Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/PqYivTbBUGRa3r405njgslres4Q.roa
File: PqYivTbBUGRa3r405njgslres4Q.roa (raw, json)
Hash identifier: Xcoa4fFHTXgFWGlMr3aL34jR90wFuBSXV+WVq4qWo3M=
Subject key identifier: 3E:A6:22:BD:36:C1:50:64:5A:DE:BE:34:E6:78:E0:B2:5A:DE:B3:84
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 018CC3B698BAC9BA7D284AD83A9952AF494B
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/PqYivTbBUGRa3r405njgslres4Q.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 91.220.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:98:ba:c9:ba:7d:28:4a:d8:3a:99:52:af:49:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ea622bd36c150645adebe34e678e0b25adeb384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:85:57:07:a7:fb:89:5f:64:c3:cd:64:a3:
2c:e6:86:c8:75:6d:2a:3d:14:82:04:4b:68:bc:1d:
e0:ba:8c:f1:b5:c4:74:73:d3:1e:24:2e:97:df:a2:
3e:8c:c0:07:2c:e0:d4:c3:59:9d:76:bb:c1:82:49:
a8:b2:75:b6:68:a5:7c:06:d8:69:b7:4e:4f:67:50:
f3:be:27:6e:cd:69:27:db:18:d5:61:84:c8:bf:28:
56:7e:c3:ed:f4:70:01:31:33:27:45:3a:7c:42:86:
7c:28:a0:5b:c1:e9:0d:70:50:6c:ed:4a:a4:2b:56:
1f:1f:99:86:4a:47:21:6e:46:94:3c:68:aa:40:e2:
88:ed:28:a7:d8:93:27:89:3b:94:40:bf:c6:5a:ab:
94:80:d3:ad:7b:81:b5:67:56:67:a9:fc:25:16:97:
00:aa:7d:e3:70:68:84:18:66:36:b9:de:ba:6b:01:
41:05:ca:6d:10:4e:85:28:3f:60:83:2c:b0:df:7d:
35:e9:09:af:bc:63:cd:08:72:3c:a5:2a:90:d1:7c:
ba:63:e6:97:a3:fb:0a:aa:48:6b:3b:cf:fc:28:85:
46:b7:c2:65:16:90:5b:fc:59:f1:cf:cf:4b:80:12:
68:7a:8b:6b:13:27:79:7c:39:06:c0:ff:f2:60:90:
50:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A6:22:BD:36:C1:50:64:5A:DE:BE:34:E6:78:E0:B2:5A:DE:B3:84
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/PqYivTbBUGRa3r405njgslres4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
97:fa:6d:b7:45:07:ff:b9:27:5f:61:ea:54:d8:ab:34:db:30:
a0:fe:4e:d8:71:ef:6e:7d:83:97:5d:19:53:f9:9e:12:19:9a:
04:3a:3b:13:30:36:84:52:40:31:d3:3b:c5:8d:e2:b3:94:a9:
db:dc:ca:88:d2:cb:71:ad:e8:84:d9:88:79:bb:33:be:00:2f:
52:1a:ae:db:9a:de:90:30:80:16:14:5f:d5:37:b5:64:82:a6:
e4:66:58:f8:1c:2b:24:4c:76:ff:fe:70:2f:0e:39:cf:1e:66:
46:af:ad:8d:9a:ae:c8:64:07:b0:46:3a:26:c0:82:1e:f8:13:
6e:d0:25:93:dd:cb:e7:53:e4:46:f1:89:db:5a:00:cb:ab:49:
77:d7:aa:89:ec:f7:78:b0:90:51:4e:95:57:f4:20:70:dd:cd:
24:ef:52:06:a1:ad:38:4f:34:87:9b:c3:f2:fc:59:f5:72:b6:
46:c6:c3:f3:87:27:95:95:1b:b9:99:db:a0:81:bf:ff:f8:b0:
43:e8:eb:c1:d1:04:65:f1:91:dc:83:26:65:c8:24:d6:eb:ff:
3c:dd:4d:c5:ab:fb:12:7f:29:eb:fe:c6:4a:5f:c7:8d:2b:04:
ab:ff:47:9b:a4:e6:01:32:a8:05:c5:d3:94:6f:96:b4:e8:00:
dd:f0:a9:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpi6ybp9KErYOplSr0lLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE2MjJiZDM2YzE1MDY0NWFkZWJlMzRlNjc4ZTBiMjVhZGViMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmOFVwen+4lfZMPNZKMs5obIdW0q
PRSCBEtovB3guozxtcR0c9MeJC6X36I+jMAHLODUw1mddrvBgkmosnW2aKV8Bthp
t05PZ1DzviduzWkn2xjVYYTIvyhWfsPt9HABMTMnRTp8QoZ8KKBbwekNcFBs7Uqk
K1YfH5mGSkchbkaUPGiqQOKI7Sin2JMniTuUQL/GWquUgNOte4G1Z1ZnqfwlFpcA
qn3jcGiEGGY2ud66awFBBcptEE6FKD9ggyyw33016QmvvGPNCHI8pSqQ0Xy6Y+aX
o/sKqkhrO8/8KIVGt8JlFpBb/Fnxz89LgBJoeotrEyd5fDkGwP/yYJBQdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6mIr02wVBkWt6+NOZ44LJa3rOEMB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvUHFZaXZUYkJVR1JhM3I0MDVuamdzbHJlczRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ysMA0G
CSqGSIb3DQEBCwUAA4IBAQCX+m23RQf/uSdfYepU2Ks02zCg/k7Yce9ufYOXXRlT
+Z4SGZoEOjsTMDaEUkAx0zvFjeKzlKnb3MqI0stxreiE2Yh5uzO+AC9SGq7bmt6Q
MIAWFF/VN7VkgqbkZlj4HCskTHb//nAvDjnPHmZGr62Nmq7IZAewRjomwIIe+BNu
0CWT3cvnU+RG8YnbWgDLq0l316qJ7Pd4sJBRTpVX9CBw3c0k71IGoa04TzSHm8Py
/Fn1crZGxsPzhyeVlRu5mduggb//+LBD6OvB0QRl8ZHcgyZlyCTW6/883U3Fq/sS
fynr/sZKX8eNKwSr/0ebpOYBMqgFxdOUb5a06ADd8KkI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:43 2025 by rpki-client