Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RnSc3--bvaRrjIhAuaKnuEzEEy0.roa
File: RnSc3--bvaRrjIhAuaKnuEzEEy0.roa (raw, json)
Hash identifier: dZfXQ0zUvbisRWFoGia9HMSW+FgNbCt/Jewy6FaY3TM=
Subject key identifier: 46:74:9C:DF:EF:9B:BD:A4:6B:8C:88:40:B9:A2:A7:B8:4C:C4:13:2D
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 01942F8F7882ECB40AE7E34DF932962E3478
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RnSc3--bvaRrjIhAuaKnuEzEEy0.roa
Signing time: Sat 04 Jan 2025 04:25:19 +0000
ROA not before: Sat 04 Jan 2025 04:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.221.116.0/24 maxlen: 24
185.126.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 05:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2f:8f:78:82:ec:b4:0a:e7:e3:4d:f9:32:96:2e:34:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jan 4 04:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46749cdfef9bbda46b8c8840b9a2a7b84cc4132d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:d4:87:6a:61:68:eb:0f:97:ce:63:cf:7f:
42:7c:d9:fe:6f:c5:ce:d8:f2:93:20:a9:44:79:07:
58:2a:41:8e:51:2b:a8:ed:ba:36:a8:6e:fe:70:e8:
95:ae:b6:35:ea:34:dd:20:21:7a:55:cc:39:af:aa:
b5:89:99:e8:3c:e7:09:83:42:2f:4c:65:67:41:e6:
a7:36:9f:40:db:5b:b3:19:28:f1:10:db:39:21:de:
b7:a1:d4:65:1d:87:e1:a9:15:4a:6a:f0:a6:b9:c1:
2d:06:e3:38:44:61:68:fb:b6:4c:14:42:f6:5b:ef:
a8:68:88:04:dd:7c:da:43:0b:54:77:59:15:b5:29:
4f:be:e0:1d:d9:6f:45:a3:01:8c:84:f6:c6:a0:03:
b1:2b:34:33:a2:8c:82:6d:7b:a1:2e:36:11:d3:3a:
e1:cf:05:2c:8f:60:fc:3e:77:7e:b6:9a:d3:51:a8:
d4:6d:4b:d2:6f:6a:fb:16:f1:48:6f:8b:91:05:39:
85:6c:ac:5c:b2:df:4c:68:f1:2a:e2:12:80:cd:3d:
f4:77:f6:b7:69:f7:7f:2c:7e:5c:94:44:3d:7e:51:
b9:45:f1:f1:7b:cd:7e:e6:6d:f8:1c:b2:ce:cd:06:
81:59:c6:bc:d7:e3:08:bc:57:4b:57:45:8e:57:d2:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:74:9C:DF:EF:9B:BD:A4:6B:8C:88:40:B9:A2:A7:B8:4C:C4:13:2D
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/RnSc3--bvaRrjIhAuaKnuEzEEy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
28:94:72:6d:34:63:ab:5c:54:e2:88:dd:af:ff:94:b4:c3:67:
8f:b0:36:7d:6e:7d:65:f2:38:8d:15:53:be:0e:00:56:26:f4:
37:38:67:1c:2e:e9:a4:5d:cb:e0:91:f8:17:c5:fe:cc:f6:98:
ec:58:93:cf:8c:76:11:bf:5d:21:1c:f5:81:53:93:62:b9:32:
e6:b1:a0:89:21:8f:20:df:d9:dc:34:35:05:58:82:a1:f5:8b:
9c:ee:d6:e7:e0:30:8c:b5:b6:a3:3d:2a:34:a6:4f:ff:5b:61:
51:5d:fd:c3:e6:68:19:e4:be:5b:d0:ea:bc:53:73:45:fd:6c:
36:db:67:55:36:35:57:e7:5f:01:40:ab:83:dd:1c:ec:f8:fe:
24:45:8a:78:e6:d6:47:ae:f9:58:98:e6:f1:7a:f2:32:8f:7d:
25:99:34:3a:5b:c9:18:29:4b:1d:de:d2:6d:2f:37:6e:cc:a2:
a6:f2:26:5a:67:62:97:aa:77:14:1e:d2:9f:42:d6:16:bd:cc:
5a:0f:d9:44:cf:a9:c4:07:29:f4:67:6a:60:98:07:77:22:7a:
0d:1a:88:d1:4c:98:83:76:35:47:64:da:fd:d4:dc:25:5c:2e:
98:ea:f6:f7:5c:7d:5f:61:d3:4b:5a:af:e5:e1:7f:7b:cb:9e:
f0:25:54:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQvj3iC7LQK5+NN+TKWLjR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwMTA0MDQyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc0OWNkZmVmOWJiZGE0NmI4Yzg4NDBiOWEyYTdiODRjYzQxMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutTUh2phaOsPl85jz39CfNn+b8XO
2PKTIKlEeQdYKkGOUSuo7bo2qG7+cOiVrrY16jTdICF6Vcw5r6q1iZnoPOcJg0Iv
TGVnQeanNp9A21uzGSjxENs5Id63odRlHYfhqRVKavCmucEtBuM4RGFo+7ZMFEL2
W++oaIgE3XzaQwtUd1kVtSlPvuAd2W9FowGMhPbGoAOxKzQzooyCbXuhLjYR0zrh
zwUsj2D8Pnd+tprTUajUbUvSb2r7FvFIb4uRBTmFbKxcst9MaPEq4hKAzT30d/a3
afd/LH5clEQ9flG5RfHxe81+5m34HLLOzQaBWca81+MIvFdLV0WOV9JF+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEZ0nN/vm72ka4yIQLmip7hMxBMtMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvUm5TYzMtLWJ2YVJyakloQXVhS251RXpFRXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW910AwQB
uX6eMA0GCSqGSIb3DQEBCwUAA4IBAQAolHJtNGOrXFTiiN2v/5S0w2ePsDZ9bn1l
8jiNFVO+DgBWJvQ3OGccLumkXcvgkfgXxf7M9pjsWJPPjHYRv10hHPWBU5NiuTLm
saCJIY8g39ncNDUFWIKh9Yuc7tbn4DCMtbajPSo0pk//W2FRXf3D5mgZ5L5b0Oq8
U3NF/Ww222dVNjVX518BQKuD3Rzs+P4kRYp45tZHrvlYmObxevIyj30lmTQ6W8kY
KUsd3tJtLzduzKKm8iZaZ2KXqncUHtKfQtYWvcxaD9lEz6nEByn0Z2pgmAd3InoN
GojRTJiDdjVHZNr91NwlXC6Y6vb3XH1fYdNLWq/l4X97y57wJVQa
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:29:10 2025 by rpki-client