Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/Si44DRQk0KCaHy7Bf7WLgZ4U5-0.roa
File: Si44DRQk0KCaHy7Bf7WLgZ4U5-0.roa (raw, json)
Hash identifier: yqj2Tr9DDvi3/fd+irdaj4E1Oq+GnCbz7DjXTTLd2tk=
Subject key identifier: 4A:2E:38:0D:14:24:D0:A0:9A:1F:2E:C1:7F:B5:8B:81:9E:14:E7:ED
Certificate issuer: /CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Certificate serial: 01941FFA9F3175887DDD46035DBE59735B6E
Authority key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/Si44DRQk0KCaHy7Bf7WLgZ4U5-0.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12874
IP address blocks: 91.205.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9f:31:75:88:7d:dd:46:03:5d:be:59:73:5b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a2e380d1424d0a09a1f2ec17fb58b819e14e7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:ae:00:cc:1e:64:d8:80:f4:e7:c5:52:c5:
34:67:f9:3a:1f:c5:59:57:96:2a:8d:c9:ee:ab:dd:
44:81:d4:a0:97:d0:b0:e7:0b:9d:7e:be:4d:3d:b4:
0b:dc:c5:b9:e0:10:2c:fb:8d:c6:13:21:ed:c7:c2:
ea:9e:d4:43:3f:b6:23:59:f1:c6:83:20:f9:4d:4d:
21:fa:69:10:91:8a:41:e4:80:9a:46:6a:eb:b7:ef:
11:a4:e2:f9:0f:1e:e6:3a:74:91:86:85:b3:ad:7e:
11:5f:e3:02:a2:d5:5d:d2:5c:7e:d0:ee:a0:94:07:
ef:da:1a:b7:f1:e4:ef:7d:28:4e:3c:3d:35:53:64:
d8:5b:5e:11:1e:96:ea:fb:64:1b:d2:da:47:76:0a:
97:52:a2:40:97:b6:8b:e7:79:31:90:04:db:10:94:
9b:21:35:3c:0b:70:3d:90:23:2d:28:de:88:51:28:
d3:da:6c:23:33:da:e9:1f:35:c6:43:08:43:81:59:
38:58:e4:0a:97:76:3a:91:cf:e1:38:ce:b8:2d:73:
ab:54:3a:ea:8c:fd:ef:57:1e:23:bf:29:90:95:52:
d1:bc:19:f4:93:4f:a5:b6:6a:e2:a6:c7:e4:f2:a7:
e4:a0:d0:5c:e8:4c:8f:8d:fb:85:4d:ce:36:f8:c4:
f4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:2E:38:0D:14:24:D0:A0:9A:1F:2E:C1:7F:B5:8B:81:9E:14:E7:ED
X509v3 Authority Key Identifier:
keyid:F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/Si44DRQk0KCaHy7Bf7WLgZ4U5-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.82.0/24
Signature Algorithm: sha256WithRSAEncryption
88:28:be:90:93:63:e8:94:3b:8c:53:83:79:9b:18:17:31:69:
55:ae:e8:a8:f1:17:e8:e1:67:7d:64:06:7f:a2:da:13:79:1f:
a8:ee:7e:ac:d0:1c:b5:39:d1:c0:1a:5b:5e:fa:6e:e8:1a:04:
e6:b5:ae:da:74:f5:69:59:a7:1d:df:42:27:d8:7b:14:10:c9:
56:ab:bb:58:41:ac:95:79:26:9a:6b:69:f0:d8:5b:e2:4a:93:
f2:f0:ff:7b:23:64:22:47:55:bc:6d:25:2b:20:77:34:c7:ef:
01:f0:f6:b2:f7:62:bf:c5:e9:56:d6:f8:6e:ca:2e:90:11:a7:
43:d1:56:99:d4:4a:58:fa:3d:82:32:f5:3c:da:f6:a6:74:f5:
3d:3c:63:07:b3:e4:61:59:ff:e9:32:27:3a:ea:fe:fb:0e:6e:
37:e5:0b:a1:21:f7:0e:ad:b6:25:87:9c:a8:29:a0:27:18:d9:
28:61:fc:ef:4c:4f:2a:e5:6f:cf:a1:5d:91:c3:35:56:9f:75:
46:eb:17:d7:f5:90:99:4d:96:b8:76:09:8d:b9:3d:e8:2b:89:
cd:ef:1e:cc:9a:47:6e:50:01:5f:74:f4:ce:25:70:e3:ea:06:
ea:e8:2f:e4:85:ab:3d:1b:81:67:12:da:59:7d:2f:ae:c8:c3:
ca:85:73:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+p8xdYh93UYDXb5Zc1tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NTdjMDIwY2RjMjJiNjhkYTI2YTQ2OWY2ZmZhNmI0NDgz
NzBkMWQwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTJlMzgwZDE0MjRkMGEwOWExZjJlYzE3ZmI1OGI4MTllMTRlN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7WuAMweZNiA9OfFUsU0Z/k6H8VZ
V5Yqjcnuq91EgdSgl9Cw5wudfr5NPbQL3MW54BAs+43GEyHtx8LqntRDP7YjWfHG
gyD5TU0h+mkQkYpB5ICaRmrrt+8RpOL5Dx7mOnSRhoWzrX4RX+MCotVd0lx+0O6g
lAfv2hq38eTvfShOPD01U2TYW14RHpbq+2Qb0tpHdgqXUqJAl7aL53kxkATbEJSb
ITU8C3A9kCMtKN6IUSjT2mwjM9rpHzXGQwhDgVk4WOQKl3Y6kc/hOM64LXOrVDrq
jP3vVx4jvymQlVLRvBn0k0+ltmripsfk8qfkoNBc6EyPjfuFTc42+MT0cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEouOA0UJNCgmh8uwX+1i4GeFOftMB8GA1UdIwQY
MBaAFPRXwCDNwito2iakafb/prRINw0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAt
N2JhZmQ0M2U3ODYyLzEvU2k0NERSUWswS0NhSHk3QmY3V0xnWjRVNS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAtN2JhZmQ0M2U3ODYy
LzEvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW81SMA0G
CSqGSIb3DQEBCwUAA4IBAQCIKL6Qk2PolDuMU4N5mxgXMWlVruio8Rfo4Wd9ZAZ/
otoTeR+o7n6s0By1OdHAGlte+m7oGgTmta7adPVpWacd30In2HsUEMlWq7tYQayV
eSaaa2nw2FviSpPy8P97I2QiR1W8bSUrIHc0x+8B8Pay92K/xelW1vhuyi6QEadD
0VaZ1EpY+j2CMvU82vamdPU9PGMHs+RhWf/pMic66v77Dm435QuhIfcOrbYlh5yo
KaAnGNkoYfzvTE8q5W/PoV2RwzVWn3VG6xfX9ZCZTZa4dgmNuT3oK4nN7x7Mmkdu
UAFfdPTOJXDj6gbq6C/khas9G4FnEtpZfS+uyMPKhXNU
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:12 2025 by rpki-client