Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/1xCDoin_l-PXV5xiYDlMclvenpw.roa
File: 1xCDoin_l-PXV5xiYDlMclvenpw.roa (raw, json)
Hash identifier: aganIe3IICFmPVBAxFe5fWkBEv9iHKSkpJ9j78Dp3+A=
Subject key identifier: D7:10:83:A2:29:FF:97:E3:D7:57:9C:62:60:39:4C:72:5B:DE:9E:9C
Certificate issuer: /CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Certificate serial: 019499BE332412BA7088D7F058F18160C228
Authority key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/1xCDoin_l-PXV5xiYDlMclvenpw.roa
Signing time: Fri 24 Jan 2025 19:16:06 +0000
ROA not before: Fri 24 Jan 2025 19:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 91.216.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 21:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:be:33:24:12:ba:70:88:d7:f0:58:f1:81:60:c2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b
Validity
Not Before: Jan 24 19:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d71083a229ff97e3d7579c6260394c725bde9e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a9:09:de:03:60:e5:27:c1:09:cc:30:61:d4:
aa:f7:98:3d:23:d2:3b:81:51:e6:f3:c3:54:48:dd:
c2:99:3e:ad:54:90:a1:f1:70:38:c9:57:99:a0:8b:
d3:90:21:a4:af:df:e0:bd:1b:f9:f5:b8:c4:91:92:
64:09:e8:a6:1a:3d:e3:51:e7:9a:43:92:2e:00:df:
38:94:7c:a8:d8:f5:fc:a5:b7:3c:cf:0a:8b:78:5c:
24:21:28:01:11:21:e7:96:3d:e9:3b:54:38:d4:e7:
60:a0:44:db:cf:38:cf:fb:f8:13:04:e5:77:ab:f4:
03:12:6f:47:54:5e:85:6e:e8:03:c7:b9:f8:9e:5c:
91:30:8e:b3:88:9e:c1:f0:76:cb:87:a7:b6:88:0d:
fe:49:f3:42:28:b0:da:db:8d:f7:d0:3d:71:62:59:
f5:8a:98:ff:08:ef:1d:1e:38:71:3b:4d:b9:ea:2c:
07:08:98:5e:e2:68:1a:51:d0:29:4b:2d:c4:05:08:
e4:3a:1a:4a:aa:b9:74:1a:5d:f2:f6:1e:f5:98:a4:
70:74:7d:76:44:71:6c:9c:de:e1:42:39:00:79:58:
5f:28:77:68:26:63:17:87:d6:14:63:e6:12:cd:67:
30:02:91:3d:e1:3b:a6:bd:56:f7:18:37:be:f2:25:
b7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:10:83:A2:29:FF:97:E3:D7:57:9C:62:60:39:4C:72:5B:DE:9E:9C
X509v3 Authority Key Identifier:
keyid:B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/1xCDoin_l-PXV5xiYDlMclvenpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
89:c5:27:67:9d:a2:4c:0b:29:64:3b:c2:7b:5b:0a:24:09:9f:
b3:d7:9c:ac:93:a0:23:c3:6e:42:e9:29:1e:de:b8:2e:d9:f9:
e9:d5:1a:22:05:61:41:dc:0e:76:aa:d0:b7:44:f7:cb:00:41:
00:12:90:a1:92:cd:74:4b:e5:57:38:9f:96:a3:7b:40:51:fb:
21:58:2d:ed:b2:6e:fa:3a:bc:c4:e7:fb:cd:2a:94:22:50:1b:
e9:f9:2f:7e:b9:0e:34:c8:45:53:f7:13:86:95:77:61:44:ee:
74:06:43:9d:af:55:e0:32:1b:93:71:c3:cc:8b:e2:77:16:5f:
b0:a2:f3:db:83:ce:82:6f:55:5d:0d:15:a2:3d:72:d8:e9:1c:
77:5a:b0:63:c6:b0:54:e5:da:b2:a8:0d:27:82:e8:f4:e8:13:
81:5c:aa:37:74:24:6d:1f:0a:fc:f0:d7:1d:d8:8d:75:0d:56:
0d:09:ea:49:ee:bf:63:9b:7e:5f:3a:25:ea:4e:49:8c:67:33:
fb:e5:9d:b9:04:75:21:21:c2:8f:18:8d:87:4c:22:7d:d6:5b:
b1:30:a8:ce:b5:36:76:a8:b1:25:0c:9e:19:5f:9c:00:32:da:
7a:63:fc:7f:be:ac:b0:c4:b1:ba:35:d7:1c:a5:08:e6:04:cc:
de:f1:c2:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSZvjMkErpwiNfwWPGBYMIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWM0Y2U2NjNlMWVjMjQ1ZTc0N2NkODQ2ZjFhNjlkZGI4
MzRiM2IwHhcNMjUwMTI0MTkxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzEwODNhMjI5ZmY5N2UzZDc1NzljNjI2MDM5NGM3MjViZGU5ZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KkJ3gNg5SfBCcwwYdSq95g9I9I7
gVHm88NUSN3CmT6tVJCh8XA4yVeZoIvTkCGkr9/gvRv59bjEkZJkCeimGj3jUeea
Q5IuAN84lHyo2PX8pbc8zwqLeFwkISgBESHnlj3pO1Q41OdgoETbzzjP+/gTBOV3
q/QDEm9HVF6FbugDx7n4nlyRMI6ziJ7B8HbLh6e2iA3+SfNCKLDa24330D1xYln1
ipj/CO8dHjhxO0256iwHCJhe4mgaUdApSy3EBQjkOhpKqrl0Gl3y9h71mKRwdH12
RHFsnN7hQjkAeVhfKHdoJmMXh9YUY+YSzWcwApE94TumvVb3GDe+8iW3fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcQg6Ip/5fj11ecYmA5THJb3p6cMB8GA1UdIwQY
MBaAFLMcTOZj4ewkXnR82Ebxpp3bg0s7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMt
NDY1YWRjMjk1OWYyLzEvMXhDRG9pbl9sLVBYVjV4aVlEbE1jbHZlbnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84NGQ0NzYtMzIzMy00MTMxLThmZmMtNDY1YWRjMjk1OWYy
LzEvc3h4TTVtUGg3Q1JlZEh6WVJ2R21uZHVEU3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hHMA0G
CSqGSIb3DQEBCwUAA4IBAQCJxSdnnaJMCylkO8J7WwokCZ+z15ysk6Ajw25C6Ske
3rgu2fnp1RoiBWFB3A52qtC3RPfLAEEAEpChks10S+VXOJ+Wo3tAUfshWC3tsm76
OrzE5/vNKpQiUBvp+S9+uQ40yEVT9xOGlXdhRO50BkOdr1XgMhuTccPMi+J3Fl+w
ovPbg86Cb1VdDRWiPXLY6Rx3WrBjxrBU5dqyqA0nguj06BOBXKo3dCRtHwr88Ncd
2I11DVYNCepJ7r9jm35fOiXqTkmMZzP75Z25BHUhIcKPGI2HTCJ91luxMKjOtTZ2
qLElDJ4ZX5wAMtp6Y/x/vqywxLG6NdccpQjmBMze8cJX
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:11 2025 by rpki-client