Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/kT66zMb5Vqk2xu2ULrmZJOqNEpk.roa
File: kT66zMb5Vqk2xu2ULrmZJOqNEpk.roa (raw, json)
Hash identifier: DsPt9a5HO/mtCfRL3FTRy9Ki3g0ozaZo9CAWSLCfGT8=
Subject key identifier: 91:3E:BA:CC:C6:F9:56:A9:36:C6:ED:94:2E:B9:99:24:EA:8D:12:99
Certificate issuer: /CN=c070ee8dc8378086960182e3309226717e83e407
Certificate serial: 01939676857F42E7773F5379A3F38DD463FC
Authority key identifier: C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/kT66zMb5Vqk2xu2ULrmZJOqNEpk.roa
Signing time: Thu 05 Dec 2024 10:56:09 +0000
ROA not before: Thu 05 Dec 2024 10:56:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25082
IP address blocks: 91.203.140.0/22 maxlen: 22
91.203.140.0/24 maxlen: 24
91.203.141.0/24 maxlen: 24
91.203.142.0/24 maxlen: 24
91.203.143.0/24 maxlen: 24
91.215.68.0/22 maxlen: 22
91.215.68.0/24 maxlen: 24
91.215.70.0/24 maxlen: 24
91.215.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 08:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:76:85:7f:42:e7:77:3f:53:79:a3:f3:8d:d4:63:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c070ee8dc8378086960182e3309226717e83e407
Validity
Not Before: Dec 5 10:56:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=913ebaccc6f956a936c6ed942eb99924ea8d1299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c7:40:ea:e4:0f:09:79:ca:c7:9b:17:9b:38:
88:16:23:dc:14:75:69:38:23:ac:23:74:06:c8:45:
15:38:97:ed:f5:45:42:f6:fc:05:dd:29:05:c1:c9:
ea:c1:ee:df:2f:0a:bf:6a:dc:87:14:a0:ef:b1:66:
21:c6:23:58:fb:3f:20:f1:af:2b:e8:db:ba:16:b3:
c5:37:c8:b7:52:66:5a:5a:e2:9e:2e:09:8e:e5:2f:
9b:79:2a:aa:4b:34:dd:8f:5e:2c:9b:c3:7c:70:6b:
f6:7b:c3:33:32:32:09:1c:66:37:20:6c:42:aa:52:
49:e0:54:c7:ad:32:51:48:61:81:0e:7e:0c:11:0f:
f6:9f:0a:23:9d:2e:a8:7e:d8:da:ba:66:7a:da:34:
50:61:39:09:ea:3c:16:01:24:b0:e7:cc:90:21:65:
33:56:ea:7f:8a:c0:bc:cb:21:e7:fb:19:04:f9:96:
c9:81:38:6b:06:87:10:34:a9:0c:2f:8b:6d:2a:22:
a9:c9:32:cc:42:11:90:35:5c:97:d0:1d:8a:52:4e:
be:1b:ef:ff:81:e9:03:79:16:f0:f4:d1:2c:08:a6:
ee:55:42:24:9d:21:ea:2a:7f:9b:d5:7f:f6:5d:e6:
58:1f:3f:8a:53:03:52:d1:9e:1a:2d:29:b8:93:6c:
7b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3E:BA:CC:C6:F9:56:A9:36:C6:ED:94:2E:B9:99:24:EA:8D:12:99
X509v3 Authority Key Identifier:
keyid:C0:70:EE:8D:C8:37:80:86:96:01:82:E3:30:92:26:71:7E:83:E4:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHDujcg3gIaWAYLjMJImcX6D5Ac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/kT66zMb5Vqk2xu2ULrmZJOqNEpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/2a3655-941b-46d8-8789-45a7b6978493/1/wHDujcg3gIaWAYLjMJImcX6D5Ac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.140.0/22
