Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/ux76LnLbrjRkT8b5kBlewsYBi4g.roa
File: ux76LnLbrjRkT8b5kBlewsYBi4g.roa (raw, json)
Hash identifier: gyzfTAmHdgI5VXO+SideiS265G/PrexsBchmUuXkEeQ=
Subject key identifier: BB:1E:FA:2E:72:DB:AE:34:64:4F:C6:F9:90:19:5E:C2:C6:01:8B:88
Certificate issuer: /CN=2dfc54d5543e12484b6bab2fdc399a8f5295787c
Certificate serial: 01922B24DB6E5751ED531FB26C4D4F435892
Authority key identifier: 2D:FC:54:D5:54:3E:12:48:4B:6B:AB:2F:DC:39:9A:8F:52:95:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/ux76LnLbrjRkT8b5kBlewsYBi4g.roa
Signing time: Wed 25 Sep 2024 21:44:48 +0000
ROA not before: Wed 25 Sep 2024 21:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56522
IP address blocks: 91.224.200.0/23 maxlen: 23
176.121.72.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2b:24:db:6e:57:51:ed:53:1f:b2:6c:4d:4f:43:58:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dfc54d5543e12484b6bab2fdc399a8f5295787c
Validity
Not Before: Sep 25 21:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb1efa2e72dbae34644fc6f990195ec2c6018b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:70:05:ff:8d:1a:bb:85:77:ff:7e:b9:19:
5c:96:bf:50:5f:40:db:90:44:10:59:75:dd:65:e4:
3a:23:b3:31:37:2b:42:7d:af:1c:70:63:63:20:66:
61:b6:a4:28:5a:8a:67:82:af:91:86:ab:ba:e3:72:
81:fd:8a:b0:b5:13:59:f9:52:f8:76:d1:67:49:64:
8e:36:6d:c9:d4:a5:67:13:e9:60:72:04:b2:dd:e1:
b4:b2:08:ea:92:44:cd:c2:1a:db:ab:42:7c:c0:d6:
d9:58:74:3a:92:fd:48:71:65:a6:00:20:76:b5:8e:
a2:15:d5:f4:5a:2c:12:34:35:17:9f:b5:84:5f:59:
c7:10:bc:74:e4:52:f9:ec:c0:f4:8e:cd:2c:28:76:
eb:a4:e7:28:ef:80:ed:6e:2b:cd:8b:6e:9b:26:13:
3f:38:80:65:dd:b4:c6:a4:ec:68:71:33:d9:9a:ba:
b7:8f:1b:e0:8f:3b:4d:fb:9a:a5:ec:8c:3f:2c:17:
8d:b0:e5:a8:41:e2:d9:f3:0f:f7:80:f1:98:7a:80:
ac:29:e3:4d:f1:ab:6e:ee:d8:f0:78:80:b1:72:07:
e7:f0:3b:03:e9:8b:59:e2:1c:48:32:d6:5f:41:9e:
06:97:96:a7:a8:05:34:46:46:f3:5d:69:6d:11:9a:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1E:FA:2E:72:DB:AE:34:64:4F:C6:F9:90:19:5E:C2:C6:01:8B:88
X509v3 Authority Key Identifier:
keyid:2D:FC:54:D5:54:3E:12:48:4B:6B:AB:2F:DC:39:9A:8F:52:95:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/ux76LnLbrjRkT8b5kBlewsYBi4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b6b9c4-82df-4ea6-aefc-70644e8f3641/1/LfxU1VQ-EkhLa6sv3Dmaj1KVeHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.200.0/23
176.121.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:fc:39:a2:83:75:72:87:c2:62:d3:0c:f2:d7:f2:60:0e:4d:
