Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f9158-6a90-4e57-a28f-3e06a0182614/1/bk663bRUFk1KcLV3e_GtXQYBRfE.roa
File: bk663bRUFk1KcLV3e_GtXQYBRfE.roa (raw, json)
Hash identifier: r9OJjQ/um3eWF2lTrOSdW9Eu1wW5EIvuhY/pGXrck4g=
Subject key identifier: 6E:4E:BA:DD:B4:54:16:4D:4A:70:B5:77:7B:F1:AD:5D:06:01:45:F1
Certificate issuer: /CN=a1dc0630e96096de4822d1f51ef80c6fff54191b
Certificate serial: 019447EA36367CF21A227DAB5C3673AEEFCA
Authority key identifier: A1:DC:06:30:E9:60:96:DE:48:22:D1:F5:1E:F8:0C:6F:FF:54:19:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odwGMOlglt5IItH1HvgMb_9UGRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3f9158-6a90-4e57-a28f-3e06a0182614/1/bk663bRUFk1KcLV3e_GtXQYBRfE.roa
Signing time: Wed 08 Jan 2025 21:55:19 +0000
ROA not before: Wed 08 Jan 2025 21:55:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.227.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 22:59:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:ea:36:36:7c:f2:1a:22:7d:ab:5c:36:73:ae:ef:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1dc0630e96096de4822d1f51ef80c6fff54191b
Validity
Not Before: Jan 8 21:55:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e4ebaddb454164d4a70b5777bf1ad5d060145f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:6a:cc:68:0e:c3:75:28:74:19:d1:9f:b7:
d2:d5:4a:81:92:fb:75:bb:57:99:8c:6b:1b:ad:c2:
19:1f:54:f0:c7:24:df:fc:57:90:49:31:54:8f:34:
73:12:f3:e4:bf:4d:86:ac:3b:c4:e9:b4:bf:6e:45:
b9:53:d1:e7:c0:96:9d:75:8a:77:df:24:48:e7:c1:
83:c8:32:f0:e3:17:89:6f:ed:f3:1b:ee:a3:30:43:
36:d5:c6:14:64:f4:6a:b3:92:cd:f9:1d:f8:eb:87:
1a:98:b5:a5:3e:cc:09:94:9d:a4:87:8d:cf:aa:a0:
31:86:ff:fa:d3:85:f7:b0:a7:0c:2f:22:16:95:75:
e8:d2:05:ef:1d:3c:09:3c:34:0a:37:a5:fb:f4:09:
01:06:57:ea:88:3f:49:94:1b:32:3f:e6:c0:c3:cd:
73:fe:48:6b:67:2b:e9:f4:16:9f:5a:dd:f9:bb:f7:
e7:aa:9e:5f:40:12:61:5d:9c:ed:45:64:22:77:76:
25:09:bc:dc:52:74:ed:07:4b:4d:df:c9:97:50:4a:
d8:06:b6:16:c5:69:5c:1d:65:af:71:49:8b:fe:47:
9f:8d:bf:47:fb:fa:a0:62:83:fc:47:14:60:59:55:
2c:9b:8d:68:77:4d:03:e3:78:ae:bc:e7:c2:d7:e0:
4d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4E:BA:DD:B4:54:16:4D:4A:70:B5:77:7B:F1:AD:5D:06:01:45:F1
X509v3 Authority Key Identifier:
keyid:A1:DC:06:30:E9:60:96:DE:48:22:D1:F5:1E:F8:0C:6F:FF:54:19:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odwGMOlglt5IItH1HvgMb_9UGRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f9158-6a90-4e57-a28f-3e06a0182614/1/bk663bRUFk1KcLV3e_GtXQYBRfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f9158-6a90-4e57-a28f-3e06a0182614/1/odwGMOlglt5IItH1HvgMb_9UGRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.62.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e1:f6:8b:00:61:6b:ab:f9:f0:a6:91:1e:3c:7b:d0:fe:de:
