Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/97rvjr8jiMkvGTAIV9sw8yOvtxg.roa
File: 97rvjr8jiMkvGTAIV9sw8yOvtxg.roa (raw, json)
Hash identifier: 0D2H+gypy5SHDkzd7jfvf5vf4V/t5Um4MNxrHIuonMQ=
Subject key identifier: F7:BA:EF:8E:BF:23:88:C9:2F:19:30:08:57:DB:30:F3:23:AF:B7:18
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 0194282382DA6926A2C8110F932EA71083F3
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/97rvjr8jiMkvGTAIV9sw8yOvtxg.roa
Signing time: Thu 02 Jan 2025 17:50:03 +0000
ROA not before: Thu 02 Jan 2025 17:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201744
IP address blocks: 91.149.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 06:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:82:da:69:26:a2:c8:11:0f:93:2e:a7:10:83:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Jan 2 17:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7baef8ebf2388c92f19300857db30f323afb718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b1:9f:79:13:7e:0a:ca:aa:fe:88:3e:08:50:
92:c5:e6:32:b8:59:d3:94:13:4e:ca:1b:ea:43:1b:
dd:b2:01:49:0d:af:07:62:fd:b4:67:08:fa:4c:9a:
2b:7f:93:65:fc:dd:4f:c9:36:f3:bc:15:98:3e:a4:
e5:7b:09:5b:5c:50:46:e3:ba:e9:50:ab:24:4a:21:
54:14:86:46:e7:6e:8e:64:eb:1d:ce:c9:5b:2c:da:
23:ca:9e:26:98:40:ed:a0:8e:c5:66:3c:d7:36:9a:
f4:10:88:ff:a6:f0:46:ed:cc:ac:32:0a:dd:b9:10:
11:e1:8d:9e:ed:05:18:df:a5:64:9f:02:54:96:65:
fc:cd:81:14:b0:ef:be:35:e8:a8:8b:cd:0d:e2:bc:
8c:fa:ce:99:9f:54:dc:85:97:f6:4e:34:17:a6:f5:
0f:70:9f:75:55:f6:c9:c0:aa:39:4c:92:37:94:14:
7b:6a:bc:1e:c7:36:c9:6a:f4:ed:c5:29:bd:2b:f9:
f1:b6:30:89:11:93:45:8e:d9:68:b7:66:a8:2d:91:
82:38:b4:96:0b:ec:8f:75:4a:15:04:f7:ab:93:00:
0c:97:bf:13:64:6c:22:6d:32:56:33:83:d1:ec:f3:
9c:7e:be:c6:27:57:82:05:63:5a:ad:ad:3b:75:df:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BA:EF:8E:BF:23:88:C9:2F:19:30:08:57:DB:30:F3:23:AF:B7:18
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/97rvjr8jiMkvGTAIV9sw8yOvtxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:de:29:5b:14:d6:cc:12:53:55:c1:2d:db:07:e8:8a:36:93:
07:2c:78:fe:06:c2:37:a6:16:8e:9a:d3:cc:eb:77:ef:51:4c:
ec:3d:f1:23:f7:29:82:eb:c4:33:1f:e8:e7:5a:b1:f7:60:7a:
7e:1a:83:41:43:3c:6a:1c:3a:14:f4:6b:3d:f1:15:7c:8a:1f:
03:54:b2:a0:47:e4:11:c2:2d:1c:f9:b9:72:37:e2:80:27:8e:
a0:43:3c:fb:c7:87:00:7a:42:30:8d:fc:8d:56:68:ca:6f:33:
43:09:27:52:80:a6:86:ee:eb:cb:20:4c:4b:d0:01:9f:62:fe:
35:01:c5:72:2b:b1:e3:b2:36:33:3c:06:9f:f9:3f:54:52:c8:
9f:11:c2:20:6b:73:a0:b4:dd:bc:92:6b:b7:ef:76:95:1f:10:
9f:89:be:82:42:ae:3a:b0:f7:5f:4a:64:74:74:f4:0d:d1:88:
40:93:a2:61:12:00:3e:26:6e:6f:69:5a:dd:a4:f3:53:e0:a9:
ff:a6:ae:a7:52:20:8a:26:94:9f:7a:46:13:fc:c2:23:33:d8:
27:ca:29:49:c4:55:63:c7:c2:3d:48:b2:93:99:3e:54:a2:eb:
34:cb:02:44:7f:0a:58:50:c2:32:89:60:c0:27:53:d2:72:72:
6b:74:b3:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI4LaaSaiyBEPky6nEIPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjUwMTAyMTc1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2JhZWY4ZWJmMjM4OGM5MmYxOTMwMDg1N2RiMzBmMzIzYWZiNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bGfeRN+Csqq/og+CFCSxeYyuFnT
lBNOyhvqQxvdsgFJDa8HYv20Zwj6TJorf5Nl/N1PyTbzvBWYPqTlewlbXFBG47rp
UKskSiFUFIZG526OZOsdzslbLNojyp4mmEDtoI7FZjzXNpr0EIj/pvBG7cysMgrd
uRAR4Y2e7QUY36VknwJUlmX8zYEUsO++Neioi80N4ryM+s6Zn1TchZf2TjQXpvUP
cJ91VfbJwKo5TJI3lBR7arwexzbJavTtxSm9K/nxtjCJEZNFjtlot2aoLZGCOLSW
C+yPdUoVBPerkwAMl78TZGwibTJWM4PR7POcfr7GJ1eCBWNara07dd/6JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPe6746/I4jJLxkwCFfbMPMjr7cYMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvOTdydmpyOGppTWt2R1RBSVY5c3c4eU92dHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5XrMA0G
CSqGSIb3DQEBCwUAA4IBAQCl3ilbFNbMElNVwS3bB+iKNpMHLHj+BsI3phaOmtPM
63fvUUzsPfEj9ymC68QzH+jnWrH3YHp+GoNBQzxqHDoU9Gs98RV8ih8DVLKgR+QR
wi0c+blyN+KAJ46gQzz7x4cAekIwjfyNVmjKbzNDCSdSgKaG7uvLIExL0AGfYv41
AcVyK7HjsjYzPAaf+T9UUsifEcIga3OgtN28kmu373aVHxCfib6CQq46sPdfSmR0
dPQN0YhAk6JhEgA+Jm5vaVrdpPNT4Kn/pq6nUiCKJpSfekYT/MIjM9gnyilJxFVj
x8I9SLKTmT5Uous0ywJEfwpYUMIyiWDAJ1PScnJrdLPQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:28:54 2025 by rpki-client