Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/D9By2IogSBoZmpz4UjeZrRtAyL0.roa
File: D9By2IogSBoZmpz4UjeZrRtAyL0.roa (raw, json)
Hash identifier: eLOgm+F3WOzJGqwuPExRT7Op5bBPVhPQSiubRwOrat8=
Subject key identifier: 0F:D0:72:D8:8A:20:48:1A:19:9A:9C:F8:52:37:99:AD:1B:40:C8:BD
Certificate issuer: /CN=fa4f44ba814b8c94b7afe3022ee01462f513bff7
Certificate serial: 0196826616B9E833CF02CE7DEAFD5ED52CC6
Authority key identifier: FA:4F:44:BA:81:4B:8C:94:B7:AF:E3:02:2E:E0:14:62:F5:13:BF:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/D9By2IogSBoZmpz4UjeZrRtAyL0.roa
Signing time: Tue 29 Apr 2025 16:34:10 +0000
ROA not before: Tue 29 Apr 2025 16:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198031
IP address blocks: 91.146.120.0/21 maxlen: 21
91.146.120.0/22 maxlen: 22
91.146.124.0/24 maxlen: 24
2a03:a780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 17:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:66:16:b9:e8:33:cf:02:ce:7d:ea:fd:5e:d5:2c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa4f44ba814b8c94b7afe3022ee01462f513bff7
Validity
Not Before: Apr 29 16:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fd072d88a20481a199a9cf8523799ad1b40c8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:1f:0c:99:81:c0:f9:77:19:dc:d9:67:99:
37:82:45:49:ee:43:0b:b7:e0:05:a1:a3:21:63:2d:
99:be:2e:cf:64:71:77:6d:ae:f8:17:a2:84:48:ff:
1a:c4:a1:4e:69:9e:a8:b9:3c:69:ec:b6:6b:ff:07:
4c:a0:9e:1c:db:63:5f:97:49:21:5f:d8:af:95:81:
31:7b:42:c1:f4:34:10:f6:db:50:52:b5:85:16:ce:
b1:e4:34:7d:4b:20:71:31:9f:b6:a5:10:30:9a:e5:
37:b9:ca:f3:5c:db:38:6d:fd:8b:4b:7d:93:22:57:
d9:ca:28:dc:9f:cb:57:a3:07:5d:d8:39:a3:2b:d2:
3a:db:73:8f:60:a2:4b:6e:0c:f2:28:16:c5:2e:17:
90:f6:4d:06:d4:fb:19:08:00:e7:d9:10:26:a9:51:
39:26:bc:3a:52:f6:d8:cb:d1:ef:a2:3f:18:c7:9f:
43:65:83:81:e3:13:32:57:ef:3f:40:db:dc:fc:e0:
9a:c2:47:94:d3:1d:28:12:67:f5:74:69:dc:3e:07:
e7:50:33:1c:67:b4:8a:2a:97:6e:8f:a3:f5:a5:bd:
b6:05:29:be:20:9c:82:fd:6e:f6:23:a3:b7:5c:aa:
b2:4e:5a:e6:c4:01:eb:ad:21:b5:b2:dc:16:39:a0:
f5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D0:72:D8:8A:20:48:1A:19:9A:9C:F8:52:37:99:AD:1B:40:C8:BD
X509v3 Authority Key Identifier:
keyid:FA:4F:44:BA:81:4B:8C:94:B7:AF:E3:02:2E:E0:14:62:F5:13:BF:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/D9By2IogSBoZmpz4UjeZrRtAyL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.146.120.0/21
IPv6:
2a03:a780::/32
Signature Algorithm: sha256WithRSAEncryption
24:d6:21:72:ec:76:3e:61:c1:83:a9:e2:fb:e3:c0:3e:c9:ac:
