Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/tbzK7h_MCv5AHfCtJ6r6vvgitKw.roa
File: tbzK7h_MCv5AHfCtJ6r6vvgitKw.roa (raw, json)
Hash identifier: 9sLeHO1pZp1cW/+C/41+ewi3E82Sf4ctE8TUry1qi10=
Subject key identifier: B5:BC:CA:EE:1F:CC:0A:FE:40:1D:F0:AD:27:AA:FA:BE:F8:22:B4:AC
Certificate issuer: /CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Certificate serial: 018CC5DCD6C80F1BAC555576541BD43E3937
Authority key identifier: 30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/tbzK7h_MCv5AHfCtJ6r6vvgitKw.roa
Signing time: Mon 01 Jan 2024 16:30:33 +0000
ROA not before: Mon 01 Jan 2024 16:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56641
IP address blocks: 91.226.74.0/23 maxlen: 24
2a00:9520::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d6:c8:0f:1b:ac:55:55:76:54:1b:d4:3e:39:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Validity
Not Before: Jan 1 16:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5bccaee1fcc0afe401df0ad27aafabef822b4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ea:f2:f7:f4:e5:39:b6:16:0c:69:0d:06:c1:
4a:d5:9a:d6:dd:d8:b4:c0:ed:ce:36:48:8b:2f:d2:
77:c0:b1:d3:a0:19:a5:9a:b5:db:99:27:2d:a1:e6:
ff:51:bd:ae:71:62:60:e8:e1:09:2e:c3:81:0b:9e:
42:81:d6:6f:72:40:2d:f1:3c:c1:a0:03:62:50:2b:
6c:fc:77:2c:0e:51:cf:5e:da:33:01:fc:03:29:1c:
b8:9b:79:61:ee:2b:a4:12:52:c5:24:61:7e:cb:29:
ee:af:66:9d:9a:f3:86:62:02:96:19:5c:9e:05:2b:
f1:75:13:18:9d:21:0a:08:62:f7:0a:df:2a:c6:9f:
86:5b:81:ba:c5:91:ec:01:4a:b7:60:ca:b5:74:8f:
5a:4f:72:65:d1:14:34:55:96:db:67:e5:22:d9:85:
ab:bd:5f:59:f7:2f:fd:d9:ec:e9:2b:00:2c:6d:04:
01:75:e7:a3:3c:01:8b:65:f4:21:35:00:97:56:9f:
f5:12:a8:f2:45:96:af:73:9a:9f:c6:a7:fd:63:74:
00:a7:77:a1:f1:1b:9d:0a:6c:5a:71:cd:e9:aa:2a:
36:dc:7e:e8:b6:05:f7:2a:3c:aa:8e:8f:7f:fd:99:
d4:00:99:33:4a:68:dc:97:79:ae:2f:98:b4:91:4c:
08:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BC:CA:EE:1F:CC:0A:FE:40:1D:F0:AD:27:AA:FA:BE:F8:22:B4:AC
X509v3 Authority Key Identifier:
keyid:30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/tbzK7h_MCv5AHfCtJ6r6vvgitKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.74.0/23
IPv6:
2a00:9520::/32
Signature Algorithm: sha256WithRSAEncryption
26:af:58:4c:41:54:d4:79:87:07:a2:bb:94:0f:2b:a5:4b:82:
70:d4:05:25:ca:e7:b4:5f:e3:07:c9:c1:cc:54:63:28:9b:62:
6d:aa:6a:5a:97:97:8a:0d:8f:44:19:95:96:18:ea:43:d4:c3:
bb:05:12:ed:9c:60:66:6b:26:be:f0:1c:80:0b:6b:2e:4e:c9:
ed:fc:49:a0:00:c2:ea:2b:eb:a1:80:22:7e:bd:9c:c4:ef:50:
c0:59:51:c9:dd:3e:10:64:80:23:55:50:fa:02:ee:4a:a5:05:
6f:ad:07:30:5d:77:5a:9d:cd:de:b7:e8:e2:74:4a:a2:96:36:
f2:7c:b9:81:e2:09:69:8e:6a:61:7b:ef:57:7e:4b:63:f3:c9:
b7:5f:59:29:13:be:6c:42:d4:2f:5c:f3:6d:87:21:d3:81:ac:
44:db:0b:23:94:ac:c5:81:82:9c:d8:9f:37:2a:7d:fc:5a:9f:
0f:f9:96:b7:81:da:78:85:a8:43:98:f4:61:af:0a:cd:0e:ce:
27:8f:d4:c6:4f:5b:14:49:2d:48:f0:0a:39:60:09:c7:f2:80:
a8:af:70:9d:dc:62:e7:2f:15:d4:dd:2e:f3:07:22:8f:08:7c:
66:41:d8:66:96:b2:5e:fa:90:a6:f6:53:78:3d:76:02:9d:25:
b8:96:18:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3NbIDxusVVV2VBvUPjk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNWM0NGU4Yzk2MWExNDUwZDBhYWIyMTJmMGRlYzcxN2Qx
ZGVmYjYwHhcNMjQwMTAxMTYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJjY2FlZTFmY2MwYWZlNDAxZGYwYWQyN2FhZmFiZWY4MjJiNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+ry9/TlObYWDGkNBsFK1ZrW3di0
wO3ONkiLL9J3wLHToBmlmrXbmSctoeb/Ub2ucWJg6OEJLsOBC55CgdZvckAt8TzB
oANiUCts/HcsDlHPXtozAfwDKRy4m3lh7iukElLFJGF+yynur2admvOGYgKWGVye
BSvxdRMYnSEKCGL3Ct8qxp+GW4G6xZHsAUq3YMq1dI9aT3Jl0RQ0VZbbZ+Ui2YWr
vV9Z9y/92ezpKwAsbQQBdeejPAGLZfQhNQCXVp/1EqjyRZavc5qfxqf9Y3QAp3eh
8RudCmxacc3pqio23H7otgX3Kjyqjo9//ZnUAJkzSmjcl3muL5i0kUwI2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLW8yu4fzAr+QB3wrSeq+r74IrSsMB8GA1UdIwQY
MBaAFDBcROjJYaFFDQqrIS8N7HF9He+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYt
ZDUyN2NlMGQ5OTMwLzEvdGJ6SzdoX01DdjVBSGZDdEo2cjZ2dmdpdEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYtZDUyN2NlMGQ5OTMw
LzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW+JKMA0E
AgACMAcDBQAqAJUgMA0GCSqGSIb3DQEBCwUAA4IBAQAmr1hMQVTUeYcHoruUDyul
S4Jw1AUlyue0X+MHycHMVGMom2Jtqmpal5eKDY9EGZWWGOpD1MO7BRLtnGBmaya+
8ByAC2suTsnt/EmgAMLqK+uhgCJ+vZzE71DAWVHJ3T4QZIAjVVD6Au5KpQVvrQcw
XXdanc3et+jidEqiljbyfLmB4glpjmphe+9Xfktj88m3X1kpE75sQtQvXPNthyHT
gaxE2wsjlKzFgYKc2J83Kn38Wp8P+Za3gdp4hahDmPRhrwrNDs4nj9TGT1sUSS1I
8Ao5YAnH8oCor3Cd3GLnLxXU3S7zByKPCHxmQdhmlrJe+pCm9lN4PXYCnSW4lhjK
-----END CERTIFICATE-----
Generated at Tue May 6 06:16:44 2025 by rpki-client