Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/7b6bb0-edff-4fd3-864f-f6cc0c6f12b4/1/whDODp2SrH1QzuQYf3hwPIPZ8_Q.roa
File: whDODp2SrH1QzuQYf3hwPIPZ8_Q.roa (raw, json)
Hash identifier: BoeuOu0jqVc2KQsdUj+4FeJvUtpYtNoKe9E3kjspsV4=
Subject key identifier: C2:10:CE:0E:9D:92:AC:7D:50:CE:E4:18:7F:78:70:3C:83:D9:F3:F4
Certificate issuer: /CN=1f49fc69bf6eba3b9fa0517d0062927210e4e8ca
Certificate serial: 018F0A3CD03474FE099CEC76BD9C66AAADAA
Authority key identifier: 1F:49:FC:69:BF:6E:BA:3B:9F:A0:51:7D:00:62:92:72:10:E4:E8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0n8ab9uujufoFF9AGKSchDk6Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/7b6bb0-edff-4fd3-864f-f6cc0c6f12b4/1/whDODp2SrH1QzuQYf3hwPIPZ8_Q.roa
Signing time: Tue 23 Apr 2024 09:15:08 +0000
ROA not before: Tue 23 Apr 2024 09:15:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207739
IP address blocks: 91.231.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:3c:d0:34:74:fe:09:9c:ec:76:bd:9c:66:aa:ad:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f49fc69bf6eba3b9fa0517d0062927210e4e8ca
Validity
Not Before: Apr 23 09:15:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c210ce0e9d92ac7d50cee4187f78703c83d9f3f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:10:ad:f2:5d:a6:5d:48:ab:9d:c8:74:bb:
ea:f7:dc:53:8d:cc:39:3a:11:41:50:0e:1a:a7:31:
bf:c9:96:a1:a3:07:cb:a0:72:1a:5a:d4:23:37:cc:
e2:8b:ab:c6:79:ed:24:d2:3a:5b:02:d2:e4:72:f1:
d0:df:9f:fd:01:0a:1e:c7:ea:90:4c:db:82:99:56:
64:20:6a:6a:82:e6:6d:97:62:31:4c:22:3d:66:8d:
b0:27:bd:e0:c7:e1:15:a9:b1:d0:87:63:bf:24:0c:
bf:53:35:f8:32:7f:f3:10:42:b7:93:3e:b1:56:b9:
09:55:27:d1:0e:64:43:e1:c6:27:3b:ab:19:81:cd:
02:dc:43:3e:60:bb:15:0f:4c:0a:28:d4:dc:5c:0b:
13:0c:cc:13:ca:29:f8:dd:0f:3f:dd:e9:87:c7:3e:
9d:b2:86:d7:70:70:7b:dd:69:e6:f5:0f:19:c0:55:
dc:88:33:9e:71:75:6e:ea:e4:e2:c3:9f:15:80:8d:
66:86:bf:ea:2e:95:c0:25:4b:8e:86:6a:c2:2b:8b:
57:60:a1:23:ee:dd:3e:32:57:28:d2:cf:4c:ca:62:
9b:79:5b:b9:4e:16:c2:89:b5:eb:82:0d:c5:56:08:
99:63:31:5d:cb:5e:28:a7:4c:77:1c:32:91:60:5a:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:10:CE:0E:9D:92:AC:7D:50:CE:E4:18:7F:78:70:3C:83:D9:F3:F4
X509v3 Authority Key Identifier:
keyid:1F:49:FC:69:BF:6E:BA:3B:9F:A0:51:7D:00:62:92:72:10:E4:E8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0n8ab9uujufoFF9AGKSchDk6Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/7b6bb0-edff-4fd3-864f-f6cc0c6f12b4/1/whDODp2SrH1QzuQYf3hwPIPZ8_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/7b6bb0-edff-4fd3-864f-f6cc0c6f12b4/1/H0n8ab9uujufoFF9AGKSchDk6Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.53.0/24
