Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/1-RKeXITjMSfG8ecPlrq6mMx6cxg.roa
File: 1-RKeXITjMSfG8ecPlrq6mMx6cxg.roa (raw, json)
Hash identifier: vMXpOTM0Ax5ZG8Nko/W/3wKlzKgPkwBTJLxREZC6pSw=
Subject key identifier: F9:12:9E:5C:84:E3:31:27:C6:F1:E7:0F:96:BA:BA:98:CC:7A:73:18
Certificate issuer: /CN=68309900e648b65a307a7860102bf78b16f55d75
Certificate serial: 0193BA818D88E242F11498BC0D8A924E26E9
Authority key identifier: 68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/1-RKeXITjMSfG8ecPlrq6mMx6cxg.roa
Signing time: Thu 12 Dec 2024 10:54:32 +0000
ROA not before: Thu 12 Dec 2024 10:54:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199315
IP address blocks: 91.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:81:8d:88:e2:42:f1:14:98:bc:0d:8a:92:4e:26:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68309900e648b65a307a7860102bf78b16f55d75
Validity
Not Before: Dec 12 10:54:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9129e5c84e33127c6f1e70f96baba98cc7a7318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6a:56:38:95:69:5c:bb:af:14:c8:86:e4:78:
38:c0:cf:b7:c6:66:b3:b9:cb:97:72:43:04:8d:c3:
75:bf:c2:30:1d:1f:2e:16:a1:02:a9:aa:e6:aa:09:
fa:d2:72:28:37:c6:08:26:81:66:bd:95:4c:d4:84:
bd:69:98:f4:62:d0:8c:b6:9a:2a:94:d1:51:d4:44:
73:5d:0e:16:a0:5a:68:df:b9:b7:9d:31:be:54:40:
0a:20:8c:40:ed:1d:dd:fb:e0:6c:fb:6d:a4:9a:50:
c6:71:f7:a8:a8:db:98:7e:6c:e7:17:e9:78:33:0b:
04:e8:3f:54:2f:8b:94:c7:6b:61:a3:70:4d:d0:52:
de:01:25:2e:72:33:14:46:e9:aa:f7:67:c8:2f:bc:
19:be:bd:f1:da:47:8e:e6:5b:f2:07:c2:41:3b:aa:
5b:7c:d4:1d:3e:5e:d2:07:f7:c7:e7:96:3f:95:a0:
66:c6:a8:6d:a5:47:d3:1d:55:58:aa:b9:35:b0:ab:
dc:db:c8:4e:bb:c4:30:2a:e6:47:5a:c5:1c:c3:9a:
78:0c:99:54:ae:c6:74:d8:c5:e9:b7:0a:e8:8c:0c:
83:75:05:38:64:ce:56:86:36:03:91:d7:cb:7b:3f:
93:50:0e:c0:1c:24:7e:18:42:5d:5d:e7:3a:d5:f0:
e6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:12:9E:5C:84:E3:31:27:C6:F1:E7:0F:96:BA:BA:98:CC:7A:73:18
X509v3 Authority Key Identifier:
keyid:68:30:99:00:E6:48:B6:5A:30:7A:78:60:10:2B:F7:8B:16:F5:5D:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDCZAOZItlowenhgECv3ixb1XXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/1-RKeXITjMSfG8ecPlrq6mMx6cxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f54c57-deca-4685-8106-9fa78075330b/1/aDCZAOZItlowenhgECv3ixb1XXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:31:60:a6:02:af:85:b5:16:fb:ef:33:67:68:aa:56:3e:b4:
