Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/7kYlK6JkNm9RHvRkYK40BL28XSQ.roa
File: 7kYlK6JkNm9RHvRkYK40BL28XSQ.roa (raw, json)
Hash identifier: 6ji/V8fYeSFfA28wMqTLMSOgtErUGr7tLU982C0LRNU=
Subject key identifier: EE:46:25:2B:A2:64:36:6F:51:1E:F4:64:60:AE:34:04:BD:BC:5D:24
Certificate issuer: /CN=6b6cc790695b719b923c74d20fab7e63c18bc736
Certificate serial: 018CC9BC4DDC7CC7E7417E7E5C658903AF64
Authority key identifier: 6B:6C:C7:90:69:5B:71:9B:92:3C:74:D2:0F:AB:7E:63:C1:8B:C7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/7kYlK6JkNm9RHvRkYK40BL28XSQ.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206825
IP address blocks: 91.198.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:4d:dc:7c:c7:e7:41:7e:7e:5c:65:89:03:af:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b6cc790695b719b923c74d20fab7e63c18bc736
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee46252ba264366f511ef46460ae3404bdbc5d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:de:21:3f:b1:e0:92:de:e2:5e:25:15:2f:f5:
4f:4b:db:6c:7e:b9:5f:1e:79:0c:bf:7c:7b:8a:d6:
58:1a:22:fe:a6:d8:41:a3:e0:fa:88:a7:56:41:41:
02:96:5f:d6:b3:df:18:78:24:14:b6:62:e8:cf:a9:
51:1f:f2:5f:52:91:a3:b3:62:26:d7:2e:51:2d:77:
cc:f4:a0:13:da:54:27:d8:36:5b:84:55:54:88:6a:
ce:d1:cc:62:37:8c:63:94:f5:7a:81:dc:41:94:01:
32:c3:23:ac:91:e9:1a:e3:e2:e9:e1:48:00:b0:7d:
3d:fd:0d:e5:c8:0e:33:a9:c8:88:5b:3d:10:37:ff:
e6:0c:20:38:bf:bd:a5:20:20:5e:65:82:9b:d9:ad:
c6:84:a9:f1:84:88:3b:a2:a3:72:09:74:13:f8:40:
49:52:cd:23:61:3b:a9:05:7f:5e:a0:e4:14:c8:18:
4b:e9:4d:4e:13:c9:a0:e9:0c:37:e1:e7:b3:a6:38:
0c:32:6a:b3:5f:51:97:fa:8e:3a:f9:9f:9c:44:a9:
c9:10:38:cb:00:45:ad:a5:46:d8:2f:48:af:4a:53:
5c:04:23:eb:82:1e:4c:06:f7:d3:04:2a:89:37:9a:
fb:4f:a8:16:cd:0b:c3:4b:0f:eb:13:f0:7a:77:a7:
12:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:46:25:2B:A2:64:36:6F:51:1E:F4:64:60:AE:34:04:BD:BC:5D:24
X509v3 Authority Key Identifier:
keyid:6B:6C:C7:90:69:5B:71:9B:92:3C:74:D2:0F:AB:7E:63:C1:8B:C7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/7kYlK6JkNm9RHvRkYK40BL28XSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/54af68-4074-45c9-95e9-57d5f401b564/1/a2zHkGlbcZuSPHTSD6t-Y8GLxzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.238.0/24
Signature Algorithm: sha256WithRSAEncryption
45:68:1e:9c:2d:55:4e:b3:eb:f9:8b:85:ba:4f:ff:60:a3:f8:
d8:21:9d:6f:04:96:e8:b1:f2:88:79:a5:8d:5d:9b:4c:13:08:
e9:0f:4a:3a:f4:f6:3d:9b:3d:5d:bb:0d:aa:2e:df:86:bc:c7:
fd:62:a7:3c:8b:0c:0f:22:c1:b1:47:5f:c9:c7:9b:e6:cb:2c:
0a:8a:a6:c9:b5:8b:52:e5:34:07:da:35:42:b0:68:05:2d:ca:
25:09:89:55:90:44:5c:34:97:33:26:dc:41:21:3f:64:51:19:
13:62:65:b2:86:17:89:1e:20:d6:e4:9a:2b:9f:09:70:b4:da:
77:f5:20:57:a1:89:73:1a:39:27:7e:3a:66:ed:63:36:46:a7:
b7:83:9e:ed:1f:ee:0f:22:bf:a7:c2:5b:4c:28:72:ea:4f:e2:
be:82:9f:89:4c:98:8e:ce:11:b3:1c:86:a4:46:cc:5e:76:57:
48:de:17:49:51:b7:b7:17:98:36:06:53:d7:b3:d2:99:7e:59:
4f:17:d6:01:0a:41:8a:5b:fd:1c:fc:0a:5b:22:8c:f0:3a:11:
bd:68:95:04:34:9e:41:e3:8b:cc:6f:49:8a:8a:b5:48:da:4d:
07:31:87:58:ff:ec:4d:31:cc:28:d8:9b:72:90:60:91:50:c6:
ec:e9:73:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvE3cfMfnQX5+XGWJA69kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmNjNzkwNjk1YjcxOWI5MjNjNzRkMjBmYWI3ZTYzYzE4
YmM3MzYwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQ2MjUyYmEyNjQzNjZmNTExZWY0NjQ2MGFlMzQwNGJkYmM1ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt4hP7Hgkt7iXiUVL/VPS9tsfrlf
HnkMv3x7itZYGiL+pthBo+D6iKdWQUECll/Ws98YeCQUtmLoz6lRH/JfUpGjs2Im
1y5RLXfM9KAT2lQn2DZbhFVUiGrO0cxiN4xjlPV6gdxBlAEywyOskeka4+Lp4UgA
sH09/Q3lyA4zqciIWz0QN//mDCA4v72lICBeZYKb2a3GhKnxhIg7oqNyCXQT+EBJ
Us0jYTupBX9eoOQUyBhL6U1OE8mg6Qw34eezpjgMMmqzX1GX+o46+Z+cRKnJEDjL
AEWtpUbYL0ivSlNcBCPrgh5MBvfTBCqJN5r7T6gWzQvDSw/rE/B6d6cSfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5GJSuiZDZvUR70ZGCuNAS9vF0kMB8GA1UdIwQY
MBaAFGtsx5BpW3Gbkjx00g+rfmPBi8c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJ6SGtHbGJjWnVTUEhUU0Q2dC1ZOEdMeHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81NGFmNjgtNDA3NC00NWM5LTk1ZTkt
NTdkNWY0MDFiNTY0LzEvN2tZbEs2SmtObTlSSHZSa1lLNDBCTDI4WFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81NGFmNjgtNDA3NC00NWM5LTk1ZTktNTdkNWY0MDFiNTY0
LzEvYTJ6SGtHbGJjWnVTUEhUU0Q2dC1ZOEdMeHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8buMA0G
CSqGSIb3DQEBCwUAA4IBAQBFaB6cLVVOs+v5i4W6T/9go/jYIZ1vBJbosfKIeaWN
XZtMEwjpD0o69PY9mz1duw2qLt+GvMf9Yqc8iwwPIsGxR1/Jx5vmyywKiqbJtYtS
5TQH2jVCsGgFLcolCYlVkERcNJczJtxBIT9kURkTYmWyhheJHiDW5JornwlwtNp3
9SBXoYlzGjknfjpm7WM2Rqe3g57tH+4PIr+nwltMKHLqT+K+gp+JTJiOzhGzHIak
RsxedldI3hdJUbe3F5g2BlPXs9KZfllPF9YBCkGKW/0c/ApbIozwOhG9aJUENJ5B
44vMb0mKirVI2k0HMYdY/+xNMcwo2JtykGCRUMbs6XPt
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:47:38 2025 by rpki-client