de:ba:b3:8e:9e:b1:a7:90:9b:93:94:67:29:34:a9:49:1c:3a:
da:84:2f:d0:7b:71:49:24:ff:2b:47:d4:fd:5e:08:9a:c0:34:
b2:24:49:40:d1:8f:69:ec:a6:45:c0:59:86:bc:f0:c2:28:e9:
6c:80:5a:b6:84:42:81:fd:ad:7b:66:83:ca:ff:b0:ff:fb:3c:
8c:68:4a:a4:a5:e9:1f:77:6a:0e:55:b0:d0:47:62:63:68:a2:
5f:33:56:7c:26:7b:01:56:9a:dd:b8:c8:13:73:d4:a9:89:ac:
a1:74:bd:f6:6c:77:ee:ea:79:53:31:43:a2:30:f7:ae:48:e1:
48:e9:b8:3e:26:a1:69:e3:1c:0d:2f:40:7c:33:c2:29:62:3c:
a4:a0:53:5e:11:87:e3:ad:c3:ee:b3:d5:9e:57:68:45:74:88:
08:aa:15:57:47:f3:a7:9c:4f:0c:71:d0:22:bd:d6:49:d4:46:
6a:0d:d5:2d:13:b9:b7:7f:ce:3d:b9:a5:85:97:e6:cc:7a:a6:
27:0b:7b:09:99:a2:b2:92:5e:38:a3:7e:26:97:0b:e9:34:84:
43:f1:79:39:79:6b:97:8f:3a:70:50:57:f1:1f:c4:a4:ba:7c:
f2:17:33:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIrJNtuV1HtUx+ybE1PQ1iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZmM1NGQ1NTQzZTEyNDg0YjZiYWIyZmRjMzk5YThmNTI5
NTc4N2MwHhcNMjQwOTI1MjE0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFlZmEyZTcyZGJhZTM0NjQ0ZmM2Zjk5MDE5NWVjMmM2MDE4Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkNwBf+NGruFd/9+uRlclr9QX0Db
kEQQWXXdZeQ6I7MxNytCfa8ccGNjIGZhtqQoWopngq+Rhqu643KB/YqwtRNZ+VL4
dtFnSWSONm3J1KVnE+lgcgSy3eG0sgjqkkTNwhrbq0J8wNbZWHQ6kv1IcWWmACB2
tY6iFdX0WiwSNDUXn7WEX1nHELx05FL57MD0js0sKHbrpOco74DtbivNi26bJhM/
OIBl3bTGpOxocTPZmrq3jxvgjztN+5ql7Iw/LBeNsOWoQeLZ8w/3gPGYeoCsKeNN
8atu7tjweICxcgfn8DsD6YtZ4hxIMtZfQZ4Gl5anqAU0RkbzXWltEZru9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLse+i5y2640ZE/G+ZAZXsLGAYuIMB8GA1UdIwQY
MBaAFC38VNVUPhJIS2urL9w5mo9SlXh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZ4VTFWUS1Fa2hMYTZzdjNEbWFqMUtWZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iNmI5YzQtODJkZi00ZWE2LWFlZmMt
NzA2NDRlOGYzNjQxLzEvdXg3NkxuTGJyalJrVDhiNWtCbGV3c1lCaTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9iNmI5YzQtODJkZi00ZWE2LWFlZmMtNzA2NDRlOGYzNjQx
LzEvTGZ4VTFWUS1Fa2hMYTZzdjNEbWFqMUtWZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+DIAwQD
sHlIMA0GCSqGSIb3DQEBCwUAA4IBAQCh/Dmig3Vyh8Ji0wzy1/JgDk3eurOOnrGn
kJuTlGcpNKlJHDrahC/Qe3FJJP8rR9T9XgiawDSyJElA0Y9p7KZFwFmGvPDCKOls
gFq2hEKB/a17ZoPK/7D/+zyMaEqkpekfd2oOVbDQR2JjaKJfM1Z8JnsBVprduMgT
c9SpiayhdL32bHfu6nlTMUOiMPeuSOFI6bg+JqFp4xwNL0B8M8IpYjykoFNeEYfj
rcPus9WeV2hFdIgIqhVXR/OnnE8McdAivdZJ1EZqDdUtE7m3f849uaWFl+bMeqYn
C3sJmaKykl44o34mlwvpNIRD8Xk5eWuXjzpwUFfxH8SkunzyFzN8
-----END CERTIFICATE-----
Generated at Fri May 9 22:06:29 2025 by rpki-client