Signature Algorithm: sha256WithRSAEncryption
be:91:a5:13:af:88:05:f3:05:a0:1d:d4:9d:e7:89:73:ea:44:
9f:3c:85:62:50:34:be:41:98:5c:d2:1e:23:df:9d:d6:63:98:
97:e3:b1:a0:4c:78:b0:d5:ee:3a:81:bd:66:a6:35:2e:49:3d:
f0:ef:dd:40:e4:f2:71:1d:78:94:9b:76:4c:c5:eb:59:0f:a4:
b5:f1:5f:8d:1e:58:e1:eb:3c:12:38:f2:e2:15:e6:2f:d6:35:
99:98:0a:a1:c4:fd:60:2b:3f:a2:b5:ae:6c:89:3c:37:96:c4:
34:0e:10:fd:e4:c7:78:12:86:26:40:f1:c6:78:17:ac:46:17:
97:0b:11:19:7b:e0:19:09:9c:50:5f:8d:e3:57:63:86:0e:8f:
e5:87:30:f8:f8:90:ad:f7:9f:98:06:6b:7e:df:dc:3e:33:fd:
c1:59:8c:1d:93:2d:f2:96:48:37:02:61:28:f7:b1:ae:31:b1:
75:a2:9c:4f:39:25:7e:a8:0a:37:21:02:46:ed:6b:5c:8e:a3:
17:e6:2b:aa:fe:4c:6e:e3:b5:8e:9b:44:1d:d5:5f:1e:25:a9:
ec:19:76:20:df:c1:5e:c1:45:19:e3:aa:2b:82:fa:29:92:7b:
3d:db:84:09:17:3b:14:c2:a7:68:5c:47:3c:c8:e4:9c:45:5e:
82:f2:f3:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8KPNA0dP4JnOx2vZxmqq2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDlmYzY5YmY2ZWJhM2I5ZmEwNTE3ZDAwNjI5MjcyMTBl
NGU4Y2EwHhcNMjQwNDIzMDkxNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjEwY2UwZTlkOTJhYzdkNTBjZWU0MTg3Zjc4NzAzYzgzZDlmM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdEQrfJdpl1Iq53IdLvq99xTjcw5
OhFBUA4apzG/yZahowfLoHIaWtQjN8zii6vGee0k0jpbAtLkcvHQ35/9AQoex+qQ
TNuCmVZkIGpqguZtl2IxTCI9Zo2wJ73gx+EVqbHQh2O/JAy/UzX4Mn/zEEK3kz6x
VrkJVSfRDmRD4cYnO6sZgc0C3EM+YLsVD0wKKNTcXAsTDMwTyin43Q8/3emHxz6d
sobXcHB73Wnm9Q8ZwFXciDOecXVu6uTiw58VgI1mhr/qLpXAJUuOhmrCK4tXYKEj
7t0+Mlco0s9MymKbeVu5ThbCibXrgg3FVgiZYzFdy14op0x3HDKRYFrYAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIQzg6dkqx9UM7kGH94cDyD2fP0MB8GA1UdIwQY
MBaAFB9J/Gm/bro7n6BRfQBiknIQ5OjKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBuOGFiOXV1anVmb0ZGOUFHS1NjaERrNk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy83YjZiYjAtZWRmZi00ZmQzLTg2NGYt
ZjZjYzBjNmYxMmI0LzEvd2hET0RwMlNySDFRenVRWWYzaHdQSVBaOF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy83YjZiYjAtZWRmZi00ZmQzLTg2NGYtZjZjYzBjNmYxMmI0
LzEvSDBuOGFiOXV1anVmb0ZGOUFHS1NjaERrNk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+c1MA0G
CSqGSIb3DQEBCwUAA4IBAQC+kaUTr4gF8wWgHdSd54lz6kSfPIViUDS+QZhc0h4j
353WY5iX47GgTHiw1e46gb1mpjUuST3w791A5PJxHXiUm3ZMxetZD6S18V+NHljh
6zwSOPLiFeYv1jWZmAqhxP1gKz+ita5siTw3lsQ0DhD95Md4EoYmQPHGeBesRheX
CxEZe+AZCZxQX43jV2OGDo/lhzD4+JCt95+YBmt+39w+M/3BWYwdky3ylkg3AmEo
97GuMbF1opxPOSV+qAo3IQJG7WtcjqMX5iuq/kxu47WOm0Qd1V8eJansGXYg38Fe
wUUZ46orgvopkns924QJFzsUwqdoXEc8yOScRV6C8vMX
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:48 2025 by rpki-client