0xdDqgCYJIcvd93XMB8GA1UdIwQY
MBaAFGK+qlfGeutbr9mXk6tIRoUKeWwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUt
OTg4MGYwNGRiOTRhLzEva044UllLTExtTmZURjBPcUFKZ2toeTkzM2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUtOTg4MGYwNGRiOTRh
LzEvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW++9MA0G
CSqGSIb3DQEBCwUAA4IBAQB+Rr9kVYDKLbvRnw0OumLFemAF6YrdkyN0fFy1pQyi
xR9g+84pIgawsi1LLywc8gjdO8aSuK1yw7AWyE6pnKVxyI6zPHFrfcNsoSXtVcz7
2D9WwEc0FNpExmUNPpXVY4MCqOtMlo/wqNRiRUTNNOnsyKj/blmUSlA9g98Om775
zKWqkdrsrUoSsM0klUc4Zl4YannvfD+UcagB1dWCUl0Y6A/9LeCq+I0e+2VvI/B1
FuTZraKD/Z0LL1L6RdJVy8YpsYMp+sL+eK4ZASGuIX3vwoay1JKP7hJtZ6gRKqf0
xM7h01Kbnnt+foPyFAur+IpbMklIZ9pK2PETvS2k3c59
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:03:43 2025 by rpki-client