c7:e4:18:05:96:c4:f6:81:29:22:23:5a:f8:af:7b:23:a5:40:
59:63:cb:dd:e8:a6:98:5d:9f:a1:27:76:0a:c5:17:b8:5e:e2:
8d:2e:21:f9:47:3e:89:f9:bb:55:b0:c2:d3:bb:7e:a5:11:36:
a6:af:68:29:fc:4e:6a:10:db:18:cc:43:c0:22:24:33:37:01:
3d:b3:59:92:eb:85:36:93:83:9d:ec:b2:b4:0c:08:94:da:28:
dd:e3:1d:bc:36:6a:0d:9a:2e:15:23:60:c4:69:be:d5:90:ce:
e9:68:16:89:60:b0:34:5c:64:eb:90:d0:4e:a1:37:df:93:c0:
45:fb:c7:23:f3:5a:69:bc:e9:e7:10:e2:7f:98:fa:6c:8f:82:
f2:0b:ac:f3:ad:a9:40:65:f2:20:b5:51:32:5d:e0:39:68:e0:
41:a3:51:89:d3:9c:56:bb:e2:08:9b:86:33:0d:06:35:8f:78:
ef:12:5b:21:a9:b6:38:b0:56:a2:d4:bd:a7:21:e4:6a:e4:0f:
b6:67:18:be:f5:23:0f:f7:31:8c:d8:de:99:aa:cc:03:4f:48:
ce:54:69:1e:93:e8:aa:b6:a3:22:97:c7:84:a3:d3:d8:08:54:
2f:3e:d3:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZaCZha56DPPAs596v1e1SzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNGY0NGJhODE0YjhjOTRiN2FmZTMwMjJlZTAxNDYyZjUx
M2JmZjcwHhcNMjUwNDI5MTYzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQwNzJkODhhMjA0ODFhMTk5YTljZjg1MjM3OTlhZDFiNDBjOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nsfDJmBwPl3GdzZZ5k3gkVJ7kML
t+AFoaMhYy2Zvi7PZHF3ba74F6KESP8axKFOaZ6ouTxp7LZr/wdMoJ4c22Nfl0kh
X9ivlYExe0LB9DQQ9ttQUrWFFs6x5DR9SyBxMZ+2pRAwmuU3ucrzXNs4bf2LS32T
IlfZyijcn8tXowdd2DmjK9I623OPYKJLbgzyKBbFLheQ9k0G1PsZCADn2RAmqVE5
Jrw6UvbYy9Hvoj8Yx59DZYOB4xMyV+8/QNvc/OCawkeU0x0oEmf1dGncPgfnUDMc
Z7SKKpduj6P1pb22BSm+IJyC/W72I6O3XKqyTlrmxAHrrSG1stwWOaD1SQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA/QctiKIEgaGZqc+FI3ma0bQMi9MB8GA1UdIwQY
MBaAFPpPRLqBS4yUt6/jAi7gFGL1E7/3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rOUV1b0ZMakpTM3ItTUNMdUFVWXZVVHZfYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvOTEyMTEwLTZmYzItNDI0YS1hOTU1
LWRhNjIxY2Q3NTZkNy8xL0Q5QnkySW9nU0JvWm1wejRVamVaclJ0QXlMMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvOTEyMTEwLTZmYzItNDI0YS1hOTU1LWRhNjIxY2Q3NTZk
Ny8xLzEtazlFdW9GTGpKUzNyLU1DTHVBVVl2VVR2X2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBANbkngw
DQQCAAIwBwMFACoDp4AwDQYJKoZIhvcNAQELBQADggEBACTWIXLsdj5hwYOp4vvj
wD7JrMfkGAWWxPaBKSIjWviveyOlQFljy93opphdn6EndgrFF7he4o0uIflHPon5
u1WwwtO7fqURNqavaCn8TmoQ2xjMQ8AiJDM3AT2zWZLrhTaTg53ssrQMCJTaKN3j
Hbw2ag2aLhUjYMRpvtWQzuloFolgsDRcZOuQ0E6hN9+TwEX7xyPzWmm86ecQ4n+Y
+myPgvILrPOtqUBl8iC1UTJd4Dlo4EGjUYnTnFa74gibhjMNBjWPeO8SWyGptjiw
VqLUvach5GrkD7ZnGL71Iw/3MYzY3pmqzANPSM5UaR6T6Kq2oyKXx4Sj09gIVC8+
08U=
-----END CERTIFICATE-----
Generated at Fri May 16 02:37:27 2025 by rpki-client