c1:12:b9:57:a6:de:e8:b8:f4:10:d8:81:f8:de:15:8d:27:1b:
28:df:23:27:6e:22:3a:dd:67:7a:2f:55:43:0b:79:b2:ca:a3:
19:5c:28:25:1a:b1:23:86:2b:59:09:7e:8f:36:f3:d0:b3:64:
ce:13:61:bf:96:a0:bd:fd:d2:a8:e6:dc:1f:1f:17:d3:32:bc:
d8:3a:7b:e5:cf:5e:1d:05:66:62:33:6b:45:c3:ad:0b:5a:0a:
c9:a0:86:16:b5:06:a2:f5:5d:2f:23:b0:72:18:2e:82:e8:0a:
19:dc:35:a2:1c:ab:bd:ad:d4:49:d0:44:cf:23:cb:63:9d:c0:
3d:b5:f9:fd:04:5a:3c:ad:6a:5a:03:7f:e1:b0:af:eb:ac:6b:
ce:25:d9:cf:63:7b:35:81:79:de:6a:f3:7a:e5:80:ef:91:ba:
0b:98:d0:4a:c6:67:32:fc:23:35:58:98:ee:12:d9:9f:4b:50:
30:6a:d2:eb:26:46:55:13:92:ff:fb:44:c4:a2:1b:b3:c9:2b:
07:0a:cb:d2:b5:1a:15:82:be:ed:40:15:be:7b:0a:a2:a3:7a:
93:e7:5e:0d:10:87:68:db:95:d8:51:df:fd:d1:0d:55:17:ec:
d1:5c:ea:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRH6jY2fPIaIn2rXDZzru/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZGMwNjMwZTk2MDk2ZGU0ODIyZDFmNTFlZjgwYzZmZmY1
NDE5MWIwHhcNMjUwMTA4MjE1NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRlYmFkZGI0NTQxNjRkNGE3MGI1Nzc3YmYxYWQ1ZDA2MDE0NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmJqzGgOw3UodBnRn7fS1UqBkvt1
u1eZjGsbrcIZH1TwxyTf/FeQSTFUjzRzEvPkv02GrDvE6bS/bkW5U9HnwJaddYp3
3yRI58GDyDLw4xeJb+3zG+6jMEM21cYUZPRqs5LN+R3464camLWlPswJlJ2kh43P
qqAxhv/604X3sKcMLyIWlXXo0gXvHTwJPDQKN6X79AkBBlfqiD9JlBsyP+bAw81z
/khrZyvp9BafWt35u/fnqp5fQBJhXZztRWQid3YlCbzcUnTtB0tN38mXUErYBrYW
xWlcHWWvcUmL/kefjb9H+/qgYoP8RxRgWVUsm41od00D43iuvOfC1+BNqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5Out20VBZNSnC1d3vxrV0GAUXxMB8GA1UdIwQY
MBaAFKHcBjDpYJbeSCLR9R74DG//VBkbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2R3R01PbGdsdDVJSXRIMUh2Z01iXzlVR1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjkxNTgtNmE5MC00ZTU3LWEyOGYt
M2UwNmEwMTgyNjE0LzEvYms2NjNiUlVGazFLY0xWM2VfR3RYUVlCUmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zZjkxNTgtNmE5MC00ZTU3LWEyOGYtM2UwNmEwMTgyNjE0
LzEvb2R3R01PbGdsdDVJSXRIMUh2Z01iXzlVR1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+M+MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ4faLAGFrq/nwppEePHvQ/t7BErlXpt7ouPQQ2IH4
3hWNJxso3yMnbiI63Wd6L1VDC3myyqMZXCglGrEjhitZCX6PNvPQs2TOE2G/lqC9
/dKo5twfHxfTMrzYOnvlz14dBWZiM2tFw60LWgrJoIYWtQai9V0vI7ByGC6C6AoZ
3DWiHKu9rdRJ0ETPI8tjncA9tfn9BFo8rWpaA3/hsK/rrGvOJdnPY3s1gXneavN6
5YDvkboLmNBKxmcy/CM1WJjuEtmfS1AwatLrJkZVE5L/+0TEohuzySsHCsvStRoV
gr7tQBW+ewqio3qT514NEIdo25XYUd/90Q1VF+zRXOpC
-----END CERTIFICATE-----
Generated at Fri May 2 15:39:13 2025 by rpki-client