Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/br_kjocdM_H6O1LpTjSLUvRvBSA.roa
File: br_kjocdM_H6O1LpTjSLUvRvBSA.roa (raw, json)
Hash identifier: UwSa/8T5lMZyNodzB4apfTn71rf0ZkHWsKg0PqfBtHo=
Subject key identifier: 6E:BF:E4:8E:87:1D:33:F1:FA:3B:52:E9:4E:34:8B:52:F4:6F:05:20
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 0196AAD5F98A167CBEE9FFB99313779AB966
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/br_kjocdM_H6O1LpTjSLUvRvBSA.roa
Signing time: Wed 07 May 2025 13:01:11 +0000
ROA not before: Wed 07 May 2025 13:01:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202381
IP address blocks: 91.237.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 14:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:d5:f9:8a:16:7c:be:e9:ff:b9:93:13:77:9a:b9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: May 7 13:01:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ebfe48e871d33f1fa3b52e94e348b52f46f0520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:75:50:19:58:95:31:27:7e:2b:a4:a6:3a:
5b:e6:e6:d6:fe:1c:57:c5:89:f4:de:6e:96:4d:ea:
08:2c:9d:1b:cf:a0:2e:dd:f4:81:da:f9:53:34:09:
15:20:c5:76:7d:31:3d:f7:79:da:c9:d7:79:30:ac:
f8:43:ce:83:e7:ca:1a:53:6b:ab:fe:3d:1b:c1:e1:
eb:8f:62:67:af:4a:7d:2f:c3:65:e6:04:62:45:54:
ab:f1:bd:f2:5d:cd:a2:df:8f:27:25:b2:46:d2:a9:
0f:44:e0:12:87:16:78:be:9b:f8:ff:8f:67:7f:2d:
d1:c8:c4:5a:8a:f4:c1:21:63:45:19:c9:2a:15:a2:
c1:19:6d:8f:55:0e:30:a0:a0:26:19:59:04:4b:3e:
f6:c1:28:b1:c6:d4:22:a5:c5:95:63:57:ed:23:fd:
44:89:78:fd:36:b5:55:6b:9f:74:fa:84:c2:54:a5:
26:b7:12:9d:79:b5:f9:d1:14:f9:93:79:8a:78:bd:
6e:cb:9f:88:17:ba:04:4d:ab:36:8e:d1:20:6c:02:
a3:7e:e4:62:3b:73:8d:8c:4e:22:58:00:c7:93:96:
ac:f6:d2:ed:cd:b7:00:b5:c0:60:46:60:36:eb:68:
69:bb:69:a3:b5:d3:66:03:34:9f:46:ea:fe:30:e8:
30:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BF:E4:8E:87:1D:33:F1:FA:3B:52:E9:4E:34:8B:52:F4:6F:05:20
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/br_kjocdM_H6O1LpTjSLUvRvBSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:de:ae:1e:50:85:7f:fd:d4:34:59:5b:aa:2f:89:8c:21:88:
0b:f1:75:7a:1e:be:52:b2:2e:9e:0a:dd:9e:d2:c3:ce:69:51:
77:e0:f5:ee:84:14:6a:ad:e0:0e:da:a6:bf:ea:fd:89:b2:23:
0c:84:60:f6:68:1c:f4:f6:44:a9:dd:ed:e6:f0:96:c3:3d:83:
16:d1:9d:35:d5:3f:dd:09:8c:6d:c5:f4:47:15:13:1c:fe:dd:
69:73:34:37:c9:46:42:36:52:de:7b:12:9f:b0:85:81:cf:bb:
a9:76:85:a5:16:70:de:7f:ac:a2:bb:b4:33:11:43:d9:10:33:
bf:fe:59:51:a1:87:99:91:c0:a4:93:8c:93:35:79:c2:3d:33:
27:13:a9:3d:81:9a:31:1e:36:5f:71:69:47:63:7c:34:9d:83:
42:07:18:6f:16:0d:bc:41:a9:c3:ca:5f:6f:de:a1:af:ad:c6:
5a:fe:01:39:85:f4:5e:47:54:7f:b8:59:36:cd:bb:01:e0:23:
5a:08:19:0d:92:0d:90:f2:2a:91:c0:9b:5a:94:1e:a2:6c:9f:
78:59:db:1a:34:a5:17:eb:b9:29:7c:09:e0:3d:cb:58:b3:c4:
b0:10:ff:f0:3b:58:5e:f3:ce:05:bb:7a:88:0a:1e:4a:ff:05:
11:66:7e:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaq1fmKFny+6f+5kxN3mrlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNTA3MTMwMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWJmZTQ4ZTg3MWQzM2YxZmEzYjUyZTk0ZTM0OGI1MmY0NmYwNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdx1UBlYlTEnfiukpjpb5ubW/hxX
xYn03m6WTeoILJ0bz6Au3fSB2vlTNAkVIMV2fTE993naydd5MKz4Q86D58oaU2ur
/j0bweHrj2Jnr0p9L8Nl5gRiRVSr8b3yXc2i348nJbJG0qkPROAShxZ4vpv4/49n
fy3RyMRaivTBIWNFGckqFaLBGW2PVQ4woKAmGVkESz72wSixxtQipcWVY1ftI/1E
iXj9NrVVa590+oTCVKUmtxKdebX50RT5k3mKeL1uy5+IF7oETas2jtEgbAKjfuRi
O3ONjE4iWADHk5as9tLtzbcAtcBgRmA262hpu2mjtdNmAzSfRur+MOgwIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6/5I6HHTPx+jtS6U40i1L0bwUgMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvYnJfa2pvY2RNX0g2TzFMcFRqU0xVdlJ2QlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+3+MA0G
CSqGSIb3DQEBCwUAA4IBAQBK3q4eUIV//dQ0WVuqL4mMIYgL8XV6Hr5Ssi6eCt2e
0sPOaVF34PXuhBRqreAO2qa/6v2JsiMMhGD2aBz09kSp3e3m8JbDPYMW0Z011T/d
CYxtxfRHFRMc/t1pczQ3yUZCNlLeexKfsIWBz7updoWlFnDef6yiu7QzEUPZEDO/
/llRoYeZkcCkk4yTNXnCPTMnE6k9gZoxHjZfcWlHY3w0nYNCBxhvFg28QanDyl9v
3qGvrcZa/gE5hfReR1R/uFk2zbsB4CNaCBkNkg2Q8iqRwJtalB6ibJ94WdsaNKUX
67kpfAngPctYs8SwEP/wO1he884Fu3qICh5K/wURZn4c
-----END CERTIFICATE-----
Generated at Fri May 9 19:05:44 2025 by rpki-client