91.215.68.0/22
Signature Algorithm: sha256WithRSAEncryption
06:b5:c7:5f:53:ca:85:a2:99:87:2f:aa:47:18:7a:a8:41:47:
77:f8:3a:f4:90:87:0b:63:01:e2:03:79:0c:0e:f5:bc:09:ce:
6e:cb:fa:2b:e3:d1:d2:7b:38:9c:06:50:65:d6:c4:fd:69:22:
f8:b1:76:26:c3:3c:45:24:79:48:fd:c6:6a:85:45:cc:ea:a5:
de:d6:e2:76:f4:a0:75:1b:08:04:ef:f6:41:24:bd:45:4c:63:
5f:52:1a:2f:fe:30:ce:87:de:3c:26:c9:11:91:84:81:1a:98:
78:45:2d:e0:5e:ac:17:e6:87:f9:10:d6:46:84:fb:b4:74:c8:
b1:41:1b:21:c9:47:46:17:f6:a5:33:55:f9:60:83:fa:6d:98:
cf:e5:20:58:7b:67:11:42:a7:ff:7f:74:8e:d2:03:6f:ca:c7:
37:ec:53:44:6f:46:5f:32:b4:a7:94:5c:d0:9a:a0:f9:9c:6b:
12:b1:ed:64:af:46:09:7d:45:f8:db:d4:cd:0b:df:94:55:24:
a0:7e:2b:cd:e0:ef:d4:6d:e7:d6:b2:1a:ac:09:37:95:2a:df:
76:14:db:2e:68:aa:a4:8b:10:1d:d5:72:03:81:a4:9a:0f:32:
94:36:56:a5:93:2a:90:f2:0e:9c:2f:3f:59:92:ef:fd:5e:d1:
5b:9f:b3:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOWdoV/Qud3P1N5o/ON1GP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzBlZThkYzgzNzgwODY5NjAxODJlMzMwOTIyNjcxN2U4
M2U0MDcwHhcNMjQxMjA1MTA1NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNlYmFjY2M2Zjk1NmE5MzZjNmVkOTQyZWI5OTkyNGVhOGQxMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsdA6uQPCXnKx5sXmziIFiPcFHVp
OCOsI3QGyEUVOJft9UVC9vwF3SkFwcnqwe7fLwq/atyHFKDvsWYhxiNY+z8g8a8r
6Nu6FrPFN8i3UmZaWuKeLgmO5S+beSqqSzTdj14sm8N8cGv2e8MzMjIJHGY3IGxC
qlJJ4FTHrTJRSGGBDn4MEQ/2nwojnS6oftjaumZ62jRQYTkJ6jwWASSw58yQIWUz
Vup/isC8yyHn+xkE+ZbJgThrBocQNKkML4ttKiKpyTLMQhGQNVyX0B2KUk6+G+//
gekDeRbw9NEsCKbuVUIknSHqKn+b1X/2XeZYHz+KUwNS0Z4aLSm4k2x76wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJE+uszG+VapNsbtlC65mSTqjRKZMB8GA1UdIwQY
MBaAFMBw7o3IN4CGlgGC4zCSJnF+g+QHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODkt
NDVhN2I2OTc4NDkzLzEva1Q2NnpNYjVWcWsyeHUyVUxybVpKT3FORXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8yYTM2NTUtOTQxYi00NmQ4LTg3ODktNDVhN2I2OTc4NDkz
LzEvd0hEdWpjZzNnSWFXQVlMak1KSW1jWDZENUFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8uMAwQC
W9dEMA0GCSqGSIb3DQEBCwUAA4IBAQAGtcdfU8qFopmHL6pHGHqoQUd3+Dr0kIcL
YwHiA3kMDvW8Cc5uy/or49HSezicBlBl1sT9aSL4sXYmwzxFJHlI/cZqhUXM6qXe
1uJ29KB1GwgE7/ZBJL1FTGNfUhov/jDOh948JskRkYSBGph4RS3gXqwX5of5ENZG
hPu0dMixQRshyUdGF/alM1X5YIP6bZjP5SBYe2cRQqf/f3SO0gNvysc37FNEb0Zf
MrSnlFzQmqD5nGsSse1kr0YJfUX429TNC9+UVSSgfivN4O/UbefWshqsCTeVKt92
FNsuaKqkixAd1XIDgaSaDzKUNlalkyqQ8g6cLz9Zku/9XtFbn7MM
-----END CERTIFICATE-----
Generated at Sat May 3 08:53:05 2025 by rpki-client