Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6tkPWD4lPm9LzhSLYmE-OSiBI_s.roa
File: 6tkPWD4lPm9LzhSLYmE-OSiBI_s.roa (raw, json)
Hash identifier: 3BT8zh5+6Pz0el+UMIw7se783+jNRjVryYhzQSVGWNo=
Subject key identifier: EA:D9:0F:58:3E:25:3E:6F:4B:CE:14:8B:62:61:3E:39:28:81:23:FB
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 018CC86F1A9811259E6167BC4B204FF5AB54
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6tkPWD4lPm9LzhSLYmE-OSiBI_s.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210315
IP address blocks: 91.231.201.0/24 maxlen: 24
91.231.200.0/24 maxlen: 24
195.88.254.0/24 maxlen: 24
195.88.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1a:98:11:25:9e:61:67:bc:4b:20:4f:f5:ab:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ead90f583e253e6f4bce148b62613e39288123fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:79:05:02:1a:b2:13:5d:3e:c8:80:88:77:cb:
6c:8b:65:f1:3e:e4:d3:ee:fa:ee:eb:e8:87:c6:53:
11:03:ca:29:e4:7b:ef:e1:2e:f4:e5:24:a1:d6:e8:
cc:30:46:45:e1:c8:77:1c:67:c9:db:82:b7:a4:bd:
b4:da:fa:8b:03:5b:68:c2:91:cd:42:a5:cc:3c:52:
4f:76:96:f2:b8:78:96:3c:85:d9:f2:b9:ec:97:85:
f7:07:8a:d2:2c:ed:8c:28:39:73:a1:77:9d:1d:6f:
64:18:4f:b2:a5:8b:64:47:de:a7:ea:80:59:db:4d:
72:22:5c:a6:d3:65:df:36:e0:bd:76:45:b6:61:60:
3b:77:c2:18:6c:03:7a:7c:7f:b6:cd:2a:ce:1e:bb:
79:f9:e2:67:bf:4c:4a:d3:5c:42:7d:47:6d:76:41:
90:cb:0b:ef:40:6b:1f:ca:28:da:a6:bc:29:90:9d:
66:00:34:a6:b5:6e:a1:0a:de:7a:4d:c8:9d:c1:15:
b9:50:42:88:6a:28:6e:c9:0e:4f:f5:68:f1:1d:76:
56:5c:48:1b:d1:b0:86:fb:21:f0:e0:e9:2b:d5:b3:
96:51:5a:af:34:e2:2d:6b:b9:5b:90:21:5f:ef:3b:
9f:5d:65:38:f2:38:b8:27:a7:84:58:d1:84:72:a7:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D9:0F:58:3E:25:3E:6F:4B:CE:14:8B:62:61:3E:39:28:81:23:FB
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6tkPWD4lPm9LzhSLYmE-OSiBI_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.200.0/23
195.88.254.0/23
Signature Algorithm: sha256WithRSAEncryption
25:25:ea:13:56:62:2d:ad:03:48:4f:17:82:de:5a:e5:77:d5:
08:32:37:7f:7e:0a:10:67:44:cf:83:89:81:82:1f:b5:7e:00:
4a:f6:88:ce:8c:1c:cb:09:18:aa:c2:3a:78:f3:f7:85:d1:7b:
c8:cf:a1:48:e1:85:6b:6f:a6:1c:f9:bd:0a:ef:26:f7:f3:3b:
0e:56:9d:17:62:c0:6d:c0:24:65:91:60:98:ca:33:fc:0c:c9:
dd:ab:87:35:b8:f0:8b:c2:26:1c:05:93:0d:dc:eb:4e:fc:2c:
86:b3:8f:14:17:25:ee:55:cc:4f:28:e6:6d:e8:76:1f:f6:6e:
26:02:b8:69:eb:d8:b7:5d:3e:b9:43:3e:22:e4:51:91:d1:2d:
e7:4d:3c:c8:5a:7d:d4:ee:b7:8a:b8:d8:4c:c5:a3:c5:fa:da:
84:f8:3d:ef:34:f3:76:df:af:1c:55:28:31:64:f1:6b:9d:6c:
e6:40:07:8e:14:2b:02:a5:e3:15:15:e5:5d:09:7f:91:27:c6:
d5:bc:a3:2d:e5:23:de:8b:ad:20:94:8d:dc:2c:9c:a5:92:78:
be:20:76:0b:ab:6b:8b:74:98:8d:fe:8f:34:72:c4:b7:05:38:
a2:0b:70:82:72:96:d5:5d:7b:43:7e:00:fd:f4:c8:84:1b:89:
e7:1d:3f:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbxqYESWeYWe8SyBP9atUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQ5MGY1ODNlMjUzZTZmNGJjZTE0OGI2MjYxM2UzOTI4ODEyM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHkFAhqyE10+yICId8tsi2XxPuTT
7vru6+iHxlMRA8op5Hvv4S705SSh1ujMMEZF4ch3HGfJ24K3pL202vqLA1towpHN
QqXMPFJPdpbyuHiWPIXZ8rnsl4X3B4rSLO2MKDlzoXedHW9kGE+ypYtkR96n6oBZ
201yIlym02XfNuC9dkW2YWA7d8IYbAN6fH+2zSrOHrt5+eJnv0xK01xCfUdtdkGQ
ywvvQGsfyijaprwpkJ1mADSmtW6hCt56TcidwRW5UEKIaihuyQ5P9WjxHXZWXEgb
0bCG+yHw4Okr1bOWUVqvNOIta7lbkCFf7zufXWU48ji4J6eEWNGEcqdbsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOrZD1g+JT5vS84Ui2JhPjkogSP7MB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvNnRrUFdENGxQbTlMemhTTFltRS1PU2lCSV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+fIAwQB
w1j+MA0GCSqGSIb3DQEBCwUAA4IBAQAlJeoTVmItrQNITxeC3lrld9UIMjd/fgoQ
Z0TPg4mBgh+1fgBK9ojOjBzLCRiqwjp48/eF0XvIz6FI4YVrb6Yc+b0K7yb38zsO
Vp0XYsBtwCRlkWCYyjP8DMndq4c1uPCLwiYcBZMN3OtO/CyGs48UFyXuVcxPKOZt
6HYf9m4mArhp69i3XT65Qz4i5FGR0S3nTTzIWn3U7reKuNhMxaPF+tqE+D3vNPN2
368cVSgxZPFrnWzmQAeOFCsCpeMVFeVdCX+RJ8bVvKMt5SPei60glI3cLJylkni+
IHYLq2uLdJiN/o80csS3BTiiC3CCcpbVXXtDfgD99MiEG4nnHT+V
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:16 2025 by rpki-client