d9:10:63:78:2c:a2:ad:65:a1:bb:18:2d:83:66:4c:0a:3a:5e:
7f:35:1c:21:d2:6c:51:10:8c:f7:bf:69:38:0d:78:8c:3c:13:
eb:1e:03:c5:35:b8:fd:8f:f5:66:25:fb:0c:c2:38:cf:05:7f:
91:dd:65:05:cc:3a:c9:7c:b1:63:87:36:35:0c:3b:21:2a:f9:
fc:5c:c9:77:b5:07:24:32:18:95:c4:55:d9:90:74:6a:5a:e0:
e4:9e:01:46:b8:15:e7:40:31:5a:3e:27:60:c6:d5:db:c3:9f:
2f:1a:b9:ae:e2:08:42:c8:2d:e0:eb:a7:39:12:2b:af:d4:16:
7e:29:0a:96:24:a9:d6:bc:2c:db:04:b6:ef:93:52:65:a5:47:
18:07:6b:28:af:4a:1d:09:db:1a:7b:65:43:8c:00:f1:bb:23:
96:e0:6d:59:c7:d0:27:bd:63:ee:7c:6c:6a:e8:7c:43:91:2f:
c8:39:21:3a:04:9e:8b:8d:88:3b:dd:4a:e6:5a:97:17:28:4d:
11:58:7f:6d:52:fa:e3:01:cc:67:f9:3a:e5:ab:43:68:3e:1f:
90:cc:00:bc:a5:96:2b:28:77:af:e8:d8:fa:61:a9:6e:84:03:
7e:27:d9:ab
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZO6gY2I4kLxFJi8DYqSTibpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzA5OTAwZTY0OGI2NWEzMDdhNzg2MDEwMmJmNzhiMTZm
NTVkNzUwHhcNMjQxMjEyMTA1NDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTEyOWU1Yzg0ZTMzMTI3YzZmMWU3MGY5NmJhYmE5OGNjN2E3MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WpWOJVpXLuvFMiG5Hg4wM+3xmaz
ucuXckMEjcN1v8IwHR8uFqECqarmqgn60nIoN8YIJoFmvZVM1IS9aZj0YtCMtpoq
lNFR1ERzXQ4WoFpo37m3nTG+VEAKIIxA7R3d++Bs+22kmlDGcfeoqNuYfmznF+l4
MwsE6D9UL4uUx2tho3BN0FLeASUucjMURumq92fIL7wZvr3x2keO5lvyB8JBO6pb
fNQdPl7SB/fH55Y/laBmxqhtpUfTHVVYqrk1sKvc28hOu8QwKuZHWsUcw5p4DJlU
rsZ02MXptwrojAyDdQU4ZM5WhjYDkdfLez+TUA7AHCR+GEJdXec61fDm6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkSnlyE4zEnxvHnD5a6upjMenMYMB8GA1UdIwQY
MBaAFGgwmQDmSLZaMHp4YBAr94sW9V11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURDWkFPWkl0bG93ZW5oZ0VDdjNpeGIxWFhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTRjNTctZGVjYS00Njg1LTgxMDYt
OWZhNzgwNzUzMzBiLzEvMS1SS2VYSVRqTVNmRzhlY1BscnE2bU14NmN4Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWQvZjU0YzU3LWRlY2EtNDY4NS04MTA2LTlmYTc4MDc1MzMw
Yi8xL2FEQ1pBT1pJdGxvd2VuaGdFQ3YzaXhiMVhYVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvarTAN
BgkqhkiG9w0BAQsFAAOCAQEAfjFgpgKvhbUW++8zZ2iqVj602RBjeCyirWWhuxgt
g2ZMCjpefzUcIdJsURCM979pOA14jDwT6x4DxTW4/Y/1ZiX7DMI4zwV/kd1lBcw6
yXyxY4c2NQw7ISr5/FzJd7UHJDIYlcRV2ZB0alrg5J4BRrgV50AxWj4nYMbV28Of
Lxq5ruIIQsgt4OunORIrr9QWfikKliSp1rws2wS275NSZaVHGAdrKK9KHQnbGntl
Q4wA8bsjluBtWcfQJ71j7nxsauh8Q5EvyDkhOgSei42IO91K5lqXFyhNEVh/bVL6
4wHMZ/k65atDaD4fkMwAvKWWKyh3r+jY+mGpboQDfifZqw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:22:43 2025 by rpki-client